From 934970207e23db2a3f2112de08a3b42d080fd23d Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Mon, 13 Feb 2023 16:35:00 +0100 Subject: [PATCH] AuthPlain user parsing fix. #3833 This removes workarounds we had for old PCRE versions. All modern PHP releases should be workable with the Regex we have. If splitting the user line results in less than 5 results, we log an error and pad the result for further use. --- lib/plugins/authplain/_test/escaping.test.php | 38 +++------------------------ lib/plugins/authplain/auth.php | 32 +++++----------------- 2 files changed, 11 insertions(+), 59 deletions(-) diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php index 7790d9308..b33c92a8c 100644 --- a/lib/plugins/authplain/_test/escaping.test.php +++ b/lib/plugins/authplain/_test/escaping.test.php @@ -15,13 +15,13 @@ */ class helper_plugin_authplain_escaping_test extends DokuWikiTest { - protected $pluginsEnabled = array('authplainharness'); - /** @var auth_plugin_authplain|auth_plugin_authplainharness */ + protected $pluginsEnabled = array('authplain'); + /** @var auth_plugin_authplain */ protected $auth; protected function reloadUsers() { /* auth caches data loaded from file, but recreated object forces reload */ - $this->auth = new auth_plugin_authplainharness(); + $this->auth = new auth_plugin_authplain(); } function setUp() : void { @@ -83,8 +83,6 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest { // really only required for developers to ensure this plugin will // work with systems running on PCRE 6.6 and lower. public function testLineSplit(){ - $this->auth->setPregsplit_safe(false); - $names = array( 'plain', 'ut-fठ8', @@ -98,7 +96,7 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest { foreach ($names as $testname) { $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname); // escape : & \ $test_line = $userpass.$escaped.$other_user_data; - $result = $this->auth->splitUserData($test_line); + $result = $this->callInaccessibleMethod($this->auth, 'splitUserData', [$test_line]); $this->assertEquals($escaped, $result[2]); } @@ -129,31 +127,3 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest { $this->assertEquals($expected, $this->auth->cleanGroup($input)); } } - -/** - * Class auth_plugin_authplainharness - */ -class auth_plugin_authplainharness extends auth_plugin_authplain { - - /** - * @param boolean $bool - */ - public function setPregsplit_safe($bool) { - $this->pregsplit_safe = $bool; - } - - /** - * @return bool|mixed - */ - public function getPregsplit_safe(){ - return $this->pregsplit_safe; - } - - /** - * @param string $line - * @return array - */ - public function splitUserData($line){ - return parent::splitUserData($line); - } -} diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index f2dd4f9c8..e0c1b9291 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -1,4 +1,6 @@ cando['getUserCount'] = true; $this->cando['getGroups'] = true; } - - $this->pregsplit_safe = version_compare(PCRE_VERSION, '6.7', '>='); } /** @@ -435,30 +435,12 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin */ protected function splitUserData($line) { - // due to a bug in PCRE 6.6, preg_split will fail with the regex we use here - // refer github issues 877 & 885 - if ($this->pregsplit_safe) { - return preg_split('/(?=$len) break; - } elseif ($line[$i]==':') { - $row[] = $piece; - $piece = ''; - continue; - } - $piece .= $line[$i]; + $data = preg_split('/(?