From b797de64fd5d2820ee18cd8764abbf81dbc0ad99 Mon Sep 17 00:00:00 2001
From: Jochen Rill <rill@fzi.de>
Date: Fri, 10 Nov 2017 12:54:19 +0100
Subject: [PATCH] Correct ldap username validation.

PR #342 was only partially applied. Spaces should not be at the start
and end of a username but they can be inside.
---
 modules/auth/ldap/ldap.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/auth/ldap/ldap.go b/modules/auth/ldap/ldap.go
index 7754cc8182646..bb69f355877ce 100644
--- a/modules/auth/ldap/ldap.go
+++ b/modules/auth/ldap/ldap.go
@@ -69,7 +69,7 @@ func (ls *Source) sanitizedUserQuery(username string) (string, bool) {
 
 func (ls *Source) sanitizedUserDN(username string) (string, bool) {
 	// See http://tools.ietf.org/search/rfc4514: "special characters"
-	badCharacters := "\x00()*\\,='\"#+;<> "
+	badCharacters := "\x00()*\\,='\"#+;<>"
 	if strings.ContainsAny(username, badCharacters) {
 		log.Debug("'%s' contains invalid DN characters. Aborting.", username)
 		return "", false