[sssd] Fix potential crash with external groups in trusted IPA-AD setup
Jakub Hrozek
jhrozek at fedoraproject.org
Wed Oct 16 14:11:44 UTC 2013
commit 797caead4fd8608c9269894665341125928bb06f
Author: Jakub Hrozek <jhrozek at redhat.com>
Date: Wed Oct 16 13:59:35 2013 +0200
Fix potential crash with external groups in trusted IPA-AD setup
...erver-mode-properly-initialize-ext_groups.patch | 32 ++++++++++++++++++++
sssd.spec | 6 +++-
2 files changed, 37 insertions(+), 1 deletions(-)
---
diff --git a/0004-IPA-server-mode-properly-initialize-ext_groups.patch b/0004-IPA-server-mode-properly-initialize-ext_groups.patch
new file mode 100644
index 0000000..ae43277
--- /dev/null
+++ b/0004-IPA-server-mode-properly-initialize-ext_groups.patch
@@ -0,0 +1,32 @@
+From 3d6fb8fcaa650d1da60a2e575847bd6fcfa08c72 Mon Sep 17 00:00:00 2001
+From: Sumit Bose <sbose at redhat.com>
+Date: Wed, 16 Oct 2013 10:45:52 +0200
+Subject: [PATCH] IPA server mode: properly initialize ext_groups
+
+---
+ src/providers/ipa/ipa_subdomains.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c
+index bfbdabf..ea55f70 100644
+--- a/src/providers/ipa/ipa_subdomains.c
++++ b/src/providers/ipa/ipa_subdomains.c
+@@ -1305,13 +1305,14 @@ int ipa_ad_subdom_init(struct be_ctx *be_ctx,
+ return EINVAL;
+ }
+
+- id_ctx->server_mode = talloc(id_ctx, struct ipa_server_mode_ctx);
++ id_ctx->server_mode = talloc_zero(id_ctx, struct ipa_server_mode_ctx);
+ if (id_ctx->server_mode == NULL) {
+ return ENOMEM;
+ }
+ id_ctx->server_mode->realm = realm;
+ id_ctx->server_mode->hostname = hostname;
+ id_ctx->server_mode->trusts = NULL;
++ id_ctx->server_mode->ext_groups = NULL;
+
+ return EOK;
+ }
+--
+1.8.3.1
+
diff --git a/sssd.spec b/sssd.spec
index 0bd404f..fbcf7ba 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -14,7 +14,7 @@
Name: sssd
Version: 1.11.1
-Release: 4%{?dist}
+Release: 5%{?dist}
Group: Applications/System
Summary: System Security Services Daemon
License: GPLv3+
@@ -26,6 +26,7 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
Patch0001: 0001-krb5-Remove-ability-to-create-public-directories.patch
Patch0002: 0002-krb5-Fix-unit-tests.patch
Patch0003: 0003-AD-properly-intitialize-GC-from-ad_server-option.patch
+Patch0004: 0004-IPA-server-mode-properly-initialize-ext_groups.patch
Patch0601: 0601-FEDORA-LDAP-handle-SID-requests-if-noexist_delete-is-set.patch
Patch0602: 0602-FEDORA-Add-CIFS-idmap-plugin.patch
@@ -737,6 +738,9 @@ fi
%postun -n libsss_idmap -p /sbin/ldconfig
%changelog
+* Wed Oct 16 2013 Sumit Bose <sbose at redhat.com> - 1.11.1-5
+- Fix potential crash with external groups in trusted IPA-AD setup
+
* Mon Oct 14 2013 Sumit Bose <sbose at redhat.com> - 1.11.1-4
- Add plugin for cifs-utils
- Resolves: rhbz#998544
More information about the scm-commits
mailing list