Re: [SSSD] [PATCH] proxy: Do not try to store same alias twice

Michal Židek Thu, 06 Nov 2014 10:48:56 -0800

On 11/06/2014 07:43 PM, Michal Židek wrote:

On 11/05/2014 04:53 PM, Michal Židek wrote:

I found this bug while working on
https://fedorahosted.org/sssd/ticket/2461


It turned out that not only case_sensitive = preserving,
but also case_sensitive = false did not work
with proxy provider.

But this patch does not solve the issue in the ticket,
so I did not link them.


After  some investigation I actually think this was
the main issue that caused the bug mentioned in
the ticket so I added the "Fixes" label to it.

I also added second patch that preservers the
service name with proxy provider.

Michal


And now with patches :)

>From f6c84c306cf921344ad2b23040588040ac407186 Mon Sep 17 00:00:00 2001
From: Michal Zidek <mzi...@redhat.com>
Date: Fri, 31 Oct 2014 16:39:25 +0100
Subject: [PATCH 1/2] proxy: Do not try to store same alias twice

LDB does not store attributes if they have the
same name and value and errors out instead.

Fixes:
https://fedorahosted.org/sssd/ticket/2461
---
 src/providers/proxy/proxy_id.c | 68 ++++++++++++++++++++++++++----------------
 1 file changed, 42 insertions(+), 26 deletions(-)

diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c
index d867ec4..bb79202 100644
--- a/src/providers/proxy/proxy_id.c
+++ b/src/providers/proxy/proxy_id.c
@@ -222,6 +222,7 @@ static int save_user(struct sss_domain_info *domain,
     struct sysdb_attrs *attrs = NULL;
     errno_t ret;
     const char *cased_alias;
+    const char *lc_pw_name = NULL;
 
     if (pwd->pw_shell && pwd->pw_shell[0] != '\0') {
         shell = pwd->pw_shell;
@@ -239,31 +240,40 @@ static int save_user(struct sss_domain_info *domain,
         attrs = sysdb_new_attrs(NULL);
         if (!attrs) {
             DEBUG(SSSDBG_CRIT_FAILURE, "Allocation error ?!\n");
-            return ENOMEM;
+            ret = ENOMEM;
+            goto done;
         }
     }
 
     if (lowercase) {
-        ret = sysdb_attrs_add_lc_name_alias(attrs, pwd->pw_name);
+        lc_pw_name = sss_tc_utf8_str_tolower(attrs, pwd->pw_name);
+        if (lc_pw_name == NULL) {
+            DEBUG(SSSDBG_OP_FAILURE, "Cannot convert name to lowercase.\n");
+            ret = ENOMEM;
+            goto done;
+        }
+
+        ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, lc_pw_name);
         if (ret) {
             DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
-            talloc_zfree(attrs);
-            return ret;
+            goto done;
         }
+
     }
 
     if (alias) {
         cased_alias = sss_get_cased_name(attrs, alias, !lowercase);
         if (!cased_alias) {
-            talloc_zfree(attrs);
-            return ENOMEM;
+            goto done;
         }
 
-        ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, cased_alias);
-        if (ret) {
-            DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
-            talloc_zfree(attrs);
-            return ret;
+        /* Add the alias only if it differs from lowercased pw_name */
+        if (lc_pw_name == NULL || strcmp(cased_alias, lc_pw_name) != 0) {
+            ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, cased_alias);
+            if (ret) {
+                DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
+                goto done;
+            }
         }
     }
 
@@ -280,12 +290,13 @@ static int save_user(struct sss_domain_info *domain,
                            NULL,
                            cache_timeout,
                            0);
-    talloc_zfree(attrs);
     if (ret) {
         DEBUG(SSSDBG_OP_FAILURE, "Could not add user to cache\n");
-        return ret;
+        goto done;
     }
 
