X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=blobdiff_plain;f=PVE%2FAccessControl.pm;h=6c04b47d550346d5fb938fb0da5cd697a194994b;hp=f018826a913485b6f2c8212cbcf63f1ee34af0c8;hb=845cf3a36358efeea602d66ad0ddee253cce0a97;hpb=2c3a6c0aaac7fbdaeb26bc5a596d21e897f3343a

diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index f018826..6c04b47 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -351,7 +351,7 @@ sub authenticate_user {
 
     if (!user_enabled($usercfg, $username)) {
 	sleep(2);
-	die "no such user ('$username')\n"
+	die "no such user ('$username')\n";
     }
 
     my $ctime = time();
@@ -552,7 +552,7 @@ my $valid_attributes = {
 	server1 => '[\w\d]+(.[\w\d]+)*',
 	server2 => '[\w\d]+(.[\w\d]+)*',
 	domain => '\S+',
-	port => '\d*',
+	port => '\d+',
 	secure => '',
 	comment => '.*',
     },
@@ -562,7 +562,7 @@ my $valid_attributes = {
 	base_dn => '\w+=[\w\s]+(,\s*\w+=[\w\s]+)*',
 	user_attr => '\S{2,}',
 	secure => '',
-	port => '\d*',
+	port => '\d+',
 	comment => '.*',
     }
 };
@@ -899,7 +899,7 @@ sub write_domains {
 		    $wrote_default = 1;
 	    } elsif (defined($formats->{$k})) {
 		if (!$formats->{$k}) {
-		    $data .= "\t$k\n";
+		    $data .= "\t$k\n" if $v;
 		} elsif ($v =~ m/^$formats->{$k}$/) {
 		    $v = PVE::Tools::encode_text($v) if $k eq 'comment';
 		    $data .= "\t$k $v\n";
@@ -994,6 +994,8 @@ sub parse_domains {
 		warn "ignoring domain '$realm' - missing user attribute\n";
 	    } elsif (($entry->{type} eq "ldap") && !$entry->{base_dn}) {
 		warn "ignoring domain '$realm' - missing base_dn attribute\n";
+	    } elsif (($entry->{type} eq "ad") && !$entry->{domain}) {
+		warn "ignoring domain '$realm' - missing domain attribute\n";
 	    } else {
 		$cfg->{$realm} = $entry;
 	    }
@@ -1045,7 +1047,7 @@ sub write_user_config {
 	my $lastname = $d->{lastname} ? PVE::Tools::encode_text($d->{lastname}) : '';
 	my $email = $d->{email} || '';
 	my $comment = $d->{comment} ? PVE::Tools::encode_text($d->{comment}) : '';
-	my $expire = int($d->{expire}) || 0;
+	my $expire = int($d->{expire} || 0);
 	my $enable = $d->{enable} ? 1 : 0;
 	$data .= "user:$user:$enable:$expire:$firstname:$lastname:$email:$comment:\n";
     }