summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2009-11-19 19:28:36 -0500
committerStephen Gallagher <sgallagh@redhat.com>2009-11-20 11:18:50 -0500
commit55ab3a9b2dcbe809dece953605ab359c5e12a139 (patch)
treed608a987d14a7f267b6a9f2ebe73bf8660dab0cb
parent7c7de044bb08aa6b5c9f32c000c3b97a3c55ca31 (diff)
downloadsssd-55ab3a9b2dcbe809dece953605ab359c5e12a139.tar.gz
sssd-55ab3a9b2dcbe809dece953605ab359c5e12a139.tar.xz
sssd-55ab3a9b2dcbe809dece953605ab359c5e12a139.zip
Correctly escape DN value.
In building the DN string we weren't correctly escaping the value of the RDN component. This patches fixes that.
-rw-r--r--server/db/sysdb_ops.c48
1 files changed, 42 insertions, 6 deletions
diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c
index 4a44f280a..da53fd3bb 100644
--- a/server/db/sysdb_ops.c
+++ b/server/db/sysdb_ops.c
@@ -2769,6 +2769,42 @@ int sysdb_store_user_recv(struct tevent_req *req)
/* =Store-Group-(Native/Legacy)-(replaces-existing-data)================== */
+static char *build_dom_dn_str_escape(TALLOC_CTX *memctx, const char *template,
+ const char *domain, const char *name)
+{
+ char *ret;
+ int l;
+
+ l = strcspn(name, ",=\n+<>#;\\\"");
+ if (name[l] != '\0') {
+ struct ldb_val v;
+ char *tmp;
+
+ v.data = discard_const_p(uint8_t, name);
+ v.length = strlen(name);
+
+ tmp = ldb_dn_escape_value(memctx, v);
+ if (!tmp) {
+ return NULL;
+ }
+
+ ret = talloc_asprintf(memctx, template, tmp, domain);
+ talloc_zfree(tmp);
+ if (!ret) {
+ return NULL;
+ }
+
+ return ret;
+ }
+
+ ret = talloc_asprintf(memctx, template, name, domain);
+ if (!ret) {
+ return NULL;
+ }
+
+ return ret;
+}
+
/* this function does not check that all user members are actually present */
struct sysdb_store_group_state {
@@ -2873,9 +2909,9 @@ static void sysdb_store_group_check(struct tevent_req *subreq)
for (i = 0; state->member_users && state->member_users[i]; i++) {
char *member;
- member = talloc_asprintf(state, SYSDB_TMPL_USER,
- state->member_users[i],
- state->domain->name);
+ member = build_dom_dn_str_escape(state, SYSDB_TMPL_USER,
+ state->domain->name,
+ state->member_users[i]);
if (!member) {
DEBUG(4, ("Error: Out of memory\n"));
tevent_req_error(req, ENOMEM);
@@ -2896,9 +2932,9 @@ static void sysdb_store_group_check(struct tevent_req *subreq)
for (i = 0; state->member_groups && state->member_groups[i]; i++) {
char *member;
- member = talloc_asprintf(state, SYSDB_TMPL_GROUP,
- state->member_groups[i],
- state->domain->name);
+ member = build_dom_dn_str_escape(state, SYSDB_TMPL_GROUP,
+ state->domain->name,
+ state->member_groups[i]);
if (!member) {
DEBUG(4, ("Error: Out of memory\n"));
tevent_req_error(req, ENOMEM);