|
 |
435830 |
From 6f25f357e3d000f6ad750bc336d24f8402e896af Mon Sep 17 00:00:00 2001
|
|
|
435830 |
From: Sumit Bose <sbose@redhat.com>
|
|
|
435830 |
Date: Thu, 19 Nov 2015 11:42:39 +0100
|
|
|
435830 |
Subject: [PATCH] IPA: fix override with the same name
|
|
|
435830 |
|
|
|
435830 |
If the user name of a AD user is overridden with the name itself in an
|
|
|
435830 |
IPA override object SSSD adds this name twice to the alias list causing
|
|
|
435830 |
an ldb error when trying to write the user object to the cache. As a
|
|
|
435830 |
result the user is not available.
|
|
|
435830 |
|
|
|
435830 |
This patch makes sure that there are no duplicated alias names.
|
|
|
435830 |
|
|
|
435830 |
Resolves https://fedorahosted.org/sssd/ticket/2874
|
|
|
435830 |
|
|
|
435830 |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
435830 |
(cherry picked from commit aedc71fe8360a51785933523f14bb5c4e7e2c38b)
|
|
|
435830 |
---
|
|
|
435830 |
src/db/sysdb.c | 18 ++++++++--
|
|
|
435830 |
src/db/sysdb.h | 4 ++-
|
|
|
435830 |
src/providers/ipa/ipa_s2n_exop.c | 13 +++----
|
|
|
435830 |
src/tests/sysdb-tests.c | 78 ++++++++++++++++++++++++++++++++++++++++
|
|
|
435830 |
4 files changed, 103 insertions(+), 10 deletions(-)
|
|
|
435830 |
|
|
|
435830 |
diff --git a/src/db/sysdb.c b/src/db/sysdb.c
|
|
|
435830 |
index 07a83a8a8e30df1b8e461a8d04866f2dbc53baf8..a71364d7c4b600eafd10fafa6641eac7b2292764 100644
|
|
|
435830 |
--- a/src/db/sysdb.c
|
|
|
435830 |
+++ b/src/db/sysdb.c
|
|
|
435830 |
@@ -598,7 +598,7 @@ int sysdb_attrs_add_string(struct sysdb_attrs *attrs,
|
|
|
435830 |
return sysdb_attrs_add_val(attrs, name, &v);
|
|
|
435830 |
}
|
|
|
435830 |
|
|
|
435830 |
-int sysdb_attrs_add_lower_case_string(struct sysdb_attrs *attrs,
|
|
|
435830 |
+int sysdb_attrs_add_lower_case_string(struct sysdb_attrs *attrs, bool safe,
|
|
|
435830 |
const char *name, const char *str)
|
|
|
435830 |
{
|
|
|
435830 |
char *lc_str;
|
|
|
435830 |
@@ -614,7 +614,11 @@ int sysdb_attrs_add_lower_case_string(struct sysdb_attrs *attrs,
|
|
|
435830 |
return ENOMEM;
|
|
|
435830 |
}
|
|
|
435830 |
|
|
|
435830 |
- ret = sysdb_attrs_add_string(attrs, name, lc_str);
|
|
|
435830 |
+ if (safe) {
|
|
|
435830 |
+ ret = sysdb_attrs_add_string_safe(attrs, name, lc_str);
|
|
|
435830 |
+ } else {
|
|
|
435830 |
+ ret = sysdb_attrs_add_string(attrs, name, lc_str);
|
|
|
435830 |
+ }
|
|
|
435830 |
talloc_free(lc_str);
|
|
|
435830 |
|
|
|
435830 |
return ret;
|
|
|
435830 |
@@ -729,7 +733,15 @@ int sysdb_attrs_add_time_t(struct sysdb_attrs *attrs,
|
|
|
435830 |
int sysdb_attrs_add_lc_name_alias(struct sysdb_attrs *attrs,
|
|
|
435830 |
const char *value)
|
|
|
435830 |
{
|
|
|
435830 |
- return sysdb_attrs_add_lower_case_string(attrs, SYSDB_NAME_ALIAS, value);
|
|
|
435830 |
+ return sysdb_attrs_add_lower_case_string(attrs, false, SYSDB_NAME_ALIAS,
|
|
|
435830 |
+ value);
|
|
|
435830 |
+}
|
|
|
435830 |
+
|
|
|
435830 |
+int sysdb_attrs_add_lc_name_alias_safe(struct sysdb_attrs *attrs,
|
|
|
435830 |
+ const char *value)
|
|
|
435830 |
+{
|
|
|
435830 |
+ return sysdb_attrs_add_lower_case_string(attrs, true, SYSDB_NAME_ALIAS,
|
|
|
435830 |
+ value);
|
|
|
435830 |
