From 788fd7f1d8eefbf1f2fa496f71a3fa32cb1ed553 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Mon, 15 Sep 2014 10:24:04 +0200 Subject: [PATCH] Remove upstreamed patch --- ...hes-by-SID-in-apply_subdomain_homedi.patch | 69 ------------------- 1 file changed, 69 deletions(-) delete mode 100644 0001-IPA-handle-searches-by-SID-in-apply_subdomain_homedi.patch diff --git a/0001-IPA-handle-searches-by-SID-in-apply_subdomain_homedi.patch b/0001-IPA-handle-searches-by-SID-in-apply_subdomain_homedi.patch deleted file mode 100644 index 3d94b32..0000000 --- a/0001-IPA-handle-searches-by-SID-in-apply_subdomain_homedi.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 82347f452febe3cbffc36b0a3308ffb462515442 Mon Sep 17 00:00:00 2001 -From: Jakub Hrozek -Date: Tue, 12 Aug 2014 10:32:33 +0200 -Subject: [PATCH] IPA: handle searches by SID in apply_subdomain_homedir - -https://fedorahosted.org/sssd/ticket/2391 - -apply_subdomain_homedir() didn't handle the situation where an entity -that doesn't match was requested from the cache. For user and group -lookups this wasn't a problem because the negative match was caught -sooner. - -But SID lookups can match either user or group. When a group SID was -requested, the preceding LDAP request matched the SID and stored the -group in the cache. Then apply_subdomain_homedir() only tried to search -user by SID, didn't find the entry and accessed a NULL pointer. - -A simple reproducer is: -$ python ->>> import pysss_nss_idmap ->>> pysss_nss_idmap.getnamebysid(group_sid) - -The group_sid can be anything, including Domain Users (XXX-513) - -Reviewed-by: Jakub Hrozek ---- - src/providers/ipa/ipa_subdomains_id.c | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/src/providers/ipa/ipa_subdomains_id.c b/src/providers/ipa/ipa_subdomains_id.c -index 113bc6c06f82bc631b3efa92b87a1cadc7f22605..659bc7c2cba4fd9e4d8b07d79efaa6feede35cb9 100644 ---- a/src/providers/ipa/ipa_subdomains_id.c -+++ b/src/providers/ipa/ipa_subdomains_id.c -@@ -498,6 +498,9 @@ apply_subdomain_homedir(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom, - - if (filter_type == BE_FILTER_NAME) { - ret = sysdb_getpwnam(mem_ctx, dom, filter_value, &res); -+ if (res && res->count == 0) { -+ ret = ENOENT; -+ } - } else if (filter_type == BE_FILTER_IDNUM) { - errno = 0; - uid = strtouint32(filter_value, NULL, 10); -@@ -506,6 +509,9 @@ apply_subdomain_homedir(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom, - goto done; - } - ret = sysdb_getpwuid(mem_ctx, dom, uid, &res); -+ if (res && res->count == 0) { -+ ret = ENOENT; -+ } - } else if (filter_type == BE_FILTER_SECID) { - ret = sysdb_search_user_by_sid_str(mem_ctx, dom, filter_value, - attrs, &msg); -@@ -521,10 +527,9 @@ apply_subdomain_homedir(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom, - "Failed to make request to our cache: [%d]: [%s]\n", - ret, sss_strerror(ret)); - goto done; -- } -- -- if ((res && res->count == 0) || (msg && msg->num_elements == 0)) { -- ret = ENOENT; -+ } else if (ret == ENOENT) { -+ DEBUG(SSSDBG_TRACE_FUNC, "Cannot find [%s] with search type [%d]\n", -+ filter_value, filter_type); - goto done; - } - --- -1.9.3