+done:
+    talloc_zfree(attrs);
     return EOK;
 }
 
@@ -527,6 +538,7 @@ static int save_group(struct sysdb_ctx *sysdb, struct sss_domain_info *dom,
     errno_t ret, sret;
     struct sysdb_attrs *attrs = NULL;
     const char *cased_alias;
+    const char *lc_gr_name = NULL;
     TALLOC_CTX *tmp_ctx;
     time_t now = time(NULL);
     bool in_transaction = false;
@@ -578,23 +590,27 @@ static int save_group(struct sysdb_ctx *sysdb, struct sss_domain_info *dom,
                 goto done;
             }
         }
+    }
 
-        if (dom->case_sensitive == false) {
-            ret = sysdb_attrs_add_lc_name_alias(attrs, grp->gr_name);
-            if (ret) {
-                DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
-                ret = ENOMEM;
-                goto done;
-            }
+    if (dom->case_sensitive == false) {
+        lc_gr_name = sss_tc_utf8_str_tolower(attrs, grp->gr_name);
+        if (lc_gr_name == NULL) {
+            DEBUG(SSSDBG_OP_FAILURE, "Cannot convert name to lowercase.\n");
+            ret = ENOMEM;
+            goto done;
         }
 
-        if (alias) {
-            cased_alias = sss_get_cased_name(attrs, alias, dom->case_sensitive);
-            if (!cased_alias) {
-                talloc_zfree(attrs);
-                return ENOMEM;
-            }
+        ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, lc_gr_name);
+    }
+
+    if (alias) {
+        cased_alias = sss_get_cased_name(attrs, alias, dom->case_sensitive);
+        if (!cased_alias) {
+            ret = ENOMEM;
+            goto done;
+        }
 
+        if (lc_gr_name == NULL || strcmp(cased_alias, lc_gr_name)) {
             ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, cased_alias);
             if (ret) {
                 DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
-- 
1.9.3

>From 9229246d08eb94a3d17adf4a6529041725fb3d75 Mon Sep 17 00:00:00 2001
From: Michal Zidek <mzi...@redhat.com>
Date: Thu, 6 Nov 2014 19:25:59 +0100
Subject: [PATCH 2/2] PROXY: Preserve service name in proxy provider

Fixes:
https://fedorahosted.org/sssd/ticket/2461
---
 src/providers/proxy/proxy_services.c | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/src/providers/proxy/proxy_services.c b/src/providers/proxy/proxy_services.c
index 16e90b0..2aa44db 100644
--- a/src/providers/proxy/proxy_services.c
+++ b/src/providers/proxy/proxy_services.c
@@ -38,12 +38,14 @@ proxy_save_service(struct sss_domain_info *domain,
     const char **protocols;
     const char **cased_aliases;
     TALLOC_CTX *tmp_ctx;
+    char *lc_alias = NULL;
     time_t now = time(NULL);
 
     tmp_ctx = talloc_new(NULL);
     if (!tmp_ctx) return ENOMEM;
 
-    cased_name = sss_get_cased_name(tmp_ctx, svc->s_name, !lowercase);
+    cased_name = sss_get_cased_name(tmp_ctx, svc->s_name,
+                                    domain->case_preserve);
     if (!cased_name) {
         ret = ENOMEM;
         goto done;
@@ -71,6 +73,24 @@ proxy_save_service(struct sss_domain_info *domain,
         goto done;
     }
 
+    if (domain->case_preserve) {
+        /* Add lowercased alias to allow case-insensitive lookup */
+        lc_alias = sss_tc_utf8_str_tolower(tmp_ctx, svc->s_name);
+        if (lc_alias == NULL) {
+            DEBUG(SSSDBG_OP_FAILURE, "Cannot convert name to lowercase.\n");
+            ret = ENOMEM;
+            goto done;
+        }
+
+        ret = add_string_to_list(tmp_ctx, lc_alias,
+                                 discard_const_p(char **, &cased_aliases));
+        if (ret != EOK) {
+            DEBUG(SSSDBG_OP_FAILURE,
+                  "Failed to add lowercased name alias.\n");
+            goto done;
+        }
+    }
+
     ret = sysdb_store_service(domain,
                               cased_name,
                               ntohs(svc->s_port),
-- 
1.9.3

_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel

Re: [SSSD] [PATCH] proxy: Do not try to store same alias twice

Reply via email to