}
|
|
|
435830 |
|
|
|
435830 |
int sysdb_attrs_copy_values(struct sysdb_attrs *src,
|
|
|
435830 |
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
|
|
|
435830 |
index 9e28b5c6691f3710e3051d9746ac5fa47aff8424..3fa3f040708a4984158206d66a1d28a079091cf7 100644
|
|
|
435830 |
--- a/src/db/sysdb.h
|
|
|
435830 |
+++ b/src/db/sysdb.h
|
|
|
435830 |
@@ -315,7 +315,7 @@ int sysdb_attrs_add_string_safe(struct sysdb_attrs *attrs,
|
|
|
435830 |
const char *name, const char *str);
|
|
|
435830 |
int sysdb_attrs_add_string(struct sysdb_attrs *attrs,
|
|
|
435830 |
const char *name, const char *str);
|
|
|
435830 |
-int sysdb_attrs_add_lower_case_string(struct sysdb_attrs *attrs,
|
|
|
435830 |
+int sysdb_attrs_add_lower_case_string(struct sysdb_attrs *attrs, bool safe,
|
|
|
435830 |
const char *name, const char *str);
|
|
|
435830 |
int sysdb_attrs_add_mem(struct sysdb_attrs *attrs, const char *name,
|
|
|
435830 |
const void *mem, size_t size);
|
|
|
435830 |
@@ -329,6 +329,8 @@ int sysdb_attrs_add_time_t(struct sysdb_attrs *attrs,
|
|
|
435830 |
const char *name, time_t value);
|
|
|
435830 |
int sysdb_attrs_add_lc_name_alias(struct sysdb_attrs *attrs,
|
|
|
435830 |
const char *value);
|
|
|
435830 |
+int sysdb_attrs_add_lc_name_alias_safe(struct sysdb_attrs *attrs,
|
|
|
435830 |
+ const char *value);
|
|
|
435830 |
int sysdb_attrs_copy_values(struct sysdb_attrs *src,
|
|
|
435830 |
struct sysdb_attrs *dst,
|
|
|
435830 |
const char *name);
|
|
|
435830 |
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
|
|
|
435830 |
index 1e6368dc7ef1a6f60b541409f7f6740d602f0d43..bcd11749fbde4cae2a47b9b2182138ae04f2d6bc 100644
|
|
|
435830 |
--- a/src/providers/ipa/ipa_s2n_exop.c
|
|
|
435830 |
+++ b/src/providers/ipa/ipa_s2n_exop.c
|
|
|
435830 |
@@ -1804,10 +1804,11 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom,
|
|
|
435830 |
ret = sysdb_attrs_get_string(attrs->sysdb_attrs,
|
|
|
435830 |
SYSDB_DEFAULT_OVERRIDE_NAME, &tmp_str);
|
|
|
435830 |
if (ret == EOK) {
|
|
|
435830 |
- ret = sysdb_attrs_add_lc_name_alias(attrs->sysdb_attrs, tmp_str);
|
|
|
435830 |
+ ret = sysdb_attrs_add_lc_name_alias_safe(attrs->sysdb_attrs,
|
|
|
435830 |
+ tmp_str);
|
|
|
435830 |
if (ret != EOK) {
|
|
|
435830 |
DEBUG(SSSDBG_OP_FAILURE,
|
|
|
435830 |
- "sysdb_attrs_add_lc_name_alias failed.\n");
|
|
|
435830 |
+ "sysdb_attrs_add_lc_name_alias_safe failed.\n");
|
|
|
435830 |
goto done;
|
|
|
435830 |
}
|
|
|
435830 |
} else if (ret != ENOENT) {
|
|
|
435830 |
@@ -1876,10 +1877,10 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom,
|
|
|
435830 |
}
|
|
|
435830 |
}
|
|
|
435830 |
|
|
|
435830 |
- ret = sysdb_attrs_add_lc_name_alias(attrs->sysdb_attrs, name);
|
|
|
435830 |
+ ret = sysdb_attrs_add_lc_name_alias_safe(attrs->sysdb_attrs, name);
|
|
|
435830 |
if (ret != EOK) {
|
|
|
435830 |
DEBUG(SSSDBG_OP_FAILURE,
|
|
|
435830 |
- "sysdb_attrs_add_lc_name_alias failed.\n");
|
|
|
435830 |
+ "sysdb_attrs_add_lc_name_alias_safe failed.\n");
|
|
|
435830 |
goto done;
|
|
|
435830 |
}
|
|
|
435830 |
|
|
|
435830 |
@@ -2133,10 +2134,10 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom,
|
|
|
435830 |
}
|
|
|
435830 |
