diff --git a/0001-FAST-when-parsing-krb5_child-response-make-sure-to-n.patch b/0001-FAST-when-parsing-krb5_child-response-make-sure-to-n.patch new file mode 100644 index 0000000..2fc86ab --- /dev/null +++ b/0001-FAST-when-parsing-krb5_child-response-make-sure-to-n.patch @@ -0,0 +1,46 @@ +From 153efc74ff188c12c03e9578c6fb1d39c69ef5d7 Mon Sep 17 00:00:00 2001 +From: Alexander Bokovoy +Date: Tue, 24 Dec 2013 13:01:46 +0200 +Subject: [PATCH] FAST: when parsing krb5_child response, make sure to not miss + OTP message if it was last one + +The last message in the stream might be with empty payload which means we get +only message type and message length (0) returned, i.e. 8 bytes left remaining +in the stream after processing preceding message. This makes our calculation at +the end of a message processing loop incorrect -- p+2*sizeof(int32_t) can be +equal to len, after all. + +Fixes FAST processing for FreeIPA native OTP case: +https://fedorahosted.org/sssd/ticket/2186 +--- + src/providers/krb5/krb5_child_handler.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/providers/krb5/krb5_child_handler.c b/src/providers/krb5/krb5_child_handler.c +index 92dec0d2afb1627b61c3dd1037e91546a7ee08d6..d6c1dc1f9707444a82e433a375839cadf73f1259 100644 +--- a/src/providers/krb5/krb5_child_handler.c ++++ b/src/providers/krb5/krb5_child_handler.c +@@ -548,8 +548,9 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, + * CCACHE_ENV_NAME"=". pref_len also counts the trailing '=' because + * sizeof() counts the trailing '\0' of a string. */ + pref_len = sizeof(CCACHE_ENV_NAME); +- if (msg_len > pref_len && +- strncmp((const char *) &buf[p], CCACHE_ENV_NAME"=", pref_len) == 0) { ++ if ((msg_type == SSS_PAM_ENV_ITEM) && ++ (msg_len > pref_len) && ++ (strncmp((const char *) &buf[p], CCACHE_ENV_NAME"=", pref_len) == 0)) { + ccname = (char *) &buf[p+pref_len]; + ccname_len = msg_len-pref_len; + } +@@ -600,7 +601,7 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, + + p += msg_len; + +- if ((p < len) && (p + 2*sizeof(int32_t) >= len)) { ++ if ((p < len) && (p + 2*sizeof(int32_t) > len)) { + DEBUG(SSSDBG_CRIT_FAILURE, + ("The remainder of the message is too short.\n")); + return EINVAL; +-- +1.8.5.3 + diff --git a/sssd.spec b/sssd.spec index 90289d5..8f24508 100644 --- a/sssd.spec +++ b/sssd.spec @@ -14,7 +14,7 @@ Name: sssd Version: 1.11.3 -Release: 1%{?dist} +Release: 2%{?dist} Group: Applications/System Summary: System Security Services Daemon License: GPLv3+ @@ -23,6 +23,7 @@ Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) ### Patches ### +Patch0001: 0001-FAST-when-parsing-krb5_child-response-make-sure-to-n.patch Patch0602: 0602-FEDORA-Add-CIFS-idmap-plugin.patch ### Dependencies ### @@ -730,6 +731,9 @@ fi %postun -n libsss_idmap -p /sbin/ldconfig %changelog +* Tue Feb 11 2013 Jakub Hrozek - 1.11.3-2 +- Handle OTP response from FreeIPA server gracefully + * Wed Oct 30 2013 Jakub Hrozek - 1.11.3-1 - New upstream release 1.11.3 - Remove upstreamed patches