rpms/sssd
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
387014f928
sssd/0058-ssh-handle-binary-keys-correctly.patch
Lukas Slebodnik 387014f928 Backport upstream patches for 1.15.3 pre-release 
required for building freeipa-4.5.x in rawhide
2017-04-04 16:22:51 +02:00

49 lines
1.8 KiB
Diff
Raw Blame History

From bd1fa0ec90be717c3b7796d74b6f243f40178d16 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Thu, 16 Mar 2017 12:38:08 +0100
Subject: [PATCH 58/97] ssh: handle binary keys correctly
Related to https://pagure.io/SSSD/sssd/issue/3332
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
src/responder/ssh/ssh_reply.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/responder/ssh/ssh_reply.c b/src/responder/ssh/ssh_reply.c
index 807f4ee079128b4a3f1719de890ffac6e0d5b2e0..7093e47253b5687bab387feed5299c2d0841d43c 100644
--- a/src/responder/ssh/ssh_reply.c
+++ b/src/responder/ssh/ssh_reply.c
@@ -32,6 +32,11 @@
#include "responder/common/cache_req/cache_req.h"
#include "responder/ssh/ssh_private.h"
+/* Locally used flag for libldb's ldb_message_element structure to indicate
+ * binary data. Since the related data is only used in memory it is safe. If
+ * should be used with care if libldb's I/O operations are involved. */
+#define SSS_EL_FLAG_BIN_DATA (1<<4)
+
static errno_t get_valid_certs_keys(TALLOC_CTX *mem_ctx,
struct ssh_ctx *ssh_ctx,
struct ldb_message_element *el_cert,
@@ -148,7 +153,7 @@ static errno_t decode_and_add_base64_data(struct sss_packet *packet,
}
for (d = 0; d < el->num_values; d++) {
- if (skip_base64_decode) {
+ if (skip_base64_decode || (el->flags & SSS_EL_FLAG_BIN_DATA)) {
key = el->values[d].data;
key_len = el->values[d].length;
} else {
@@ -233,6 +238,7 @@ ssh_get_output_keys(TALLOC_CTX *mem_ctx,
}
if (elements[i] != NULL) {
+ elements[i]->flags |= SSS_EL_FLAG_BIN_DATA;
num_keys += elements[i]->num_values;
i++;
}
--
2.12.2
Reference in New Issue View Git Blame Copy Permalink