Description of problem: As per the upstream ticket https://github.com/SSSD/sssd/issues/6635 I am opening this bz. Solution provided by Tomáš Default re_expressions does not use "^" so they may skip/ignore some leading character (@ and \) Changing #define SSS_DEFAULT_RE "(?P<name>[^@]+)@?(?P<domain>[^@]*$)" to #define SSS_DEFAULT_RE "^(?P<name>[^@]+)@?(?P<domain>[^@]*$)" and similar change for SSS_IPA_AD_DEFAULT_RE will solve the issue. It will make SSSD more strict about input values. Consider that this regular expression is used also for group names and MS Windows group name can actually include @ $ grep "SSS_DEFAULT_RE" util/util.h #define SSS_DEFAULT_RE "(?P<name>[^@]+)@?(?P<domain>[^@]*$)" Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
*** Bug 2180998 has been marked as a duplicate of this bug. ***
Upstream PR: https://github.com/SSSD/sssd/pull/6646
Pushed PR: https://github.com/SSSD/sssd/pull/6646 * `master` * b78b508b1dbdb78c8d17916472a3398d67f76bbd - responder: regexp cleanup * 526aea3e8cb48dbfaabb009e06236828ad903429 - util: Improve re_expression defaults