Blame SOURCES/0041-UTIL-Use-sss_sanitize_dn-where-we-deal-with-DN.patch

bcb322
From a7edcbca35800ff697c002168b0d566e9563eadf Mon Sep 17 00:00:00 2001
bcb322
From: Tomas Halman <thalman@redhat.com>
bcb322
Date: Fri, 31 Jul 2020 11:21:44 +0200
bcb322
Subject: [PATCH 41/41] UTIL: Use sss_sanitize_dn where we deal with DN
bcb322
bcb322
Resolves:
bcb322
https://github.com/SSSD/sssd/issues/5261
bcb322
(cherry picked from commit 2635e1538a1ef8c01a6587ef3f28ab3367e3459f)
bcb322
---
bcb322
 src/db/sysdb_ops.c                         | 2 +-
bcb322
 src/providers/ipa/ipa_deskprofile_rules.c  | 2 +-
bcb322
 src/providers/ipa/ipa_hbac_rules.c         | 2 +-
bcb322
 src/providers/ipa/ipa_netgroups.c          | 2 +-
bcb322
 src/providers/ldap/sdap_async_groups.c     | 2 +-
bcb322
 src/providers/ldap/sdap_async_groups_ad.c  | 2 +-
bcb322
 src/providers/ldap/sdap_async_initgroups.c | 4 ++--
bcb322
 7 files changed, 8 insertions(+), 8 deletions(-)
bcb322
bcb322
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
bcb322
index b51c821ae..d4ad69e39 100644
bcb322
--- a/src/db/sysdb_ops.c
bcb322
+++ b/src/db/sysdb_ops.c
bcb322
@@ -3494,7 +3494,7 @@ errno_t sysdb_search_by_orig_dn(TALLOC_CTX *mem_ctx,
bcb322
         return ENOMEM;
bcb322
     }
bcb322
 
bcb322
-    ret = sss_filter_sanitize(tmp_ctx, member_dn, &sanitized_dn);
bcb322
+    ret = sss_filter_sanitize_dn(tmp_ctx, member_dn, &sanitized_dn);
bcb322
     if (ret != EOK) {
bcb322
         goto done;
bcb322
     }
bcb322
diff --git a/src/providers/ipa/ipa_deskprofile_rules.c b/src/providers/ipa/ipa_deskprofile_rules.c
bcb322
index 65994356e..cce6184db 100644
bcb322
--- a/src/providers/ipa/ipa_deskprofile_rules.c
bcb322
+++ b/src/providers/ipa/ipa_deskprofile_rules.c
bcb322
@@ -91,7 +91,7 @@ ipa_deskprofile_rule_info_send(TALLOC_CTX *mem_ctx,
bcb322
         goto immediate;
bcb322
     }
bcb322
 
bcb322
-    ret = sss_filter_sanitize(state, host_dn, &host_dn_clean);
bcb322
+    ret = sss_filter_sanitize_dn(state, host_dn, &host_dn_clean);
bcb322
     if (ret != EOK) {
bcb322
         goto immediate;
bcb322
     }
bcb322
diff --git a/src/providers/ipa/ipa_hbac_rules.c b/src/providers/ipa/ipa_hbac_rules.c
bcb322
index 0634a277e..e2c97ae3d 100644
bcb322
--- a/src/providers/ipa/ipa_hbac_rules.c
bcb322
+++ b/src/providers/ipa/ipa_hbac_rules.c
bcb322
@@ -84,7 +84,7 @@ ipa_hbac_rule_info_send(TALLOC_CTX *mem_ctx,
bcb322
         goto immediate;
bcb322
     }
bcb322
 
bcb322
-    ret = sss_filter_sanitize(state, host_dn, &host_dn_clean);
bcb322
+    ret = sss_filter_sanitize_dn(state, host_dn, &host_dn_clean);
bcb322
     if (ret != EOK) goto immediate;
bcb322
 
