[SSSD] [sssd PR#35][opened] sss_cache: improve option argument handling

[justin-stephenson]

   URL: https://github.com/SSSD/sssd/pull/35
Author: justin-stephenson
 Title: #35: sss_cache: improve option argument handling
Action: opened

PR body:
"""
Print informational message and exit when multiple arguments are
provided for single-argument options with sss_cache

Resolves:
https://fedorahosted.org/sssd/ticket/3180
"""

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/35/head:pr35
git checkout pr35
From 022987bfb0677fcede0f159381803c0a9cd59249 Mon Sep 17 00:00:00 2001
From: Justin Stephenson 
Date: Thu, 29 Sep 2016 11:17:20 -0400
Subject: [PATCH] sss_cache: improve option argument handling

Print informational message and exit when multiple arguments are
provided for single-argument options with sss_cache

Resolves:
https://fedorahosted.org/sssd/ticket/3180
---
 src/man/sss_cache.8.xml | 3 ++-
 src/tools/sss_cache.c   | 8 
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/man/sss_cache.8.xml b/src/man/sss_cache.8.xml
index 3b0f788..221c0a8 100644
--- a/src/man/sss_cache.8.xml
+++ b/src/man/sss_cache.8.xml
@@ -30,7 +30,8 @@
 
 sss_cache invalidates records in SSSD cache.
 Invalidated records are forced to be reloaded from server as soon
-as related SSSD backend is online.
+as related SSSD backend is online. Options that invalidate a single
+object only accept a single provided argument.
 
 
 
diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c
index 8b78b29..f1d0893 100644
--- a/src/tools/sss_cache.c
+++ b/src/tools/sss_cache.c
@@ -745,6 +745,14 @@ static errno_t init_context(int argc, const char *argv[],
 BAD_POPT_PARAMS(pc, poptStrerror(ret), ret, fini);
 }
 
+if (poptGetArg(pc)) {
+BAD_POPT_PARAMS(pc,
+_("Unexpected argument(s) provided, options that "
+  "invalidate a single object only accept a single "
+  "provided argument.\n"),
+  ret, fini);
+}
+
 if (idb == INVALIDATE_NONE && !values.user && !values.group &&
 !values.netgroup && !values.service && !values.map &&
 !values.ssh_host && !values.sudo_rule) {
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#35][comment] sss_cache: improve option argument handling

[centos-ci]

  URL: https://github.com/SSSD/sssd/pull/35
Title: #35: sss_cache: improve option argument handling

centos-ci commented:
"""
Can one of the admins verify this patch?
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/35#issuecomment-250523122
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#35][comment] sss_cache: improve option argument handling

[centos-ci]

  URL: https://github.com/SSSD/sssd/pull/35
Title: #35: sss_cache: improve option argument handling

centos-ci commented:
"""
Can one of the admins verify this patch?
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/35#issuecomment-250523120
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#33][comment] SECRETS: Some small misc fixes + fixing #3168

[fidencio]

  URL: https://github.com/SSSD/sssd/pull/33
Title: #33: SECRETS: Some small misc fixes + fixing #3168

fidencio commented:
"""
So, I've pushed a new version of the patches and I tried to address all 
comments made, but the one adding a debug message in case of failure on  
local_db_check_containers_nested_level(). IMO would be better to add the debug 
messages within Jakub's patches (and I can provide you a patch, that you can 
squash to yours, @jhrozek).

In this new series I don't have the work done for #3138 applied. As it will 
need some changes I think is just better having these patches pushed ASAP and 
then, later on, re-work the patches for #3138.

Also worth to mention that this series fixes #3207 as well.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/33#issuecomment-250598629
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#24][comment] MAN: Add a manpage for the sssd-secrets responder

[fidencio]

  URL: https://github.com/SSSD/sssd/pull/24
Title: #24: MAN: Add a manpage for the sssd-secrets responder

fidencio commented:
"""
I'm using libcurl 7.47 on F24 and I have no problem using a full URL as 
described in the examples.
So, I'm giving an ACK to the patch. In case of any issue (which doesn't seem to 
be the case), it can be fixed later on.

