From unknown Thu Apr 09 09:46:11 2026
X-Loop: owner@bugs.x2go.org
Subject: Bug#574: x2goserver username length increasing proposal
Reply-To: Andrey Igoshin <ai@vsu.ru>, 574@bugs.x2go.org
Resent-From: Andrey Igoshin <ai@vsu.ru>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: X2Go Developers <x2go-dev@lists.x2go.org>
X-Loop: owner@bugs.x2go.org
Resent-Date: Mon, 18 Aug 2014 14:15:01 +0000
Resent-Message-ID: <handler.574.B.140837115614481@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: report 574
X-X2Go-PR-Package: x2goserver
X-X2Go-PR-Keywords: 
Received: via spool by submit@bugs.x2go.org id=B.140837115614481
          (code B); Mon, 18 Aug 2014 14:15:01 +0000
Received: (at submit) by bugs.x2go.org; 18 Aug 2014 14:12:36 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=ham
	version=3.3.2
Received: from relay1.vsu.ru (relay1.vsu.ru [62.76.169.14])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id BE9BB5DB11
	for <submit@bugs.x2go.org>; Mon, 18 Aug 2014 16:12:34 +0200 (CEST)
Received: by relay1.vsu.ru (CommuniGate Pro PIPE 6.0.9)
  with PIPE id 417450313; Mon, 18 Aug 2014 18:12:34 +0400
Received: from [62.76.169.33] (account ai@vsu.ru HELO netman.localnet)
  by vsu.ru (CommuniGate Pro SMTP 6.0.9)
  with ESMTPSA id 417450308 for submit@bugs.x2go.org; Mon, 18 Aug 2014 18:12:27 +0400
From: Andrey Igoshin <ai@vsu.ru>
To: submit@bugs.x2go.org
Date: Mon, 18 Aug 2014 18:12:26 +0400
Message-ID: <2119196.86GLfQC4vT@netman>
User-Agent: KMail/4.13.3 (Linux/3.13.0-34-generic; KDE/4.13.3; x86_64; ; )
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="nextPart4441476.9pNfHBIz2q"
Content-Transfer-Encoding: 7Bit

This is a multi-part message in MIME format.

--nextPart4441476.9pNfHBIz2q
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"

Package: x2goserver
Version: 4.1.0.0-0~1055~ubuntu14.04.1

x2goserver username length increasing proposal


details:

i propose to increase username length. only sanitizer should be changed.
db length for session_id (500) is ok.

patch attached.


-- 
Andrey Igoshin <ai@vsu.ru>               Voronezh State University
sip:            ai@vsu.ru                Network Operation Center
phone: +7 473 2281160, ext. 2020         Voronezh, Russia
--nextPart4441476.9pNfHBIz2q
Content-Disposition: attachment; filename="x2goserver-username-length.diff"
Content-Transfer-Encoding: 7Bit
Content-Type: text/x-patch; charset="UTF-8"; name="x2goserver-username-length.diff"

--- Utils.pm.ORIG	2014-08-18 11:44:34.000000000 +0400
+++ Utils.pm	2014-08-18 17:58:47.657697766 +0400
@@ -132,8 +132,8 @@
 		$string =~ s/[^a-zA-Z0-9\_\-\$\.\@]//g;
 		if ($string =~ /^([a-zA-Z0-9\_\-\$\.\@]*)$/) {
 			$string = $1;
-			if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,31}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-]*\_dp[\d]{1,2}$/) {
-				if ((length($1) > 0) and (length($1) < 32)){
+			if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,47}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-]*\_dp[\d]{1,2}$/) {
+				if ((length($1) > 0) and (length($1) < 48)){
 					return $string;
 				} else {return 0;}
 			} else {return 0;}

--nextPart4441476.9pNfHBIz2q--