DEBUG(SSSDBG_TRACE_FUNC, "Processing group %s\n", name);
|
|
|
435830 |
|
|
|
435830 |
- ret = sysdb_attrs_add_lc_name_alias(attrs->sysdb_attrs, name);
|
|
|
435830 |
+ ret = sysdb_attrs_add_lc_name_alias_safe(attrs->sysdb_attrs, name);
|
|
|
435830 |
if (ret != EOK) {
|
|
|
435830 |
DEBUG(SSSDBG_OP_FAILURE,
|
|
|
435830 |
- "sysdb_attrs_add_lc_name_alias failed.\n");
|
|
|
435830 |
+ "sysdb_attrs_add_lc_name_alias_safe failed.\n");
|
|
|
435830 |
goto done;
|
|
|
435830 |
}
|
|
|
435830 |
|
|
|
435830 |
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
|
|
|
435830 |
index 522a44aa4d5c0da6d10bba10d960fff9426200c1..0b091f741ce158713ed383ad3d98dfea25f388ed 100644
|
|
|
435830 |
--- a/src/tests/sysdb-tests.c
|
|
|
435830 |
+++ b/src/tests/sysdb-tests.c
|
|
|
435830 |
@@ -4690,6 +4690,7 @@ START_TEST(test_sysdb_attrs_add_lc_name_alias)
|
|
|
435830 |
int ret;
|
|
|
435830 |
struct sysdb_attrs *attrs;
|
|
|
435830 |
const char *str;
|
|
|
435830 |
+ char **list = NULL;
|
|
|
435830 |
|
|
|
435830 |
ret = sysdb_attrs_add_lc_name_alias(NULL, NULL);
|
|
|
435830 |
fail_unless(ret == EINVAL, "EINVAL not returned for NULL input");
|
|
|
435830 |
@@ -4706,6 +4707,82 @@ START_TEST(test_sysdb_attrs_add_lc_name_alias)
|
|
|
435830 |
"Unexpected value, expected [%s], got [%s]",
|
|
|
435830 |
LC_NAME_ALIAS_CHECK_VAL, str);
|
|
|
435830 |
|
|
|
435830 |
+ /* Add the same value a second time, it is not recommended to do this on
|
|
|
435830 |
+ * purpose but the test should illustrate the different to
|
|
|
435830 |
+ * sysdb_attrs_add_lc_name_alias_safe(). */
|
|
|
435830 |
+ ret = sysdb_attrs_add_lc_name_alias(attrs, LC_NAME_ALIAS_TEST_VAL);
|
|
|
435830 |
+ fail_unless(ret == EOK, "sysdb_attrs_add_lc_name_alias failed");
|
|
|
435830 |
+
|
|
|
435830 |
+ ret = sysdb_attrs_get_string_array(attrs, SYSDB_NAME_ALIAS, attrs, &list);
|
|
|
435830 |
+ fail_unless(ret == EOK, "sysdb_attrs_get_string_array failed");
|
|
|
435830 |
+ fail_unless(list != NULL, "No list returned");
|
|
|
435830 |
+ fail_unless(list[0] != NULL, "Missing first list element");
|
|
|
435830 |
+ fail_unless(strcmp(list[0], LC_NAME_ALIAS_CHECK_VAL) == 0,
|
|
|
435830 |
+ "Unexpected value, expected [%s], got [%s]",
|
|
|
435830 |
+ LC_NAME_ALIAS_CHECK_VAL, list[0]);
|
|
|
435830 |
+ fail_unless(list[1] != NULL, "Missing second list element");
|
|
|
435830 |
+ fail_unless(strcmp(list[1], LC_NAME_ALIAS_CHECK_VAL) == 0,
|
|
|
435830 |
+ "Unexpected value, expected [%s], got [%s]",
|
|
|
435830 |
+ LC_NAME_ALIAS_CHECK_VAL, list[1]);
|
|
|
435830 |
+ fail_unless(list[2] == NULL, "Missing list terminator");
|
|
|
435830 |
+
|
|
|
435830 |
+ talloc_free(attrs);
|
|
|
435830 |
+}
|
|
|
435830 |
+END_TEST
|
|
|
435830 |
+
|
|
|
435830 |
+START_TEST(test_sysdb_attrs_add_lc_name_alias_safe)
|
|
|
435830 |
+{
|
|
|
435830 |
+ int ret;
|
|
|
435830 |
+ struct sysdb_attrs *attrs;
|
|
|
435830 |
+ const char *str;
|
|
|
435830 |
+ char **list = NULL;
|
|
|
435830 |
+
|
|
|
435830 |
+ ret = sysdb_attrs_add_lc_name_alias_safe(NULL, NULL);
|
|
|
435830 |
+ fail_unless(ret == EINVAL, "EINVAL not returned for NULL input");
|
|
|
435830 |
+
|
|
|
435830 |
+ attrs = sysdb_new_attrs(NULL);
|
|
|
435830 |
