From 46bf00797cc8ff6bc88e69192d5488e7becbcf91 Mon Sep 17 00:00:00 2001
From: Stephane de Labrusse <stephdl@de-labrusse.fr>
Date: Tue, 30 Apr 2024 14:30:50 +0200
Subject: [PATCH] Fix LDAP dn splitting issue in get-password-policy handlers

---
 imageroot/actions/get-password-policy/50get_password_policy | 5 +++--
 imageroot/api-moduled/handlers/get-configuration/post       | 5 +++--
 imageroot/api-moduled/handlers/get-password-policy/post     | 5 +++--
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/imageroot/actions/get-password-policy/50get_password_policy b/imageroot/actions/get-password-policy/50get_password_policy
index 30f9fdc..973d7bf 100755
--- a/imageroot/actions/get-password-policy/50get_password_policy
+++ b/imageroot/actions/get-password-policy/50get_password_policy
@@ -31,8 +31,9 @@ ppolicy = {
         "complexity_check": False,
     }
 }
-
-for line in ldapsearch_proc.stdout.split("\n"):
+# In case of long LDAP dn we could have a \n inside the dn, so we can't split 
+# split only if we got a line that ends with a \n$, which is the separator
+for line in ldapsearch_proc.stdout.split("\n$"):
     if not line:
         continue
 
diff --git a/imageroot/api-moduled/handlers/get-configuration/post b/imageroot/api-moduled/handlers/get-configuration/post
index f303c53..f356079 100755
--- a/imageroot/api-moduled/handlers/get-configuration/post
+++ b/imageroot/api-moduled/handlers/get-configuration/post
@@ -31,8 +31,9 @@ ppolicy = {
         "complexity_check": False,
     }
 }
-
-for line in ldapsearch_proc.stdout.split("\n"):
+# In case of long LDAP dn we could have a \n inside the dn, so we can't split 
+# split only if we got a line that ends with a \n$, which is the separator
+for line in ldapsearch_proc.stdout.split("\n$"):
     if not line:
         continue
 
diff --git a/imageroot/api-moduled/handlers/get-password-policy/post b/imageroot/api-moduled/handlers/get-password-policy/post
index ef7bbfa..dd4d18c 100755
--- a/imageroot/api-moduled/handlers/get-password-policy/post
+++ b/imageroot/api-moduled/handlers/get-password-policy/post
@@ -31,8 +31,9 @@ ppolicy = {
         "complexity_check": False,
     }
 }
-
-for line in ldapsearch_proc.stdout.split("\n"):
+# In case of long LDAP dn we could have a \n inside the dn, so we can't split 
+# split only if we got a line that ends with a \n$, which is the separator
+for line in ldapsearch_proc.stdout.split("\n$"):
     if not line:
         continue