api: user: limit email to 254 characters and user comment to 2048

For email the reasoning is:

>  In addition to restrictions on syntax, there is a length limit on
>  email addresses.  That limit is a maximum of 64 characters (octets)
>  in the "local part" (before the "@") and a maximum of 255
>  characters (octets) in the domain part (after the "@") for a total
>  length of 320 characters. However, there is a restriction in RFC
>  2821 on the length of an address in MAIL and RCPT commands of 254
>  characters.  Since addresses that do not fit in those fields are
>  not normally useful, the upper limit on address lengths should
>  normally be considered to be 254.
-- https://www.rfc-editor.org/errata_search.php?rfc=3696&eid=1690

And for user-comments, we normally show those as single line and using
2048 bytes as maximum, while also a rather arbitrary number it allows
for about 2.5 times more users on a system (full name + comment can be
up to 4 KiB vs 10 KiB), and we can re-raise this relatively easily
again if there are somewhat reasonable complaints.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

diff --git a/src/PVE/API2/User.pm b/src/PVE/API2/User.pm
index 8e0f4405294c807a3f8c1dbc49752d63d9507122..489d34f3577540abcb5f75a01d7706266ec6cb07 100644 (file)
--- a/src/PVE/API2/User.pm
+++ b/src/PVE/API2/User.pm
@@ -35,12 +35,12 @@ register_standard_option('user-email', {
     type => 'string',
     optional => 1,
     format => 'email-opt',
-    maxLength => 4096,
+    maxLength => 254, # 256 including punctuation and separator is the max path as per RFC 5321
 });
 register_standard_option('user-comment', {
     type => 'string',
     optional => 1,
-    maxLength => 8192,
+    maxLength => 2048,
 });
 register_standard_option('user-keys', {
     description => "Keys for two factor auth (yubico).",