That regex should be a lot more accurate in what it allows - if it's good enough for the HTML spec, it should be for us too.
Signed-off-by: Christoph Heiss <c.he...@proxmox.com> --- proxmox-installer-common/Cargo.toml | 1 + proxmox-installer-common/src/options.rs | 29 ++++++++++++++++++++++++- proxmox-tui-installer/Cargo.toml | 1 - proxmox-tui-installer/src/main.rs | 18 +++++---------- 4 files changed, 34 insertions(+), 15 deletions(-) diff --git a/proxmox-installer-common/Cargo.toml b/proxmox-installer-common/Cargo.toml index 70f828a..e151b0e 100644 --- a/proxmox-installer-common/Cargo.toml +++ b/proxmox-installer-common/Cargo.toml @@ -8,6 +8,7 @@ exclude = [ "build", "debian" ] homepage = "https://www.proxmox.com" [dependencies] +anyhow.workspace = true regex = "1.7" serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" diff --git a/proxmox-installer-common/src/options.rs b/proxmox-installer-common/src/options.rs index e77914b..1962f87 100644 --- a/proxmox-installer-common/src/options.rs +++ b/proxmox-installer-common/src/options.rs @@ -1,5 +1,8 @@ +use anyhow::{bail, Result}; +use regex::Regex; use serde::Deserialize; use std::net::{IpAddr, Ipv4Addr}; +use std::sync::OnceLock; use std::{cmp, fmt}; use crate::setup::{ @@ -327,6 +330,8 @@ impl TimezoneOptions { } } +const EMAIL_DEFAULT_PLACEHOLDER: &str = "mail@example.invalid"; + #[derive(Clone, Debug)] pub struct PasswordOptions { pub email: String, @@ -336,7 +341,7 @@ pub struct PasswordOptions { impl Default for PasswordOptions { fn default() -> Self { Self { - email: "mail@example.invalid".to_string(), + email: EMAIL_DEFAULT_PLACEHOLDER.to_owned(), root_password: String::new(), } } @@ -418,6 +423,28 @@ impl NetworkOptions { } } +/// Validates an email address using the regex for <input type="email" /> elements +/// as defined in the HTML specification [0]. +/// Using that /should/ cover all possible cases that are encountered in the wild. +/// +/// It additionally checks whether the email our default email placeholder value. +/// +/// [0] https://html.spec.whatwg.org/multipage/input.html#valid-e-mail-address +pub fn email_validate(email: &str) -> Result<()> { + static RE: OnceLock<Regex> = OnceLock::new(); + let re = RE.get_or_init(|| { + Regex::new(r"^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$").unwrap() + }); + + if !re.is_match(email) { + bail!("Email does not look like a valid address (u...@domain.tld)") + } else if email == EMAIL_DEFAULT_PLACEHOLDER { + bail!("Invalid (default) email address") + } + + Ok(()) +} + #[cfg(test)] mod tests { use super::*; diff --git a/proxmox-tui-installer/Cargo.toml b/proxmox-tui-installer/Cargo.toml index fc653f0..d3087d8 100644 --- a/proxmox-tui-installer/Cargo.toml +++ b/proxmox-tui-installer/Cargo.toml @@ -11,5 +11,4 @@ homepage = "https://www.proxmox.com" cursive = { version = "0.20.0", default-features = false, features = ["termion-backend"] } serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" -regex = "1.7" proxmox-installer-common = { path = "../proxmox-installer-common" } diff --git a/proxmox-tui-installer/src/main.rs b/proxmox-tui-installer/src/main.rs index a24fb0b..67dd479 100644 --- a/proxmox-tui-installer/src/main.rs +++ b/proxmox-tui-installer/src/main.rs @@ -13,13 +13,11 @@ use cursive::{ Cursive, CursiveRunnable, ScreenId, View, XY, }; -use regex::Regex; - mod options; use options::InstallerOptions; use proxmox_installer_common::{ - options::{BootdiskOptions, NetworkOptions, PasswordOptions, TimezoneOptions}, + options::{email_validate, BootdiskOptions, NetworkOptions, PasswordOptions, TimezoneOptions}, setup::{installer_setup, LocaleInfo, ProxmoxProduct, RuntimeInfo, SetupInfo}, utils::Fqdn, }; @@ -448,18 +446,12 @@ fn password_dialog(siv: &mut Cursive) -> InstallerView { .get_value::<EditView, _>(2) .ok_or("failed to retrieve email")?; - let email_regex = - Regex::new(r"^[\w\+\-\~]+(\.[\w\+\-\~]+)*@[a-zA-Z0-9\-]+(\.[a-zA-Z0-9\-]+)*$") - .unwrap(); - if root_password.len() < 5 { - Err("password too short, must be at least 5 characters long") + Err("password too short, must be at least 5 characters long".to_owned()) } else if root_password != confirm_password { - Err("passwords do not match") - } else if email == "mail@example.invalid" { - Err("invalid email address") - } else if !email_regex.is_match(&email) { - Err("Email does not look like a valid address (u...@domain.tld)") + Err("passwords do not match".to_owned()) + } else if let Err(err) = email_validate(&email) { + Err(err.to_string()) } else { Ok(PasswordOptions { root_password, -- 2.44.0 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel