|
 |
b2d430 |
From a711326867dd901d349c648392b55b6e318196db Mon Sep 17 00:00:00 2001
|
|
|
b2d430 |
From: Lukas Slebodnik <lslebodn@redhat.com>
|
|
|
b2d430 |
Date: Tue, 2 Aug 2016 15:20:35 +0200
|
|
|
b2d430 |
Subject: [PATCH 67/74] SDAP: sanitize member name before using in filter
|
|
|
b2d430 |
MIME-Version: 1.0
|
|
|
b2d430 |
Content-Type: text/plain; charset=UTF-8
|
|
|
b2d430 |
Content-Transfer-Encoding: 8bit
|
|
|
b2d430 |
|
|
|
b2d430 |
It caused an errors.
|
|
|
b2d430 |
|
|
|
b2d430 |
(Tue Aug 2 06:29:39 2016) [sssd[be[LDAP]]] [sysdb_cache_search_users]
|
|
|
b2d430 |
(0x2000): Search users with filter:
|
|
|
b2d430 |
(&(objectclass=user)(nameAlias=t(u)ser@ldap))
|
|
|
b2d430 |
(Tue Aug 2 06:29:39 2016) [sssd[be[LDAP]]] [sysdb_cache_search_users]
|
|
|
b2d430 |
(0x0080): Error: 5 (Input/output error)
|
|
|
b2d430 |
|
|
|
b2d430 |
Resolves:
|
|
|
b2d430 |
https://fedorahosted.org/sssd/ticket/3121
|
|
|
b2d430 |
|
|
|
b2d430 |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
b2d430 |
---
|
|
|
b2d430 |
src/providers/ldap/sdap_async_groups.c | 11 ++++++++++-
|
|
|
b2d430 |
1 file changed, 10 insertions(+), 1 deletion(-)
|
|
|
b2d430 |
|
|
|
b2d430 |
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
|
|
|
b2d430 |
index 102c1c0384be6da8732d56b7a318ded5a5132360..f19b68b8c403734f88b51a411ba0d009977d3491 100644
|
|
|
b2d430 |
--- a/src/providers/ldap/sdap_async_groups.c
|
|
|
b2d430 |
+++ b/src/providers/ldap/sdap_async_groups.c
|
|
|
b2d430 |
@@ -1501,6 +1501,7 @@ sdap_process_missing_member_2307(struct sdap_process_group_state *state,
|
|
|
b2d430 |
const char *filter;
|
|
|
b2d430 |
const char *username;
|
|
|
b2d430 |
const char *user_dn;
|
|
|
b2d430 |
+ char *sanitized_name;
|
|
|
b2d430 |
size_t count;
|
|
|
b2d430 |
struct ldb_message **msgs = NULL;
|
|
|
b2d430 |
static const char *attrs[] = { SYSDB_NAME, NULL };
|
|
|
b2d430 |
@@ -1508,8 +1509,16 @@ sdap_process_missing_member_2307(struct sdap_process_group_state *state,
|
|
|
b2d430 |
tmp_ctx = talloc_new(NULL);
|
|
|
b2d430 |
if (!tmp_ctx) return ENOMEM;
|
|
|
b2d430 |
|
|
|
b2d430 |
+ ret = sss_filter_sanitize(tmp_ctx, member_name, &sanitized_name);
|
|
|
b2d430 |
+ if (ret != EOK) {
|
|
|
b2d430 |
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
|
|
b2d430 |
+ "Failed to sanitize the given name:'%s'.\n", member_name);
|
|
|
b2d430 |
+ goto done;
|
|
|
b2d430 |
+ }
|
|
|
b2d430 |
+
|
|
|
b2d430 |
/* Check for the alias in the sysdb */
|
|
|
b2d430 |
- filter = talloc_asprintf(tmp_ctx, "(%s=%s)", SYSDB_NAME_ALIAS, member_name);
|
|
|
b2d430 |
+ filter = talloc_asprintf(tmp_ctx, "(%s=%s)", SYSDB_NAME_ALIAS,
|
|
|
b2d430 |
+ sanitized_name);
|
|
|
b2d430 |
if (!filter) {
|
|
|
b2d430 |
ret = ENOMEM;
|
|
|
b2d430 |
goto done;
|
|
|
b2d430 |
--
|
|
|
b2d430 |
2.4.11
|
|
|
b2d430 |
|