mirror of
https://github.com/restic/rest-server.git
synced 2025-10-19 07:33:21 +00:00
htpasswd: allow underscores in usernames
This commit is contained in:
Michael Eischer
parent
096ac5a9c8
commit
48067dc896
2 changed files with 10 additions and 2 deletions
8
changelog/unreleased/issue-182
Normal file
8
changelog/unreleased/issue-182
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
Bugfix: Allow usernames containing underscore
|
||||
|
||||
The security fix in rest-server 0.11.0 (#131) disallowed usernames containing
|
||||
and underscore "_". We have changed the list of allowed characters to now include
|
||||
unicode characters, numbers, "_", "-", "." and "@".
|
||||
|
||||
https://github.com/restic/restic/issues/183
|
||||
https://github.com/restic/restic/pull/184
|
||||
|
|
@ -100,7 +100,7 @@ func (h *HtpasswdFile) throttleTimer() {
|
|||
}
|
||||
}
|
||||
|
||||
var validUsernameRegexp = regexp.MustCompile(`^[\p{L}\d@.-]+$`)
|
||||
var validUsernameRegexp = regexp.MustCompile(`^[\p{L}\d@._-]+$`)
|
||||
|
||||
// Reload reloads the htpasswd file. If the reload fails, the Users map is not changed and the error is returned.
|
||||
func (h *HtpasswdFile) Reload() error {
|
||||
|
|
@ -122,7 +122,7 @@ func (h *HtpasswdFile) Reload() error {
|
|||
users := make(map[string]string)
|
||||
for _, record := range records {
|
||||
if !validUsernameRegexp.MatchString(record[0]) {
|
||||
log.Printf("Ignoring invalid username %q in htpasswd, consists of characters other than letters", record[0])
|
||||
log.Printf("Ignoring invalid username %q in htpasswd, consists of characters other than letters, numbers, '_', '-', '.' and '@'", record[0])
|
||||
continue
|
||||
}
|
||||
users[record[0]] = record[1]
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue