From 1471e1e82280492d7d4ff5eba1ab27ea7f3e7998 Mon Sep 17 00:00:00 2001 From: Christoph Heiss Date: Tue, 25 Mar 2025 11:38:31 +0100 Subject: [PATCH] access: lookup: fix undef warning for case-insensitive realms Originally reported in the forum [0]. This is only a cosmetic fix and has no user-visible impact, just fixing a code warning in the syslog. Applies only for case-insensitive realms too, where Active Directory is the only type to support that. When looking up a non-existing username on case-insensitive realms, it currently returns `undef`, which then causes the following warning in the syslog: Use of uninitialized value $username in concatenation (.) or string at /usr/share/perl5/PVE/API2/AccessControl.pm line 303. authentication failure; rhost=::ffff:10.0.0.1 user= msg=user name '' is too short This now follows the logic from the common, case-sensitive path, to just return the original, given username (which is then later on validated in the auth chain). No functional changes. [0] https://forum.proxmox.com/threads/new-ad-realm-not-working-blank-username.157859/ Signed-off-by: Christoph Heiss --- src/PVE/AccessControl.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm index 7493c57..d27c07b 100644 --- a/src/PVE/AccessControl.pm +++ b/src/PVE/AccessControl.pm @@ -1231,7 +1231,7 @@ sub lookup_username { die "ambiguous case insensitive match of username '$username', cannot safely grant access!\n" if scalar @matches > 1 && !$noerr; - return $matches[0] + return $matches[0] if defined($matches[0]); } return $username;