Correct ldap username validation.

PR go-gitea#342 was only partially applied. Spaces should not be at the start and end of a username but they can be inside.
jochenrill · Nov 10, 2017 · b797de6 · b797de6
1 parent e22be08
commit b797de6
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/modules/auth/ldap/ldap.go b/modules/auth/ldap/ldap.go
@@ -69,7 +69,7 @@ func (ls *Source) sanitizedUserQuery(username string) (string, bool) {
 
 func (ls *Source) sanitizedUserDN(username string) (string, bool) {
 	// See http://tools.ietf.org/search/rfc4514: "special characters"
-	badCharacters := "\x00()*\\,='\"#+;<> "
+	badCharacters := "\x00()*\\,='\"#+;<>"
 	if strings.ContainsAny(username, badCharacters) {
 		log.Debug("'%s' contains invalid DN characters. Aborting.", username)
 		return "", false