rpms/sssd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Do not write out dots in the domain-realm mapping file (#905650)

Browse Source
This commit is contained in:
Jakub Hrozek 2013-02-14 19:47:00 +01:00
parent 15e195c705
commit c7ed4e1efe
2 changed files with 74 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
0004-subdomains-replace-invalid-characters-with-underscor.patch Normal file
View File

@ -0,0 +1,69 @@
From a0388dc52f5461f72f8221c9bb7c92008e1fe2c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Fri, 1 Feb 2013 12:17:47 +0100
Subject: [PATCH] subdomains: replace invalid characters with underscore in
krb5 mapping file name
https://fedorahosted.org/sssd/ticket/1795
Only alpha-numeric chars, dashes and underscores are allowed in
krb5 include directory.
---
src/providers/ipa/ipa_subdomains.c | 26 +++++++++++++++++++++++++-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c
index ef6195d19de72be7fd2b12a309b33fcf20e0e3a1..f959c4e6eb1d830e3990f552c9f4cf962298ef48 100644
--- a/src/providers/ipa/ipa_subdomains.c
+++ b/src/providers/ipa/ipa_subdomains.c
@@ -287,22 +287,46 @@ ipa_subdomains_write_mappings(struct sss_domain_info *domain,
errno_t err;
TALLOC_CTX *tmp_ctx;
const char *mapping_file;
+ char *sanitized_domain;
char *tmp_file = NULL;
int fd = -1;
mode_t old_mode;
FILE *fstream = NULL;
size_t i;
+ if (domain == NULL || domain->name == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("No domain name provided\n"));
+ return EINVAL;
+ }
+
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) return ENOMEM;
+ sanitized_domain = talloc_strdup(tmp_ctx, domain->name);
+ if (sanitized_domain == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strdup() failed\n"));
+ return ENOMEM;
+ }
+
+ /* only alpha-numeric chars, dashes and underscores are allowed in
+ * krb5 include directory */
+ for (i = 0; sanitized_domain[i] != '\0'; i++) {
+ if (!isalnum(sanitized_domain[i])
+ && sanitized_domain[i] != '-' && sanitized_domain[i] != '_') {
+ sanitized_domain[i] = '_';
+ }
+ }
+
mapping_file = talloc_asprintf(tmp_ctx, "%s/domain_realm_%s",
- IPA_SUBDOMAIN_MAPPING_DIR, domain->name);
+ IPA_SUBDOMAIN_MAPPING_DIR, sanitized_domain);
if (!mapping_file) {
ret = ENOMEM;
goto done;
}
+ DEBUG(SSSDBG_FUNC_DATA, ("Mapping file for domain [%s] is [%s]\n",
+ domain->name, mapping_file));
+
tmp_file = talloc_asprintf(tmp_ctx, "%sXXXXXX", mapping_file);
if (tmp_file == NULL) {
ret = ENOMEM;
--
1.7.11.7

6
sssd.spec
View File

@ -16,7 +16,7 @@
Name: sssd Name: sssd
Version: 1.9.4 Version: 1.9.4
Release: 6%{?dist} Release: 7%{?dist}
Group: Applications/System Group: Applications/System
Summary: System Security Services Daemon Summary: System Security Services Daemon
License: GPLv3+ License: GPLv3+
@ -28,6 +28,7 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
Patch0001: 0001-krb-recreate-ccache-if-it-was-deleted.patch Patch0001: 0001-krb-recreate-ccache-if-it-was-deleted.patch
Patch0002: 0002-Don-t-use-srcdir-with-tests.patch Patch0002: 0002-Don-t-use-srcdir-with-tests.patch
Patch0003: 0003-krb5-include-backwards-compatible-declaration-of-krb.patch Patch0003: 0003-krb5-include-backwards-compatible-declaration-of-krb.patch
Patch0004: 0004-subdomains-replace-invalid-characters-with-underscor.patch
Patch0501: 0501-FEDORA-Switch-the-default-ccache-location.patch Patch0501: 0501-FEDORA-Switch-the-default-ccache-location.patch
@ -527,6 +528,9 @@ fi
%postun -n libsss_sudo -p /sbin/ldconfig %postun -n libsss_sudo -p /sbin/ldconfig
%changelog %changelog
* Thu Feb 14 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-7
- Do not write out dots in the domain-realm mapping file (#905650)
* Mon Feb 11 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-6 * Mon Feb 11 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-6
- Include upstream patch to build with krb5-1.11 - Include upstream patch to build with krb5-1.11