rpms/cyrus-imapd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix regression while retrieving ldap group names

Browse Source 
Resolves: RHEL-61691
This commit is contained in:
Martin Osvald 2024-10-29 05:35:21 +01:00
parent 74ad97956b
commit 7f02a4454c
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cyrus-imapd.spec
View File

@ -9,7 +9,7 @@
Name: cyrus-imapd Name: cyrus-imapd
Version: 3.0.7 Version: 3.0.7
Release: 26%{?dist} Release: 27%{?dist}
%define ssl_pem_file_prefix /etc/pki/%name/%name %define ssl_pem_file_prefix /etc/pki/%name/%name
@ -54,6 +54,8 @@ Patch13: cyrus-squatter-assert-crash.patch
Patch14: cyrus-imapd-load-tombstones-for-cleanup.patch Patch14: cyrus-imapd-load-tombstones-for-cleanup.patch
# https://github.com/cyrusimap/cyrus-imapd/commit/ed1a17b09e2e03788852e122f213b88352bc24b9 # https://github.com/cyrusimap/cyrus-imapd/commit/ed1a17b09e2e03788852e122f213b88352bc24b9
Patch15: cyrus-imapd-ptclient-canonification_across_multiple_domains.patch Patch15: cyrus-imapd-ptclient-canonification_across_multiple_domains.patch
# https://github.com/cyrusimap/cyrus-imapd/commit/1152ce70af232fc4200bbeca18961f99e12d73df
Patch16: patch-cyrus-ldap-group-retriaval
Source10: cyrus-imapd.logrotate Source10: cyrus-imapd.logrotate
Source11: cyrus-imapd.pam-config Source11: cyrus-imapd.pam-config
@ -691,6 +693,10 @@ getent passwd cyrus >/dev/null || /usr/sbin/useradd -c "Cyrus IMAP Server" -d /v
%changelog %changelog
* Tue Oct 29 2024 Martin Osvald <mosvald@redhat.com> - 3.0.7-27
- Fix regression while retrieving ldap group names
- Resolves: RHEL-61691
* Mon Jul 01 2024 Martin Osvald <mosvald@redhat.com> - 3.0.7-26 * Mon Jul 01 2024 Martin Osvald <mosvald@redhat.com> - 3.0.7-26
- Update fmf plans and gating for c8s - Update fmf plans and gating for c8s

32
patch-cyrus-ldap-group-retriaval Normal file
View File

@ -0,0 +1,32 @@
commit 1152ce70af232fc4200bbeca18961f99e12d73df
Author: Felix Schumacher <felix.schumacher@internetallee.de>
Date: Wed Feb 6 19:02:11 2019 +0100
Return correct group names when groups are resolved by filter
This fixes an regression, that was introduced with 61f5296c0d727faee4726525a6812b200d946d83.
Back then the logic was changed from len(vals) != 1 to two if clauses len(vals) < 1 and len(vals) > 1
which logged errors and an else clause (which matched the correct number of len(val) == 1) that
got the old error handling code.
diff --git a/ptclient/ldap.c b/ptclient/ldap.c
index 40c9adee3..457951928 100644
--- a/ptclient/ldap.c
+++ b/ptclient/ldap.c
@@ -1336,11 +1336,15 @@ static int ptsmodule_make_authstate_filter(
syslog(LOG_ERR, "No values for attribute '%s' on entry '%s'",
ptsm->member_attribute,
errdn);
+ *reply = "no values";
+ rc = PTSM_FAIL;
+ ldap_value_free(vals);
+ vals = NULL;
+ goto done;
} else if (ldap_count_values(vals) > 1) {
syslog(LOG_ERR, "Too many values for attribute '%s' on entry '%s'",
ptsm->member_attribute,
errdn);
- } else {
*reply = "too many values";
rc = PTSM_FAIL;
ldap_value_free(vals);