bcb322
     state->ev = ev;
bcb322
diff --git a/src/providers/ipa/ipa_netgroups.c b/src/providers/ipa/ipa_netgroups.c
bcb322
index 05ebac758..e14f48fb0 100644
bcb322
--- a/src/providers/ipa/ipa_netgroups.c
bcb322
+++ b/src/providers/ipa/ipa_netgroups.c
bcb322
@@ -376,7 +376,7 @@ static void ipa_get_netgroups_process(struct tevent_req *subreq)
bcb322
             continue;
bcb322
         }
bcb322
 
bcb322
-        ret = sss_filter_sanitize(state, orig_dn, &dn;;
bcb322
+        ret = sss_filter_sanitize_dn(state, orig_dn, &dn;;
bcb322
         if (ret != EOK) {
bcb322
             goto done;
bcb322
         }
bcb322
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
bcb322
index 09e15bc3d..abe2ed275 100644
bcb322
--- a/src/providers/ldap/sdap_async_groups.c
bcb322
+++ b/src/providers/ldap/sdap_async_groups.c
bcb322
@@ -52,7 +52,7 @@ static int sdap_find_entry_by_origDN(TALLOC_CTX *memctx,
bcb322
         return ENOMEM;
bcb322
     }
bcb322
 
bcb322
-    ret = sss_filter_sanitize(tmpctx, orig_dn, &sanitized_dn);
bcb322
+    ret = sss_filter_sanitize_dn(tmpctx, orig_dn, &sanitized_dn);
bcb322
     if (ret != EOK) {
bcb322
         ret = ENOMEM;
bcb322
         goto done;
bcb322
diff --git a/src/providers/ldap/sdap_async_groups_ad.c b/src/providers/ldap/sdap_async_groups_ad.c
bcb322
index 3f842b26d..c954398bb 100644
bcb322
--- a/src/providers/ldap/sdap_async_groups_ad.c
bcb322
+++ b/src/providers/ldap/sdap_async_groups_ad.c
bcb322
@@ -91,7 +91,7 @@ sdap_get_ad_match_rule_members_send(TALLOC_CTX *mem_ctx,
bcb322
     }
bcb322
 
bcb322
     /* Sanitize it in case we have special characters in DN */
bcb322
-    ret = sss_filter_sanitize(state, group_dn, &sanitized_group_dn);
bcb322
+    ret = sss_filter_sanitize_dn(state, group_dn, &sanitized_group_dn);
bcb322
     if (ret != EOK) {
bcb322
         DEBUG(SSSDBG_MINOR_FAILURE,
bcb322
               "Could not sanitize group DN: %s\n",
bcb322
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
bcb322
index 620782b6f..055bdaefc 100644
bcb322
--- a/src/providers/ldap/sdap_async_initgroups.c
bcb322
+++ b/src/providers/ldap/sdap_async_initgroups.c
bcb322
@@ -1647,7 +1647,7 @@ static struct tevent_req *sdap_initgr_rfc2307bis_send(
bcb322
                                attr_filter, &state->attrs, NULL);
bcb322
     if (ret != EOK) goto done;
bcb322
 
bcb322
-    ret = sss_filter_sanitize(state, orig_dn, &clean_orig_dn);
bcb322
+    ret = sss_filter_sanitize_dn(state, orig_dn, &clean_orig_dn);
bcb322
     if (ret != EOK) goto done;
bcb322
 
bcb322
     use_id_mapping = sdap_idmap_domain_has_algorithmic_mapping(
bcb322
@@ -2429,7 +2429,7 @@ static errno_t rfc2307bis_nested_groups_step(struct tevent_req *req)
bcb322
         goto done;
bcb322
     }
bcb322
 
bcb322
-    ret = sss_filter_sanitize(tmp_ctx, state->orig_dn, &clean_orig_dn);
bcb322
+    ret = sss_filter_sanitize_dn(tmp_ctx, state->orig_dn, &clean_orig_dn);
bcb322
     if (ret != EOK) {
bcb322
         goto done;
bcb322
     }
bcb322
-- 
bcb322
2.21.3
bcb322