rpms
/
sssd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
sssd/0002-subdomains-replace-inv...

70 lines
2.4 KiB
Diff
Raw Permalink Blame History

From a0388dc52f5461f72f8221c9bb7c92008e1fe2c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Fri, 1 Feb 2013 12:17:47 +0100
Subject: [PATCH] subdomains: replace invalid characters with underscore in
krb5 mapping file name
https://fedorahosted.org/sssd/ticket/1795
Only alpha-numeric chars, dashes and underscores are allowed in
krb5 include directory.
---
src/providers/ipa/ipa_subdomains.c | 26 +++++++++++++++++++++++++-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c
index ef6195d19de72be7fd2b12a309b33fcf20e0e3a1..f959c4e6eb1d830e3990f552c9f4cf962298ef48 100644
--- a/src/providers/ipa/ipa_subdomains.c
+++ b/src/providers/ipa/ipa_subdomains.c
@@ -287,22 +287,46 @@ ipa_subdomains_write_mappings(struct sss_domain_info *domain,
errno_t err;
TALLOC_CTX *tmp_ctx;
const char *mapping_file;
+ char *sanitized_domain;
char *tmp_file = NULL;
int fd = -1;
mode_t old_mode;
FILE *fstream = NULL;
size_t i;
+ if (domain == NULL || domain->name == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("No domain name provided\n"));
+ return EINVAL;
+ }
+
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) return ENOMEM;
+ sanitized_domain = talloc_strdup(tmp_ctx, domain->name);
+ if (sanitized_domain == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strdup() failed\n"));
+ return ENOMEM;
+ }
+
+ /* only alpha-numeric chars, dashes and underscores are allowed in
+ * krb5 include directory */
+ for (i = 0; sanitized_domain[i] != '\0'; i++) {
+ if (!isalnum(sanitized_domain[i])
+ && sanitized_domain[i] != '-' && sanitized_domain[i] != '_') {
+ sanitized_domain[i] = '_';
+ }
+ }
+
mapping_file = talloc_asprintf(tmp_ctx, "%s/domain_realm_%s",
- IPA_SUBDOMAIN_MAPPING_DIR, domain->name);
+ IPA_SUBDOMAIN_MAPPING_DIR, sanitized_domain);
if (!mapping_file) {
ret = ENOMEM;
goto done;
}
+ DEBUG(SSSDBG_FUNC_DATA, ("Mapping file for domain [%s] is [%s]\n",
+ domain->name, mapping_file));
+
tmp_file = talloc_asprintf(tmp_ctx, "%sXXXXXX", mapping_file);
if (tmp_file == NULL) {
ret = ENOMEM;
--
1.7.11.7
Reference in New Issue View Git Blame Copy Permalink