Hello community, here is the log from the commit of package sssd for openSUSE:Factory checked in at 2013-03-05 06:50:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sssd (Old) and /work/SRC/openSUSE:Factory/.sssd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sssd", Maintainer is "rha...@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/sssd/sssd.changes 2013-02-08 23:26:10.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.sssd.new/sssd.changes 2013-03-05 06:50:15.000000000 +0100 @@ -1,0 +2,9 @@ +Tue Feb 26 08:29:43 UTC 2013 - jeng...@inai.de + +- Resolve user retrieval problems when encountering binary data + in LDAP attributes (bnc#806078), + added sssd-sysdb-binary-attrs.diff +- Added sssd-no-ldb-check.diff so that SSSD continues to start + even after an LDB update. + +------------------------------------------------------------------- New: ---- sssd-no-ldb-check.diff sssd-sysdb-binary-attrs.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sssd.spec ++++++ --- /var/tmp/diff_new_pack.wxdyba/_old 2013-03-05 06:50:17.000000000 +0100 +++ /var/tmp/diff_new_pack.wxdyba/_new 2013-03-05 06:50:17.000000000 +0100 @@ -30,6 +30,8 @@ Source3: baselibs.conf Patch1: 0005-implicit-decl.diff Patch2: sssd-ldflags.diff +Patch3: sssd-no-ldb-check.diff +Patch4: sssd-sysdb-binary-attrs.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %define servicename sssd @@ -198,7 +200,7 @@ %prep %setup -q -%patch -P 1 -P 2 -p1 +%patch -P 1 -P 2 -P 3 -P 4 -p1 %build %if 0%{?suse_version} < 1210 ++++++ sssd-no-ldb-check.diff ++++++ From: Jan Engelhardt <jeng...@inai.de> Date: 2013-02-21 09:09:59.418801298 +0100 Upstream: no Whenever ldb has a version number update, memberof.so aborts sssd loading. Arguably, LDB has not made any ABI stability promises says http://lists.fedorahosted.org/pipermail/sssd-devel/2013-February/013686.html but they are at least trying to, by keeping some versioned symbols. So, let's try this here for openSUSE. --- src/ldb_modules/memberof.c | 3 --- 1 file changed, 3 deletions(-) Index: sssd-1.9.4/src/ldb_modules/memberof.c =================================================================== --- sssd-1.9.4.orig/src/ldb_modules/memberof.c +++ sssd-1.9.4/src/ldb_modules/memberof.c @@ -4570,8 +4570,5 @@ const struct ldb_module_ops ldb_memberof int ldb_init_module(const char *version) { -#ifdef LDB_MODULE_CHECK_VERSION - LDB_MODULE_CHECK_VERSION(version); -#endif return ldb_register_module(&ldb_memberof_module_ops); } ++++++ sssd-sysdb-binary-attrs.diff ++++++ >From 3229c2107e4645240cfc4aa5d262e5330c356a49 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt <jeng...@inai.de> Date: Thu, 21 Feb 2013 13:12:25 +0100 Subject: [PATCH] sysdb: try dealing with binary-content attributes I have here a LDAP user entry which has this attribute loginAllowedTimeMap:: AAAAAAAAAP///38AAP///38AAP///38AAP///38AAP///38AAAAAAAAA In the function sysdb_attrs_add_string(), called from sdap_attrs_add_ldap_attr(), strlen() is called on this blob, which is the wrong thing to do. The result of strlen is then used to populate the .v_length member of a struct ldb_val - and this will set it to zero in this case. (There is also the problem that there may not be a '\0' at all in the blob.) Subsequently, .v_length being 0 makes ldb_modify(), called from sysdb_set_entry_attr(), return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX. End result is that users do not get stored in the sysdb, and programs like `id` or `getent ...` show incomplete information. The bug was encountered with sssd-1.8.5. sssd-1.5.11 seemed to behave fine, but that may not mean that is the absolute lower boundary of introduction of the problem. --- src/db/sysdb.c | 10 ++++++++++ src/db/sysdb.h | 2 ++ src/providers/ldap/sdap.c | 7 +++---- src/providers/ldap/sdap_async.c | 4 ++-- 4 files changed, 17 insertions(+), 6 deletions(-) diff --git a/src/db/sysdb.c b/src/db/sysdb.c index e7524f4..7c34791 100644 --- a/src/db/sysdb.c +++ b/src/db/sysdb.c @@ -512,6 +512,16 @@ int sysdb_attrs_add_string(struct sysdb_attrs *attrs, return sysdb_attrs_add_val(attrs, name, &v); } +int sysdb_attrs_add_mem(struct sysdb_attrs *attrs, const char *name, + const void *mem, size_t size) +{ + struct ldb_val v; + + v.data = discard_const(mem); + v.length = size; + return sysdb_attrs_add_val(attrs, name, &v); +} + int sysdb_attrs_add_bool(struct sysdb_attrs *attrs, const char *name, bool value) { diff --git a/src/db/sysdb.h b/src/db/sysdb.h index fff97a8..23cbbb0 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -250,6 +250,8 @@ int sysdb_attrs_add_val(struct sysdb_attrs *attrs, const char *name, const struct ldb_val *val); int sysdb_attrs_add_string(struct sysdb_attrs *attrs, const char *name, const char *str); +int sysdb_attrs_add_mem(struct sysdb_attrs *, const char *, + const void *, size_t); int sysdb_attrs_add_bool(struct sysdb_attrs *attrs, const char *name, bool value); int sysdb_attrs_add_long(struct sysdb_attrs *attrs, diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index 371121b..988f27d 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -474,10 +474,9 @@ errno_t sdap_parse_deref(TALLOC_CTX *mem_ctx, for (i=0; dval->vals[i].bv_val; i++) { DEBUG(9, ("Dereferenced attribute value: %s\n", dval->vals[i].bv_val)); - v.data = (uint8_t *) dval->vals[i].bv_val; - v.length = dval->vals[i].bv_len; - - ret = sysdb_attrs_add_val(res[mi]->attrs, name, &v); + ret = sysdb_attrs_add_mem(res[mi]->attrs, name, + dval->vals[i].bv_val, + dval->vals[i].bv_len); if (ret) goto done; } } diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index 84497b7..b7d9839 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -2226,8 +2226,8 @@ sdap_attrs_add_ldap_attr(struct sysdb_attrs *ldap_attrs, DEBUG(SSSDBG_TRACE_INTERNAL, ("Adding %s [%s] to attributes " "of [%s].\n", desc, el->values[i].data, objname)); - ret = sysdb_attrs_add_string(attrs, attr_name, - (const char *) el->values[i].data); + ret = sysdb_attrs_add_mem(attrs, attr_name, el->values[i].data, + el->values[i].length); if (ret) { return ret; } -- 1.7.10.4 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org