diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-18 22:03:01 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-11-18 20:33:36 +0100 |
commit | 7c5cd2e7711621af9163a41393e88896a91ac33b (patch) | |
tree | 9a1eacfb31cecf8893c51a938e312330a423c9e6 /src/providers/krb5/krb5_auth.c | |
parent | 45aeb924ec3ac448bb8d174a5cc061ed98b147c7 (diff) | |
download | sssd-7c5cd2e7711621af9163a41393e88896a91ac33b.tar.gz sssd-7c5cd2e7711621af9163a41393e88896a91ac33b.tar.xz sssd-7c5cd2e7711621af9163a41393e88896a91ac33b.zip |
KRB5: Move checking for illegal RE to krb5_utils.c
Otherwise we would have to link krb5_child with pcre and transfer the
regex, which would be cumbersome. Check for illegal patterns when
expanding the template instead.
Related:
https://fedorahosted.org/sssd/ticket/2370
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/providers/krb5/krb5_auth.c')
-rw-r--r-- | src/providers/krb5/krb5_auth.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index bd8b51f47..5ed561601 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -302,7 +302,9 @@ static errno_t krb5_auth_prepare_ccache_name(struct krb5child_req *kr, DEBUG(SSSDBG_TRACE_ALL, "Recreating ccache file.\n"); ccname_template = dp_opt_get_cstring(kr->krb5_ctx->opts, KRB5_CCNAME_TMPL); - kr->ccname = expand_ccname_template(kr, kr, ccname_template, true, + kr->ccname = expand_ccname_template(kr, kr, ccname_template, + kr->krb5_ctx->illegal_path_re, + true, be_ctx->domain->case_sensitive); if (kr->ccname == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "expand_ccname_template failed.\n"); @@ -310,7 +312,6 @@ static errno_t krb5_auth_prepare_ccache_name(struct krb5child_req *kr, } ret = sss_krb5_precreate_ccache(kr->ccname, - kr->krb5_ctx->illegal_path_re, kr->uid, kr->gid); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "ccache creation failed.\n"); |