From e7c9ff18f41d9951aff3c99dca7db1871e53cfaf Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Tue, 28 Feb 2017 14:19:53 +0100
Subject: [PATCH 13/15] nss: allow larger buffer for certificate based requests
To make sure larger certificates can be processed as well the maximal
buffer size is increased for requests by certificate.
Related to https://pagure.io/SSSD/sssd/issue/3050
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
src/responder/common/responder_packet.c | 21 ++++++++++++++++++++-
src/responder/common/responder_packet.h | 1 +
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/src/responder/common/responder_packet.c b/src/responder/common/responder_packet.c
index 4f5e110837eb76609d31a77c62a00e00530ffc90..cc4d66995965cca4c86a80c31d2afd4c9ac3e0e4 100644
--- a/src/responder/common/responder_packet.c
+++ b/src/responder/common/responder_packet.c
@@ -179,6 +179,8 @@ int sss_packet_recv(struct sss_packet *packet, int fd)
size_t rb;
size_t len;
void *buf;
+ size_t new_len;
+ int ret;
buf = (uint8_t *)packet->buffer + packet->iop;
if (packet->iop > 4) len = sss_packet_get_len(packet) - packet->iop;
@@ -205,7 +207,24 @@ int sss_packet_recv(struct sss_packet *packet, int fd)
}
if (sss_packet_get_len(packet) > packet->memsize) {
- return EINVAL;
+ /* Allow certificate based requests to use larger buffer but not
+ * larger than SSS_CERT_PACKET_MAX_RECV_SIZE. Due to the way
+ * sss_packet_grow() works the packet len must be set to '0' first and
+ * then grow to the expected size. */
+ if ((sss_packet_get_cmd(packet) == SSS_NSS_GETNAMEBYCERT
+ || sss_packet_get_cmd(packet) == SSS_NSS_GETLISTBYCERT)
+ && packet->memsize < SSS_CERT_PACKET_MAX_RECV_SIZE
+ && (new_len = sss_packet_get_len(packet))
+ < SSS_CERT_PACKET_MAX_RECV_SIZE) {
+ new_len = sss_packet_get_len(packet);
+ sss_packet_set_len(packet, 0);
+ ret = sss_packet_grow(packet, new_len);
+ if (ret != EOK) {
+ return ret;
+ }
+ } else {
+ return EINVAL;
+ }
}
packet->iop += rb;
diff --git a/src/responder/common/responder_packet.h b/src/responder/common/responder_packet.h
index 3ad0eee28477e446c9e4996617beb55f32923d47..afceb4aaefa40fd86bdfde820c92c09b65cd8702 100644
--- a/src/responder/common/responder_packet.h
+++ b/src/responder/common/responder_packet.h
@@ -25,6 +25,7 @@
#include "sss_client/sss_cli.h"
#define SSS_PACKET_MAX_RECV_SIZE 1024
+#define SSS_CERT_PACKET_MAX_RECV_SIZE ( 10 * SSS_PACKET_MAX_RECV_SIZE )
struct sss_packet;
--
2.9.3