summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2015-08-10 12:40:39 +0200
committerJakub Hrozek <jhrozek@redhat.com>2015-09-07 18:21:48 +0200
commit6a5abcaf3eb6133bc96c44a11e423fe7a0dca3a6 (patch)
treea5a960486c8cedeef35d30a052e3d9d4b8ba002f
parent0158fc7bd5b1ffeb2ae9929e5af6924c831a132a (diff)
downloadsssd-6a5abcaf3eb6133bc96c44a11e423fe7a0dca3a6.tar.gz
sssd-6a5abcaf3eb6133bc96c44a11e423fe7a0dca3a6.tar.xz
sssd-6a5abcaf3eb6133bc96c44a11e423fe7a0dca3a6.zip
IPA: Change the default of ldap_user_certificate to userCertificate;binary
This is safe from ldb point of view, because ldb gurantees the data is NULL-terminated. We must be careful before we save the data, though. Resolves: https://fedorahosted.org/sssd/ticket/2742 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
-rw-r--r--src/man/sssd-ldap.5.xml2
-rw-r--r--src/providers/ipa/ipa_opts.h2
2 files changed, 2 insertions, 2 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index f14090843..0239f656e 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -821,7 +821,7 @@
certificate of the user.
</para>
<para>
- Default: no set in the general case, userCertificate
+ Default: no set in the general case, userCertificate;binary
for IPA
</para>
</listitem>
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
index 253c07153..2f92ad765 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.h
@@ -203,7 +203,7 @@ struct sdap_attr_map ipa_user_map[] = {
{ "ldap_user_nds_login_allowed_time_map", "loginAllowedTimeMap", SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP, NULL },
{ "ldap_user_ssh_public_key", "ipaSshPubKey", SYSDB_SSH_PUBKEY, NULL },
{ "ldap_user_auth_type", "ipaUserAuthType", SYSDB_AUTH_TYPE, NULL },
- { "ldap_user_certificate", "userCertificate", SYSDB_USER_CERT, NULL },
+ { "ldap_user_certificate", "userCertificate;binary", SYSDB_USER_CERT, NULL },
SDAP_ATTR_MAP_TERMINATOR
};