Hello community, here is the log from the commit of package yast2-auth-client for openSUSE:Factory checked in at 2014-05-17 21:46:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-auth-client (Old) and /work/SRC/openSUSE:Factory/.yast2-auth-client.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-auth-client" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-auth-client/yast2-auth-client.changes 2014-05-16 18:18:28.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-auth-client.new/yast2-auth-client.changes 2014-05-17 21:46:08.000000000 +0200 @@ -1,0 +2,6 @@ +Fri May 16 15:00:25 UTC 2014 - ckornac...@suse.com + +- Validate sssd.conf config parameter values (bnc#876721) +- 3.1.15 + +------------------------------------------------------------------- Old: ---- yast2-auth-client-3.1.14.tar.bz2 New: ---- yast2-auth-client-3.1.15.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-auth-client.spec ++++++ --- /var/tmp/diff_new_pack.ocHwdq/_old 2014-05-17 21:46:09.000000000 +0200 +++ /var/tmp/diff_new_pack.ocHwdq/_new 2014-05-17 21:46:09.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-auth-client -Version: 3.1.14 +Version: 3.1.15 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-auth-client-3.1.14.tar.bz2 -> yast2-auth-client-3.1.15.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.1.14/package/yast2-auth-client.changes new/yast2-auth-client-3.1.15/package/yast2-auth-client.changes --- old/yast2-auth-client-3.1.14/package/yast2-auth-client.changes 2014-05-15 12:03:46.000000000 +0200 +++ new/yast2-auth-client-3.1.15/package/yast2-auth-client.changes 2014-05-16 19:13:23.000000000 +0200 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Fri May 16 15:00:25 UTC 2014 - ckornac...@suse.com + +- Validate sssd.conf config parameter values (bnc#876721) +- 3.1.15 + +------------------------------------------------------------------- Thu May 8 12:05:25 UTC 2014 - vark...@suse.com - bnc#877133 - yast2-auth-client exports bad formatted hash. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.1.14/package/yast2-auth-client.spec new/yast2-auth-client-3.1.15/package/yast2-auth-client.spec --- old/yast2-auth-client-3.1.14/package/yast2-auth-client.spec 2014-05-15 12:03:46.000000000 +0200 +++ new/yast2-auth-client-3.1.15/package/yast2-auth-client.spec 2014-05-16 19:13:23.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-auth-client -Version: 3.1.14 +Version: 3.1.15 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.1.14/src/include/dialogs.rb new/yast2-auth-client-3.1.15/src/include/dialogs.rb --- old/yast2-auth-client-3.1.14/src/include/dialogs.rb 2014-05-15 12:03:46.000000000 +0200 +++ new/yast2-auth-client-3.1.15/src/include/dialogs.rb 2014-05-16 19:13:23.000000000 +0200 @@ -113,6 +113,15 @@ end end + def ValidateInput(item,parameter) + @params.each_key { |s| + if @params[s][parameter] && @params[s][parameter].has_key?("rule") + return ConvertToString(item,parameter) =~ @params[s][parameter]["rule"] + end + } + return true + end + def AddParameter(section,parameter) Builtins.y2milestone("--Add Parameter %1 in section %2 called",parameter,section) _type = GetParameterType(parameter) @@ -153,7 +162,12 @@ if !AuthClient.auth["sssd_conf"].has_key?(section) AuthClient.auth["sssd_conf"][section] = Hash.new end - AuthClient.auth["sssd_conf"][section][parameter] = ConvertToString(:value,parameter) + if ValidateInput(:value,parameter) + AuthClient.auth["sssd_conf"][section][parameter] = ConvertToString(:value,parameter) + else + Popup.Error( Builtins.sformat(_("Value for parameter '%1' is invalid."), parameter)) + ret = nil + end break end end @@ -318,7 +332,12 @@ ret = nil when :ok AuthClient.auth["sssd_conf"][section].each_key { |k| + if ValidateInput(k,k) AuthClient.auth["sssd_conf"][section][k] = ConvertToString(k,k) + else + Popup.Error( Builtins.sformat(_("Value for parameter '%1' is invalid."), k)) + ret = nil + end } end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.1.14/src/include/sssd-parameters.rb new/yast2-auth-client-3.1.15/src/include/sssd-parameters.rb --- old/yast2-auth-client-3.1.14/src/include/sssd-parameters.rb 2014-05-15 12:03:46.000000000 +0200 +++ new/yast2-auth-client-3.1.15/src/include/sssd-parameters.rb 2014-05-16 19:13:23.000000000 +0200 @@ -429,6 +429,7 @@ "ldap_sudo_search_base" => { "type" => "string", "def" => "", + "rule" => /(^[\s]*[\w]+=[\w]+|^$)/, "desc" => _("The default base DN to use for performing LDAP sudo rules.") } }, @@ -475,25 +476,30 @@ "ldap_uri" => { "type" => "string", "req" => 1, + "rule" => /(ldap[s]?:\/\/|^$)/, "desc" => _("Specifies the comma-separated list of URIs of the LDAP servers to which SSSD should connect in the order of preference.") }, "ldap_backup_uri" => { "type" => "string", + "rule" => /(ldap[s]?:\/\/|^$)/, "desc" => _("Specifies the comma-separated list of URIs of the LDAP servers to which SSSD should connect in the order of preference.") }, "ldap_chpass_uri" => { "type" => "string", - "def" => "ldap_uri", + "def" => "", + "rule" => /(ldap[s]?:\/\/|^$)/, "desc" => _("Specifies the comma-separated list of URIs of the LDAP servers to which SSSD should connect in the order of preference to change the password of a user.") }, "ldap_chpass_backup_uri" => { "type" => "string", - "def" => "ldap_uri", + "def" => "", + "rule" => /(ldap[s]?:\/\/|^$)/, "desc" => _("Specifies the comma-separated list of URIs of the LDAP servers to which SSSD should connect in the order of preference to change the password of a user.") }, "ldap_search_base" => { "type" => "string", "req" => 1, + "rule" => /(^[\s]*[\w]+=[\w]+|^$)/, "desc" => _("The default base DN to use for performing LDAP user operations.") }, "ldap_schema" => { @@ -794,6 +800,7 @@ "ldap_service_search_base" => { "type" => "string", "def" => "the value of ldap_search_base", + "rule" => /(^[\s]*[\w]+=[\w]+|^$)/, "desc" => _("An optional base DN, search scope and LDAP filter to restrict LDAP searches for this attribute type.") }, "ldap_search_timeout" => { @@ -844,6 +851,7 @@ "ldap_tls_reqcert" => { "type" => "string", "def" => "hard", + "vals" => "never, allow, try, demand, hard", "desc" => _("Specifies what checks to perform on server certificates in a TLS session, if any.") }, "ldap_tls_cacert" => { -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org