New upstream release 1.14.0

- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.1
This commit is contained in:
Lukas Slebodnik 2016-08-19 17:49:47 +02:00
parent 0e7292f369
commit 6bce0a242d
4 changed files with 32 additions and 72 deletions

1
.gitignore vendored
View File

@ -71,3 +71,4 @@ sssd-1.2.91.tar.gz
/sssd-1.14.0alpha.tar.gz /sssd-1.14.0alpha.tar.gz
/sssd-1.14.0beta1.tar.gz /sssd-1.14.0beta1.tar.gz
/sssd-1.14.0.tar.gz /sssd-1.14.0.tar.gz
/sssd-1.14.1.tar.gz

View File

@ -1,61 +0,0 @@
From 43e2cc0fdb715b89c13dac126ac8382ef0e756cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C5=BDidek?= <mzidek@redhat.com>
Date: Tue, 12 Jul 2016 12:11:18 +0200
Subject: [PATCH] dyndns: Add checks for NULL
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes:
https://fedorahosted.org/sssd/ticket/3076
We segfaulted in this area once. This patch
makes the code more defensive and adds
some DEBUG messages.
Normally the structures are filled in online
and/or resolve callbacks.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
---
src/providers/ipa/ipa_dyndns.c | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/src/providers/ipa/ipa_dyndns.c b/src/providers/ipa/ipa_dyndns.c
index 7217c61452e7ead2949a9f7d57b2f2fc58953af1..dc910770c771d4b7a7ee62d25be7c48e16c988a7 100644
--- a/src/providers/ipa/ipa_dyndns.c
+++ b/src/providers/ipa/ipa_dyndns.c
@@ -160,10 +160,30 @@ ipa_dyndns_update_send(struct ipa_options *ctx)
if (req == NULL) {
return NULL;
}
state->ipa_ctx = ctx;
+ /* The following three checks are here to prevent SEGFAULT
+ * from ticket #3076. */
+ if (ctx->service == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "service structure not initialized\n");
+ ret = EINVAL;
+ goto done;
+ }
+
+ if (ctx->service->sdap == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "sdap structure not initialized\n");
+ ret = EINVAL;
+ goto done;
+ }
+
+ if (ctx->service->sdap->uri == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "LDAP uri not set\n");
+ ret = EINVAL;
+ goto done;
+ }
+
if (ctx->dyndns_ctx->last_refresh + 60 > time(NULL) ||
ctx->dyndns_ctx->timer_in_progress) {
DEBUG(SSSDBG_FUNC_DATA, "Last periodic update ran recently or timer "
"in progress, not scheduling another update\n");
tevent_req_done(req);
--
2.7.4

View File

@ -1 +1 @@
2e1e5176d87ee829e3f92bb4f538789e sssd-1.14.0.tar.gz cb79e3a391a537fd2be487d822bbf7c1 sssd-1.14.1.tar.gz

