diff options
author | Suresh Jayaraman <sjayaraman@suse.com> | 2012-12-17 16:29:44 -0500 |
---|---|---|
committer | Steve Dickson <steved@redhat.com> | 2012-12-17 16:33:17 -0500 |
commit | 96892b29a50af1055bfc3ca74930e9782ead6c71 (patch) | |
tree | 3e01cb14218c8c2ad745755c10ec88cb517ebec4 | |
parent | 8e2fb3fc8e46e61eeba7978a03c9fb50ff01b666 (diff) | |
download | nfs-utils-96892b29a50af1055bfc3ca74930e9782ead6c71.tar.gz nfs-utils-96892b29a50af1055bfc3ca74930e9782ead6c71.tar.xz nfs-utils-96892b29a50af1055bfc3ca74930e9782ead6c71.zip |
idmapd: allow non-ASCII characters (UTF-8) in NFSv4 domain name
The validateascii() check in imconv() maps NFSv4 domain names with
non-ASCII characters to 'nobody'. In setups where Active directory
or LDAP is used this causes names with UTF-8 characters to being
mapped to 'nobody' because of this check.
As Bruce Fields puts it:
"idmapd doesn't seem like the right place to enforce restrictions on
names. Once the system has allowed a name it's too late to be
complaining about it here."
Replace the validateascii() call in imconv() with a check for
null-termination just to be extra-careful and remove the validateascii()
function itself as the only user of that function is being
removed by this patch.
Acked-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
-rw-r--r-- | utils/idmapd/idmapd.c | 28 |
1 files changed, 5 insertions, 23 deletions
diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c index e80efb4..9d66225 100644 --- a/utils/idmapd/idmapd.c +++ b/utils/idmapd/idmapd.c @@ -145,7 +145,6 @@ static void svrreopen(int, short, void *); static int nfsopen(struct idmap_client *); static void nfscb(int, short, void *); static void nfsdcb(int, short, void *); -static int validateascii(char *, u_int32_t); static int addfield(char **, ssize_t *, char *); static int getfield(char **, char *, size_t); @@ -642,6 +641,8 @@ out: static void imconv(struct idmap_client *ic, struct idmap_msg *im) { + u_int32_t len; + switch (im->im_conv) { case IDMAP_CONV_IDTONAME: idtonameres(im); @@ -652,10 +653,10 @@ imconv(struct idmap_client *ic, struct idmap_msg *im) im->im_id, im->im_name); break; case IDMAP_CONV_NAMETOID: - if (validateascii(im->im_name, sizeof(im->im_name)) == -1) { - im->im_status |= IDMAP_STATUS_INVALIDMSG; + len = strnlen(im->im_name, IDMAP_NAMESZ - 1); + /* Check for NULL termination just to be careful */ + if (im->im_name[len+1] != '\0') return; - } nametoidres(im); if (verbose > 1) xlog_warn("%s %s: (%s) name \"%s\" -> id \"%d\"", @@ -855,25 +856,6 @@ nametoidres(struct idmap_msg *im) } static int -validateascii(char *string, u_int32_t len) -{ - u_int32_t i; - - for (i = 0; i < len; i++) { - if (string[i] == '\0') - break; - - if (string[i] & 0x80) - return (-1); - } - - if ((i >= len) || string[i] != '\0') - return (-1); - - return (i + 1); -} - -static int addfield(char **bpp, ssize_t *bsizp, char *fld) { char ch, *bp = *bpp; |