Fix potential crash with external groups in trusted IPA-AD setup
This commit is contained in:
parent
0fd198bcce
commit
54e39be6cc
32
0004-IPA-server-mode-properly-initialize-ext_groups.patch
Normal file
32
0004-IPA-server-mode-properly-initialize-ext_groups.patch
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
From 3d6fb8fcaa650d1da60a2e575847bd6fcfa08c72 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Sumit Bose <sbose@redhat.com>
|
||||||
|
Date: Wed, 16 Oct 2013 10:45:52 +0200
|
||||||
|
Subject: [PATCH] IPA server mode: properly initialize ext_groups
|
||||||
|
|
||||||
|
---
|
||||||
|
src/providers/ipa/ipa_subdomains.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c
|
||||||
|
index bfbdabf..ea55f70 100644
|
||||||
|
--- a/src/providers/ipa/ipa_subdomains.c
|
||||||
|
+++ b/src/providers/ipa/ipa_subdomains.c
|
||||||
|
@@ -1305,13 +1305,14 @@ int ipa_ad_subdom_init(struct be_ctx *be_ctx,
|
||||||
|
return EINVAL;
|
||||||
|
}
|
||||||
|
|
||||||
|
- id_ctx->server_mode = talloc(id_ctx, struct ipa_server_mode_ctx);
|
||||||
|
+ id_ctx->server_mode = talloc_zero(id_ctx, struct ipa_server_mode_ctx);
|
||||||
|
if (id_ctx->server_mode == NULL) {
|
||||||
|
return ENOMEM;
|
||||||
|
}
|
||||||
|
id_ctx->server_mode->realm = realm;
|
||||||
|
id_ctx->server_mode->hostname = hostname;
|
||||||
|
id_ctx->server_mode->trusts = NULL;
|
||||||
|
+ id_ctx->server_mode->ext_groups = NULL;
|
||||||
|
|
||||||
|
return EOK;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.8.3.1
|
||||||
|
|
@ -8,7 +8,7 @@
|
|||||||
|
|
||||||
Name: sssd
|
Name: sssd
|
||||||
Version: 1.11.1
|
Version: 1.11.1
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
Group: Applications/System
|
Group: Applications/System
|
||||||
Summary: System Security Services Daemon
|
Summary: System Security Services Daemon
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
@ -20,6 +20,7 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
|||||||
Patch0001: 0001-krb5-Remove-ability-to-create-public-directories.patch
|
Patch0001: 0001-krb5-Remove-ability-to-create-public-directories.patch
|
||||||
Patch0002: 0002-krb5-Fix-unit-tests.patch
|
Patch0002: 0002-krb5-Fix-unit-tests.patch
|
||||||
Patch0003: 0003-AD-properly-intitialize-GC-from-ad_server-option.patch
|
Patch0003: 0003-AD-properly-intitialize-GC-from-ad_server-option.patch
|
||||||
|
Patch0004: 0004-IPA-server-mode-properly-initialize-ext_groups.patch
|
||||||
|
|
||||||
### Dependencies ###
|
### Dependencies ###
|
||||||
Requires: sssd-common = %{version}-%{release}
|
Requires: sssd-common = %{version}-%{release}
|
||||||
@ -707,6 +708,9 @@ fi
|
|||||||
%postun -n libsss_idmap -p /sbin/ldconfig
|
%postun -n libsss_idmap -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Oct 16 2013 Sumit Bose <sbose@redhat.com> - 1.11.1-4
|
||||||
|
- Fix potential crash with external groups in trusted IPA-AD setup
|
||||||
|
|
||||||
* Tue Oct 08 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.11.1-3
|
* Tue Oct 08 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.11.1-3
|
||||||
- Fix failover from Global Catalog to LDAP in case GC is not available
|
- Fix failover from Global Catalog to LDAP in case GC is not available
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user