+ fail_unless(attrs != NULL, "sysdb_new_attrs failed");
|
|
|
435830 |
+
|
|
|
435830 |
+ ret = sysdb_attrs_add_lc_name_alias_safe(attrs, LC_NAME_ALIAS_TEST_VAL);
|
|
|
435830 |
+ fail_unless(ret == EOK, "sysdb_attrs_add_lc_name_alias failed");
|
|
|
435830 |
+
|
|
|
435830 |
+ ret = sysdb_attrs_get_string(attrs, SYSDB_NAME_ALIAS, &str);
|
|
|
435830 |
+ fail_unless(ret == EOK, "sysdb_attrs_get_string failed");
|
|
|
435830 |
+ fail_unless(strcmp(str, LC_NAME_ALIAS_CHECK_VAL) == 0,
|
|
|
435830 |
+ "Unexpected value, expected [%s], got [%s]",
|
|
|
435830 |
+ LC_NAME_ALIAS_CHECK_VAL, str);
|
|
|
435830 |
+
|
|
|
435830 |
+ /* Adding the same value a second time should be ignored */
|
|
|
435830 |
+ ret = sysdb_attrs_add_lc_name_alias_safe(attrs, LC_NAME_ALIAS_TEST_VAL);
|
|
|
435830 |
+ fail_unless(ret == EOK, "sysdb_attrs_add_lc_name_alias failed");
|
|
|
435830 |
+
|
|
|
435830 |
+ ret = sysdb_attrs_get_string_array(attrs, SYSDB_NAME_ALIAS, attrs, &list);
|
|
|
435830 |
+ fail_unless(ret == EOK, "sysdb_attrs_get_string_array failed");
|
|
|
435830 |
+ fail_unless(list != NULL, "No list returned");
|
|
|
435830 |
+ fail_unless(list[0] != NULL, "Missing first list element");
|
|
|
435830 |
+ fail_unless(strcmp(list[0], LC_NAME_ALIAS_CHECK_VAL) == 0,
|
|
|
435830 |
+ "Unexpected value, expected [%s], got [%s]",
|
|
|
435830 |
+ LC_NAME_ALIAS_CHECK_VAL, list[0]);
|
|
|
435830 |
+ fail_unless(list[1] == NULL, "Missing list terminator");
|
|
|
435830 |
+
|
|
|
435830 |
+ /* Adding different value */
|
|
|
435830 |
+ ret = sysdb_attrs_add_lc_name_alias_safe(attrs,
|
|
|
435830 |
+ "2nd_" LC_NAME_ALIAS_TEST_VAL);
|
|
|
435830 |
+ fail_unless(ret == EOK, "sysdb_attrs_add_lc_name_alias failed");
|
|
|
435830 |
+
|
|
|
435830 |
+ ret = sysdb_attrs_get_string_array(attrs, SYSDB_NAME_ALIAS, attrs, &list);
|
|
|
435830 |
+ fail_unless(ret == EOK, "sysdb_attrs_get_string_array failed");
|
|
|
435830 |
+ fail_unless(list != NULL, "No list returned");
|
|
|
435830 |
+ fail_unless(list[0] != NULL, "Missing first list element");
|
|
|
435830 |
+ fail_unless(strcmp(list[0], LC_NAME_ALIAS_CHECK_VAL) == 0,
|
|
|
435830 |
+ "Unexpected value, expected [%s], got [%s]",
|
|
|
435830 |
+ LC_NAME_ALIAS_CHECK_VAL, list[0]);
|
|
|
435830 |
+ fail_unless(list[1] != NULL, "Missing first list element");
|
|
|
435830 |
+ fail_unless(strcmp(list[1], "2nd_" LC_NAME_ALIAS_CHECK_VAL) == 0,
|
|
|
435830 |
+ "Unexpected value, expected [%s], got [%s]",
|
|
|
435830 |
+ "2nd_" LC_NAME_ALIAS_CHECK_VAL, list[1]);
|
|
|
435830 |
+ fail_unless(list[2] == NULL, "Missing list terminator");
|
|
|
435830 |
+
|
|
|
435830 |
talloc_free(attrs);
|
|
|
435830 |
}
|
|
|
435830 |
END_TEST
|
|
|
435830 |
@@ -6412,6 +6489,7 @@ Suite *create_sysdb_suite(void)
|
|
|
435830 |
tcase_add_test(tc_sysdb, test_sysdb_svc_remove_alias);
|
|
|
435830 |
|
|
|
435830 |
tcase_add_test(tc_sysdb, test_sysdb_attrs_add_lc_name_alias);
|
|
|
435830 |
+ tcase_add_test(tc_sysdb, test_sysdb_attrs_add_lc_name_alias_safe);
|
|
|
435830 |
|
|
|
435830 |
/* ===== UTIL TESTS ===== */
|
|
|
435830 |
tcase_add_test(tc_sysdb, test_sysdb_attrs_get_string_array);
|
|
|
435830 |
--
|
|
|
435830 |
2.4.3
|
|
|
435830 |
|