Always initialize ID mapping objects
Apply a couple of patches from upstream git that resolve crashes when ID mapping object was not initialized properly but needed later
This commit is contained in:
parent
2f295ac01f
commit
af82f760d4
28
0009-Fix-segfault-in-AD-Subdomains-Module.patch
Normal file
28
0009-Fix-segfault-in-AD-Subdomains-Module.patch
Normal file
@ -0,0 +1,28 @@
|
||||
From 574061e65d3fb687b9cb2c757afa1fe92812245e Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Slebodnik <lslebodn@redhat.com>
|
||||
Date: Wed, 15 May 2013 10:09:08 +0200
|
||||
Subject: [PATCH] Fix segfault in AD Subdomains Module
|
||||
|
||||
In function ad_subdomains_get_netlogon_done:
|
||||
If variable "reply_count" is zero then variable "reply" will not be
|
||||
initialized. Therefore we should not continue.
|
||||
---
|
||||
src/providers/ad/ad_subdomains.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c
|
||||
index 1da343f8711b2b99a7afff6a4a398a1aa515a875..2ad318f63a89b2e8894ca07d007cde11867ed290 100644
|
||||
--- a/src/providers/ad/ad_subdomains.c
|
||||
+++ b/src/providers/ad/ad_subdomains.c
|
||||
@@ -307,6 +307,8 @@ static void ad_subdomains_get_netlogon_done(struct tevent_req *req)
|
||||
|
||||
if (reply_count == 0) {
|
||||
DEBUG(SSSDBG_TRACE_FUNC, ("No netlogon data available.\n"));
|
||||
+ ret = ENOENT;
|
||||
+ goto done;
|
||||
} else if (reply_count > 1) {
|
||||
DEBUG(SSSDBG_OP_FAILURE,
|
||||
("More than one netlogon info returned.\n"));
|
||||
--
|
||||
1.8.2.1
|
||||
|
36
0010-LDAP-Always-initialize-idmap-object.patch
Normal file
36
0010-LDAP-Always-initialize-idmap-object.patch
Normal file
@ -0,0 +1,36 @@
|
||||
From 392dce02615e446b3c73dfb8b4e0a19ebb86f914 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Hrozek <jhrozek@redhat.com>
|
||||
Date: Mon, 13 May 2013 10:15:09 +0200
|
||||
Subject: [PATCH] LDAP: Always initialize idmap object
|
||||
|
||||
https://fedorahosted.org/sssd/ticket/1922
|
||||
|
||||
Since we always store the SID now, we need to always initialize the ID
|
||||
mapping object in LDAP provider as well. Some users might want to
|
||||
configure the LDAP provider with ID mapping, not the AD provider itself.
|
||||
---
|
||||
src/providers/ldap/ldap_init.c | 8 +++-----
|
||||
1 file changed, 3 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c
|
||||
index 2e30c37edb707799baada3d695776ae602c6a7eb..0884a85c7d9db2c7c777caf0baebf59217076982 100644
|
||||
--- a/src/providers/ldap/ldap_init.c
|
||||
+++ b/src/providers/ldap/ldap_init.c
|
||||
@@ -155,11 +155,9 @@ int sssm_ldap_id_init(struct be_ctx *bectx,
|
||||
goto done;
|
||||
}
|
||||
|
||||
- if (dp_opt_get_bool(ctx->opts->basic, SDAP_ID_MAPPING)) {
|
||||
- /* Set up the ID mapping object */
|
||||
- ret = sdap_idmap_init(ctx, ctx, &ctx->opts->idmap_ctx);
|
||||
- if (ret != EOK) goto done;
|
||||
- }
|
||||
+ /* Set up the ID mapping object */
|
||||
+ ret = sdap_idmap_init(ctx, ctx, &ctx->opts->idmap_ctx);
|
||||
+ if (ret != EOK) goto done;
|
||||
|
||||
ret = sdap_id_setup_tasks(ctx);
|
||||
if (ret != EOK) {
|
||||
--
|
||||
1.8.2.1
|
||||
|
29
0011-Re-add-a-useful-DEBUG-message.patch
Normal file
29
0011-Re-add-a-useful-DEBUG-message.patch
Normal file
@ -0,0 +1,29 @@
|
||||
From 5aad10b49e193ee14a86e1277146a223005a2d6b Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Hrozek <jhrozek@redhat.com>
|
||||
Date: Mon, 13 May 2013 10:23:56 +0200
|
||||
Subject: [PATCH] Re-add a useful DEBUG message
|
||||
|
||||
In commit 46222e5191473f9a46aec581273eb2eef22e23be we removed a very
|
||||
similar DEBUG message while moving the whole piece of code to the idmap
|
||||
library. But it turned out that the DEBUG message was useful while
|
||||
testing the functionality, so this patch adds it back.
|
||||
---
|
||||
src/providers/ldap/sdap_idmap.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/providers/ldap/sdap_idmap.c b/src/providers/ldap/sdap_idmap.c
|
||||
index 050b2c5a768f58acd376e68a15a579e1e56894ac..43db0c83354ed2f8f112a8853ab66ab51e1d9fd2 100644
|
||||
--- a/src/providers/ldap/sdap_idmap.c
|
||||
+++ b/src/providers/ldap/sdap_idmap.c
|
||||
@@ -242,6 +242,8 @@ sdap_idmap_add_domain(struct sdap_idmap_ctx *idmap_ctx,
|
||||
ret = EIO;
|
||||
goto done;
|
||||
}
|
||||
+ DEBUG(SSSDBG_TRACE_LIBS,
|
||||
+ ("Adding domain [%s] as slice [%llu]\n", dom_sid, slice));
|
||||
|
||||
if (range.max > idmap_upper) {
|
||||
/* This should never happen */
|
||||
--
|
||||
1.8.2.1
|
||||
|
@ -16,7 +16,7 @@
|
||||
|
||||
Name: sssd
|
||||
Version: 1.10.0
|
||||
Release: 6%{?dist}.beta1
|
||||
Release: 7%{?dist}.beta1
|
||||
Group: Applications/System
|
||||
Summary: System Security Services Daemon
|
||||
License: GPLv3+
|
||||
@ -33,6 +33,9 @@ Patch0005: 0005-SSH-Use-separate-field-for-domain-name-in-client-req.patch
|
||||
Patch0006: 0006-SSH-Do-not-skip-domains-with-use_fully_qualified_nam.patch
|
||||
Patch0007: 0007-Always-update-cached-upn-if-enterprise-principals-ar.patch
|
||||
Patch0008: 0008-Enable-the-AD-dynamic-DNS-updates-by-default.patch
|
||||
Patch0009: 0009-Fix-segfault-in-AD-Subdomains-Module.patch
|
||||
Patch0010: 0010-LDAP-Always-initialize-idmap-object.patch
|
||||
Patch0011: 0011-Re-add-a-useful-DEBUG-message.patch
|
||||
|
||||
Patch0501: 0501-FEDORA-Switch-the-default-ccache-location.patch
|
||||
|
||||
@ -605,6 +608,10 @@ fi
|
||||
%postun -n libsss_sudo -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Fri May 24 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-7.beta1
|
||||
- Apply a couple of patches from upstream git that resolve crashes when
|
||||
ID mapping object was not initialized properly but needed later
|
||||
|
||||
* Tue May 14 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-6.beta1
|
||||
- Resolves: rhbz#961357 - Missing dyndns_update entry in sssd.conf during
|
||||
realm join
|
||||
|
Loading…
Reference in New Issue
Block a user