From a7edcbca35800ff697c002168b0d566e9563eadf Mon Sep 17 00:00:00 2001
From: Tomas Halman <thalman@redhat.com>
Date: Fri, 31 Jul 2020 11:21:44 +0200
Subject: [PATCH 41/41] UTIL: Use sss_sanitize_dn where we deal with DN
Resolves:
https://github.com/SSSD/sssd/issues/5261
(cherry picked from commit 2635e1538a1ef8c01a6587ef3f28ab3367e3459f)
---
src/db/sysdb_ops.c | 2 +-
src/providers/ipa/ipa_deskprofile_rules.c | 2 +-
src/providers/ipa/ipa_hbac_rules.c | 2 +-
src/providers/ipa/ipa_netgroups.c | 2 +-
src/providers/ldap/sdap_async_groups.c | 2 +-
src/providers/ldap/sdap_async_groups_ad.c | 2 +-
src/providers/ldap/sdap_async_initgroups.c | 4 ++--
7 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index b51c821ae..d4ad69e39 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -3494,7 +3494,7 @@ errno_t sysdb_search_by_orig_dn(TALLOC_CTX *mem_ctx,
return ENOMEM;
}
- ret = sss_filter_sanitize(tmp_ctx, member_dn, &sanitized_dn);
+ ret = sss_filter_sanitize_dn(tmp_ctx, member_dn, &sanitized_dn);
if (ret != EOK) {
goto done;
}
diff --git a/src/providers/ipa/ipa_deskprofile_rules.c b/src/providers/ipa/ipa_deskprofile_rules.c
index 65994356e..cce6184db 100644
--- a/src/providers/ipa/ipa_deskprofile_rules.c
+++ b/src/providers/ipa/ipa_deskprofile_rules.c
@@ -91,7 +91,7 @@ ipa_deskprofile_rule_info_send(TALLOC_CTX *mem_ctx,
goto immediate;
}
- ret = sss_filter_sanitize(state, host_dn, &host_dn_clean);
+ ret = sss_filter_sanitize_dn(state, host_dn, &host_dn_clean);
if (ret != EOK) {
goto immediate;
}
diff --git a/src/providers/ipa/ipa_hbac_rules.c b/src/providers/ipa/ipa_hbac_rules.c
index 0634a277e..e2c97ae3d 100644
--- a/src/providers/ipa/ipa_hbac_rules.c
+++ b/src/providers/ipa/ipa_hbac_rules.c
@@ -84,7 +84,7 @@ ipa_hbac_rule_info_send(TALLOC_CTX *mem_ctx,
goto immediate;
}
- ret = sss_filter_sanitize(state, host_dn, &host_dn_clean);
+ ret = sss_filter_sanitize_dn(state, host_dn, &host_dn_clean);
if (ret != EOK) goto immediate;
state->ev = ev;
diff --git a/src/providers/ipa/ipa_netgroups.c b/src/providers/ipa/ipa_netgroups.c
index 05ebac758..e14f48fb0 100644
--- a/src/providers/ipa/ipa_netgroups.c
+++ b/src/providers/ipa/ipa_netgroups.c
@@ -376,7 +376,7 @@ static void ipa_get_netgroups_process(struct tevent_req *subreq)
continue;
}
- ret = sss_filter_sanitize(state, orig_dn, &dn);
+ ret = sss_filter_sanitize_dn(state, orig_dn, &dn);
if (ret != EOK) {
goto done;
}
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
index 09e15bc3d..abe2ed275 100644
--- a/src/providers/ldap/sdap_async_groups.c
+++ b/src/providers/ldap/sdap_async_groups.c
@@ -52,7 +52,7 @@ static int sdap_find_entry_by_origDN(TALLOC_CTX *memctx,
return ENOMEM;
}
- ret = sss_filter_sanitize(tmpctx, orig_dn, &sanitized_dn);
+ ret = sss_filter_sanitize_dn(tmpctx, orig_dn, &sanitized_dn);
if (ret != EOK) {
ret = ENOMEM;
goto done;
diff --git a/src/providers/ldap/sdap_async_groups_ad.c b/src/providers/ldap/sdap_async_groups_ad.c
index 3f842b26d..c954398bb 100644
--- a/src/providers/ldap/sdap_async_groups_ad.c
+++ b/src/providers/ldap/sdap_async_groups_ad.c
@@ -91,7 +91,7 @@ sdap_get_ad_match_rule_members_send(TALLOC_CTX *mem_ctx,
}
/* Sanitize it in case we have special characters in DN */
- ret = sss_filter_sanitize(state, group_dn, &sanitized_group_dn);
+ ret = sss_filter_sanitize_dn(state, group_dn, &sanitized_group_dn);
if (ret != EOK) {
DEBUG(SSSDBG_MINOR_FAILURE,
"Could not sanitize group DN: %s\n",
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
index 620782b6f..055bdaefc 100644
--- a/src/providers/ldap/sdap_async_initgroups.c
+++ b/src/providers/ldap/sdap_async_initgroups.c
@@ -1647,7 +1647,7 @@ static struct tevent_req *sdap_initgr_rfc2307bis_send(
attr_filter, &state->attrs, NULL);
if (ret != EOK) goto done;
- ret = sss_filter_sanitize(state, orig_dn, &clean_orig_dn);
+ ret = sss_filter_sanitize_dn(state, orig_dn, &clean_orig_dn);
if (ret != EOK) goto done;
use_id_mapping = sdap_idmap_domain_has_algorithmic_mapping(
@@ -2429,7 +2429,7 @@ static errno_t rfc2307bis_nested_groups_step(struct tevent_req *req)
goto done;
}
- ret = sss_filter_sanitize(tmp_ctx, state->orig_dn, &clean_orig_dn);
+ ret = sss_filter_sanitize_dn(tmp_ctx, state->orig_dn, &clean_orig_dn);
if (ret != EOK) {
goto done;
}
--
2.21.3