From 3516cc1d09eea5f070af793a50fb6f10638f14cb Mon Sep 17 00:00:00 2001
From: Simon Arlott <70171+nomis@users.noreply.github.com>
Date: Thu, 16 Sep 2021 14:08:53 +0100
Subject: [PATCH] B #5513: Only match one LDAP match_user_regex entry (#5514)

When a match is made, the username is changed. It's then
inappropriate to attempt further matches because we're not using
the original username.

If multiple matches were made with the original username, there
could be no single modified username to return. An alternative
would be to return pairs of server and modified username.

Signed-off-by: Simon Arlott
(cherry picked from commit 721aa612326262bd1cb370743218b2632a67b306)
---
 src/authm_mad/remotes/ldap/ldap_auth.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/authm_mad/remotes/ldap/ldap_auth.rb b/src/authm_mad/remotes/ldap/ldap_auth.rb
index 359425f487..209cc5d579 100644
--- a/src/authm_mad/remotes/ldap/ldap_auth.rb
+++ b/src/authm_mad/remotes/ldap/ldap_auth.rb
@@ -274,6 +274,7 @@ def get_server_order(opts, user)
                 user = m[1] if m[1]
 
                 order << to_array(server)
+                break
             end
         end