diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2015-08-10 12:40:39 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-08-14 23:24:27 +0200 |
| commit | 619e21ed9c7a71e35e53f38867b53ed974f1d36a (patch) | |
| tree | d945a8bbf3b678ef2b1f0242444a2cbc6f99f5f7 | |
| parent | 32445affe3612428eddde043cdc672a01c189714 (diff) | |
| download | sssd-619e21ed9c7a71e35e53f38867b53ed974f1d36a.tar.gz sssd-619e21ed9c7a71e35e53f38867b53ed974f1d36a.tar.xz sssd-619e21ed9c7a71e35e53f38867b53ed974f1d36a.zip | |
IPA: Change the default of ldap_user_certificate to userCertificate;binary
This is safe from ldb point of view, because ldb gurantees the data is
NULL-terminated. We must be careful before we save the data, though.
Resolves:
https://fedorahosted.org/sssd/ticket/2742
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
| -rw-r--r-- | src/man/sssd-ldap.5.xml | 2 | ||||
| -rw-r--r-- | src/providers/ipa/ipa_opts.h | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index 978fdbe77..123ac3fac 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -821,7 +821,7 @@ certificate of the user. </para> <para> - Default: no set in the general case, userCertificate + Default: no set in the general case, userCertificate;binary for IPA </para> </listitem> diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h index 9576228d1..f6c40dddb 100644 --- a/src/providers/ipa/ipa_opts.h +++ b/src/providers/ipa/ipa_opts.h @@ -204,7 +204,7 @@ struct sdap_attr_map ipa_user_map[] = { { "ldap_user_nds_login_allowed_time_map", "loginAllowedTimeMap", SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP, NULL }, { "ldap_user_ssh_public_key", "ipaSshPubKey", SYSDB_SSH_PUBKEY, NULL }, { "ldap_user_auth_type", "ipaUserAuthType", SYSDB_AUTH_TYPE, NULL }, - { "ldap_user_certificate", "userCertificate", SYSDB_USER_CERT, NULL }, + { "ldap_user_certificate", "userCertificate;binary", SYSDB_USER_CERT, NULL }, SDAP_ATTR_MAP_TERMINATOR }; |