View File

@ -14,6 +14,7 @@
%global with_krb5_localauth_plugin 1 %global with_krb5_localauth_plugin 1
%global enable_systemtap 1
%global enable_systemtap_opt --enable-systemtap %global enable_systemtap_opt --enable-systemtap
%global libwbc_alternatives_version 0.12 %global libwbc_alternatives_version 0.12
@ -24,8 +25,8 @@
%endif %endif
Name: sssd Name: sssd
Version: 1.14.0 Version: 1.14.1
Release: 5%{?dist} Release: 1%{?dist}
Group: Applications/System Group: Applications/System
Summary: System Security Services Daemon Summary: System Security Services Daemon
License: GPLv3+ License: GPLv3+
@ -35,9 +36,6 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
### Patches ### ### Patches ###
# Band-aid for RHBZ #1366403
Patch0001: 0001-dyndns-Add-checks-for-NULL.patch
### Dependencies ### ### Dependencies ###
Requires: sssd-common = %{version}-%{release} Requires: sssd-common = %{version}-%{release}
@ -56,6 +54,7 @@ Requires: python3-sssdconfig = %{version}-%{release}
%global mcpath %{sssdstatedir}/mc %global mcpath %{sssdstatedir}/mc
%global pubconfpath %{sssdstatedir}/pubconf %global pubconfpath %{sssdstatedir}/pubconf
%global gpocachepath %{sssdstatedir}/gpo_cache %global gpocachepath %{sssdstatedir}/gpo_cache
%global secdbpath %{sssdstatedir}/secrets
### Build Dependencies ### ### Build Dependencies ###
@ -106,7 +105,7 @@ BuildRequires: systemd-devel
BuildRequires: cifs-utils-devel BuildRequires: cifs-utils-devel
%endif %endif
BuildRequires: libnfsidmap-devel BuildRequires: libnfsidmap-devel
BuildRequires: samba4-devel >= 4.0.0-59beta2 BuildRequires: samba4-devel
BuildRequires: libsmbclient-devel BuildRequires: libsmbclient-devel
BuildRequires: systemtap-sdt-devel BuildRequires: systemtap-sdt-devel
BuildRequires: http-parser-devel BuildRequires: http-parser-devel
@ -133,7 +132,7 @@ Conflicts: sssd < 1.10.0-8%{?dist}.beta2
Requires: sssd-client%{?_isa} = %{version}-%{release} Requires: sssd-client%{?_isa} = %{version}-%{release}
Requires: libsss_sudo = %{version}-%{release} Requires: libsss_sudo = %{version}-%{release}
Requires: libsss_autofs%{?_isa} = %{version}-%{release} Requires: libsss_autofs%{?_isa} = %{version}-%{release}
Requires: libsss_idmap%{?_isa} = %{version}-%{release} Requires: libsss_idmap = %{version}-%{release}
Requires(post): systemd-units chkconfig Requires(post): systemd-units chkconfig
Requires(preun): systemd-units chkconfig Requires(preun): systemd-units chkconfig
Requires(postun): systemd-units chkconfig Requires(postun): systemd-units chkconfig
@ -517,6 +516,16 @@ License: GPLv3+ and LGPLv3+
The idmap_sss module provides a way for Winbind to call SSSD to map UIDs/GIDs The idmap_sss module provides a way for Winbind to call SSSD to map UIDs/GIDs
and SIDs. and SIDs.
%package nfs-idmap
Summary: SSSD plug-in for NFSv4 rpc.idmapd
Group: Applications/System
License: GPLv3+
%description nfs-idmap
The libnfsidmap sssd module provides a way for rpc.idmapd to call SSSD to map
UIDs/GIDs to names and vice versa. It can be also used for mapping principal
(user) name to IDs(UID or GID) or to obtain groups which user are member of.
%prep %prep
# Update timestamps on the files touched by a patch, to avoid non-equal # Update timestamps on the files touched by a patch, to avoid non-equal
# .pyc/.pyo files across the multilib peers within a build, where "Level" # .pyc/.pyo files across the multilib peers within a build, where "Level"
@ -689,6 +698,8 @@ done
%doc src/examples/sssd-example.conf %doc src/examples/sssd-example.conf
%{_sbindir}/sssd %{_sbindir}/sssd
%{_unitdir}/sssd.service %{_unitdir}/sssd.service
%{_unitdir}/sssd-secrets.socket
%{_unitdir}/sssd-secrets.service
%dir %{_libexecdir}/%{servicename} %dir %{_libexecdir}/%{servicename}
%{_libexecdir}/%{servicename}/sssd_be %{_libexecdir}/%{servicename}/sssd_be
@ -713,9 +724,6 @@ done
%{_libdir}/%{name}/libsss_util.so %{_libdir}/%{name}/libsss_util.so
%{_libdir}/%{name}/libsss_semanage.so %{_libdir}/%{name}/libsss_semanage.so
# 3rd party application libraries
%{_libdir}/libnfsidmap/sss.so
%{ldb_modulesdir}/memberof.so %{ldb_modulesdir}/memberof.so
%{_bindir}/sss_ssh_authorizedkeys %{_bindir}/sss_ssh_authorizedkeys
%{_bindir}/sss_ssh_knownhostsproxy %{_bindir}/sss_ssh_knownhostsproxy
@ -726,6 +734,7 @@ done
%dir %{_localstatedir}/cache/krb5rcache %dir %{_localstatedir}/cache/krb5rcache
%attr(700,root,root) %dir %{dbpath} %attr(700,root,root) %dir %{dbpath}
%attr(755,root,root) %dir %{mcpath} %attr(755,root,root) %dir %{mcpath}
%attr(700,root,root) %dir %{secdbpath}
%ghost %attr(0644,root,root) %verify(not md5 size mtime) %{mcpath}/passwd %ghost %attr(0644,root,root) %verify(not md5 size mtime) %{mcpath}/passwd
%ghost %attr(0644,root,root) %verify(not md5 size mtime) %{mcpath}/group %ghost %attr(0644,root,root) %verify(not md5 size mtime) %{mcpath}/group
%ghost %attr(0644,root,root) %verify(not md5 size mtime) %{mcpath}/initgroups %ghost %attr(0644,root,root) %verify(not md5 size mtime) %{mcpath}/initgroups
@ -991,14 +1000,21 @@ done
%{_libdir}/samba/idmap/sss.so %{_libdir}/samba/idmap/sss.so
%{_mandir}/man8/idmap_sss.8* %{_mandir}/man8/idmap_sss.8*
%files nfs-idmap
%{_libdir}/libnfsidmap/sss.so
%post common %post common
%systemd_post sssd.service %systemd_post sssd.service
%systemd_post sssd-secrets.socket
%preun common %preun common
%systemd_preun sssd.service %systemd_preun sssd.service
%systemd_preun sssd-secrets.socket
%postun common %postun common
%systemd_postun_with_restart sssd.service %systemd_postun_with_restart sssd.service
%systemd_postun_with_restart sssd-secrets.socket
%systemd_postun_with_restart sssd-secrets.service
%if (0%{?with_cifs_utils_plugin} == 1) %if (0%{?with_cifs_utils_plugin} == 1)
%post client %post client
@ -1067,6 +1083,10 @@ fi
%{_libdir}/%{name}/modules/libwbclient.so %{_libdir}/%{name}/modules/libwbclient.so
%changelog %changelog
* Fri Aug 19 2016 Lukas Slebodnik <lslebodn@redhat.com> - 1.14.1-1
- New upstream release 1.14.0
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.1
* Mon Aug 15 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.14.0-5 * Mon Aug 15 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.14.0-5
- Add workaround patch for RHBZ #1366403 - Add workaround patch for RHBZ #1366403