On 11/06/2014 07:43 PM, Michal Židek wrote:
On 11/05/2014 04:53 PM, Michal Židek wrote:
I found this bug while working on
https://fedorahosted.org/sssd/ticket/2461
It turned out that not only case_sensitive = preserving,
but also case_sensitive = false did not work
with proxy provider.
But this patch does not solve the issue in the ticket,
so I did not link them.
After some investigation I actually think this was
the main issue that caused the bug mentioned in
the ticket so I added the "Fixes" label to it.
I also added second patch that preservers the
service name with proxy provider.
Michal
And now with patches :)
>From f6c84c306cf921344ad2b23040588040ac407186 Mon Sep 17 00:00:00 2001
From: Michal Zidek <mzi...@redhat.com>
Date: Fri, 31 Oct 2014 16:39:25 +0100
Subject: [PATCH 1/2] proxy: Do not try to store same alias twice
LDB does not store attributes if they have the
same name and value and errors out instead.
Fixes:
https://fedorahosted.org/sssd/ticket/2461
---
src/providers/proxy/proxy_id.c | 68 ++++++++++++++++++++++++++----------------
1 file changed, 42 insertions(+), 26 deletions(-)
diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c
index d867ec4..bb79202 100644
--- a/src/providers/proxy/proxy_id.c
+++ b/src/providers/proxy/proxy_id.c
@@ -222,6 +222,7 @@ static int save_user(struct sss_domain_info *domain,
struct sysdb_attrs *attrs = NULL;
errno_t ret;
const char *cased_alias;
+ const char *lc_pw_name = NULL;
if (pwd->pw_shell && pwd->pw_shell[0] != '\0') {
shell = pwd->pw_shell;
@@ -239,31 +240,40 @@ static int save_user(struct sss_domain_info *domain,
attrs = sysdb_new_attrs(NULL);
if (!attrs) {
DEBUG(SSSDBG_CRIT_FAILURE, "Allocation error ?!\n");
- return ENOMEM;
+ ret = ENOMEM;
+ goto done;
}
}
if (lowercase) {
- ret = sysdb_attrs_add_lc_name_alias(attrs, pwd->pw_name);
+ lc_pw_name = sss_tc_utf8_str_tolower(attrs, pwd->pw_name);
+ if (lc_pw_name == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, "Cannot convert name to lowercase.\n");
+ ret = ENOMEM;
+ goto done;
+ }
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, lc_pw_name);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
- talloc_zfree(attrs);
- return ret;
+ goto done;
}
+
}
if (alias) {
cased_alias = sss_get_cased_name(attrs, alias, !lowercase);
if (!cased_alias) {
- talloc_zfree(attrs);
- return ENOMEM;
+ goto done;
}
- ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, cased_alias);
- if (ret) {
- DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
- talloc_zfree(attrs);
- return ret;
+ /* Add the alias only if it differs from lowercased pw_name */
+ if (lc_pw_name == NULL || strcmp(cased_alias, lc_pw_name) != 0) {
+ ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, cased_alias);
+ if (ret) {
+ DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
+ goto done;
+ }
}
}
@@ -280,12 +290,13 @@ static int save_user(struct sss_domain_info *domain,
NULL,
cache_timeout,
0);
- talloc_zfree(attrs);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add user to cache\n");
- return ret;
+ goto done;
}
+done:
+ talloc_zfree(attrs);
return EOK;
}
@@ -527,6 +538,7 @@ static int save_group(struct sysdb_ctx *sysdb, struct sss_domain_info *dom,
errno_t ret, sret;
struct sysdb_attrs *attrs = NULL;
const char *cased_alias;
+ const char *lc_gr_name = NULL;
TALLOC_CTX *tmp_ctx;
time_t now = time(NULL);
bool in_transaction = false;
@@ -578,23 +590,27 @@ static int save_group(struct sysdb_ctx *sysdb, struct sss_domain_info *dom,
goto done;
}
}
+ }
- if (dom->case_sensitive == false) {
- ret = sysdb_attrs_add_lc_name_alias(attrs, grp->gr_name);
- if (ret) {
- DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
- ret = ENOMEM;
- goto done;
- }
+ if (dom->case_sensitive == false) {
+ lc_gr_name = sss_tc_utf8_str_tolower(attrs, grp->gr_name);
+ if (lc_gr_name == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, "Cannot convert name to lowercase.\n");
+ ret = ENOMEM;
+ goto done;
}
- if (alias) {
- cased_alias = sss_get_cased_name(attrs, alias, dom->case_sensitive);
- if (!cased_alias) {
- talloc_zfree(attrs);
- return ENOMEM;
- }
+ ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, lc_gr_name);
+ }
+
+ if (alias) {
+ cased_alias = sss_get_cased_name(attrs, alias, dom->case_sensitive);
+ if (!cased_alias) {
+ ret = ENOMEM;
+ goto done;
+ }
+ if (lc_gr_name == NULL || strcmp(cased_alias, lc_gr_name)) {
ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, cased_alias);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
--
1.9.3
>From 9229246d08eb94a3d17adf4a6529041725fb3d75 Mon Sep 17 00:00:00 2001
From: Michal Zidek <mzi...@redhat.com>
Date: Thu, 6 Nov 2014 19:25:59 +0100
Subject: [PATCH 2/2] PROXY: Preserve service name in proxy provider
Fixes:
https://fedorahosted.org/sssd/ticket/2461
---
src/providers/proxy/proxy_services.c | 22 +++++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/src/providers/proxy/proxy_services.c b/src/providers/proxy/proxy_services.c
index 16e90b0..2aa44db 100644
--- a/src/providers/proxy/proxy_services.c
+++ b/src/providers/proxy/proxy_services.c
@@ -38,12 +38,14 @@ proxy_save_service(struct sss_domain_info *domain,
const char **protocols;
const char **cased_aliases;
TALLOC_CTX *tmp_ctx;
+ char *lc_alias = NULL;
time_t now = time(NULL);
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) return ENOMEM;
- cased_name = sss_get_cased_name(tmp_ctx, svc->s_name, !lowercase);
+ cased_name = sss_get_cased_name(tmp_ctx, svc->s_name,
+ domain->case_preserve);
if (!cased_name) {
ret = ENOMEM;
goto done;
@@ -71,6 +73,24 @@ proxy_save_service(struct sss_domain_info *domain,
goto done;
}
+ if (domain->case_preserve) {
+ /* Add lowercased alias to allow case-insensitive lookup */
+ lc_alias = sss_tc_utf8_str_tolower(tmp_ctx, svc->s_name);
+ if (lc_alias == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, "Cannot convert name to lowercase.\n");
+ ret = ENOMEM;
+ goto done;
+ }
+
+ ret = add_string_to_list(tmp_ctx, lc_alias,
+ discard_const_p(char **, &cased_aliases));
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "Failed to add lowercased name alias.\n");
+ goto done;
+ }
+ }
+
ret = sysdb_store_service(domain,
cased_name,
ntohs(svc->s_port),
--
1.9.3
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel