diff options
| author | Sumit Bose <sbose@redhat.com> | 2017-03-16 12:38:08 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-03-29 15:01:21 +0200 |
| commit | bd1fa0ec90be717c3b7796d74b6f243f40178d16 (patch) | |
| tree | 7ea87c7cf6753718ec9270c59bbc579008aa10d3 | |
| parent | 16385568547351b5d2c562f3081f35f3341f695b (diff) | |
| download | sssd-bd1fa0ec90be717c3b7796d74b6f243f40178d16.tar.gz sssd-bd1fa0ec90be717c3b7796d74b6f243f40178d16.tar.xz sssd-bd1fa0ec90be717c3b7796d74b6f243f40178d16.zip | |
ssh: handle binary keys correctly
Related to https://pagure.io/SSSD/sssd/issue/3332
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
| -rw-r--r-- | src/responder/ssh/ssh_reply.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/responder/ssh/ssh_reply.c b/src/responder/ssh/ssh_reply.c index 807f4ee07..7093e4725 100644 --- a/src/responder/ssh/ssh_reply.c +++ b/src/responder/ssh/ssh_reply.c @@ -32,6 +32,11 @@ #include "responder/common/cache_req/cache_req.h" #include "responder/ssh/ssh_private.h" +/* Locally used flag for libldb's ldb_message_element structure to indicate + * binary data. Since the related data is only used in memory it is safe. If + * should be used with care if libldb's I/O operations are involved. */ +#define SSS_EL_FLAG_BIN_DATA (1<<4) + static errno_t get_valid_certs_keys(TALLOC_CTX *mem_ctx, struct ssh_ctx *ssh_ctx, struct ldb_message_element *el_cert, @@ -148,7 +153,7 @@ static errno_t decode_and_add_base64_data(struct sss_packet *packet, } for (d = 0; d < el->num_values; d++) { - if (skip_base64_decode) { + if (skip_base64_decode || (el->flags & SSS_EL_FLAG_BIN_DATA)) { key = el->values[d].data; key_len = el->values[d].length; } else { @@ -233,6 +238,7 @@ ssh_get_output_keys(TALLOC_CTX *mem_ctx, } if (elements[i] != NULL) { + elements[i]->flags |= SSS_EL_FLAG_BIN_DATA; num_keys += elements[i]->num_values; i++; } |