@jhrozek, please, feel free to push this patch.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/24#issuecomment-250603929
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#24][+Accepted] MAN: Add a manpage for the sssd-secrets responder

[fidencio]

  URL: https://github.com/SSSD/sssd/pull/24
Title: #24: MAN: Add a manpage for the sssd-secrets responder

Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#24][comment] MAN: Add a manpage for the sssd-secrets responder

[fidencio]

  URL: https://github.com/SSSD/sssd/pull/24
Title: #24: MAN: Add a manpage for the sssd-secrets responder

fidencio commented:
"""
I'm using curl 7.47 on F24 and I have no problem using a full URL as described 
in the examples.
So, I'm giving an ACK to the patch. In case of any issue (which doesn't seem to 
be the case), it can be fixed later on.

@jhrozek, please, feel free to push this patch.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/24#issuecomment-250603929
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#33][synchronized] SECRETS: Some small misc fixes + fixing #3168

[fidencio]

   URL: https://github.com/SSSD/sssd/pull/33
Author: fidencio
 Title: #33: SECRETS: Some small misc fixes + fixing #3168
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/33/head:pr33
git checkout pr33
From bc16e9d251916291056625f03781e996880494d7 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek 
Date: Mon, 8 Aug 2016 17:48:51 +0200
Subject: [PATCH 1/7] MAN: sssd-secrets documentation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Documents the API and the purpose of the sssd-secrets responder.

Resolves:
https://fedorahosted.org/sssd/ticket/3053

Acked-by: Fabiano Fidêncio 
---
 contrib/sssd.spec.in |   1 +
 src/man/Makefile.am  |   9 +-
 src/man/po/po4a.cfg  |   1 +
 src/man/sssd-secrets.5.xml   | 446 +++
 src/sysv/systemd/sssd-secrets.service.in |   1 +
 src/sysv/systemd/sssd-secrets.socket.in  |   1 +
 6 files changed, 458 insertions(+), 1 deletion(-)
 create mode 100644 src/man/sssd-secrets.5.xml

diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index a0937d5..40e4454 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -868,6 +868,7 @@ done
 %{_mandir}/man5/sssd.conf.5*
 %{_mandir}/man5/sssd-simple.5*
 %{_mandir}/man5/sssd-sudo.5*
+%{_mandir}/man5/sssd-secrets.5*
 %{_mandir}/man5/sss_rpcidmapd.5*
 %{_mandir}/man8/sssd.8*
 %{_mandir}/man8/sss_cache.8*
diff --git a/src/man/Makefile.am b/src/man/Makefile.am
index cd23b02..5e41d3a 100644
--- a/src/man/Makefile.am
+++ b/src/man/Makefile.am
@@ -24,12 +24,15 @@ endif
 if BUILD_IFP
 IFP_CONDS = ;with_ifp
 endif
+if BUILD_SECRETS
+SEC_CONDS = ;with_secrets
+endif
 if GPO_DEFAULT_ENFORCING
 GPO_CONDS = ;gpo_default_enforcing
 else
 GPO_CONDS = ;gpo_default_permissive
 endif
-CONDS = with_false$(SUDO_CONDS)$(AUTOFS_CONDS)$(SSH_CONDS)$(PAC_RESPONDER_CONDS)$(IFP_CONDS)$(GPO_CONDS)
+CONDS = with_false$(SUDO_CONDS)$(AUTOFS_CONDS)$(SSH_CONDS)$(PAC_RESPONDER_CONDS)$(IFP_CONDS)$(GPO_CONDS)$(SEC_CONDS)
 
 
 #Special Rules:
@@ -70,6 +73,10 @@ if BUILD_IFP
 man_MANS += sssd-ifp.5
 endif
 
+if BUILD_SECRETS
+man_MANS += sssd-secrets.5
+endif
+
 if BUILD_NFS_IDMAP
 man_MANS += sss_rpcidmapd.5
 endif
diff --git a/src/man/po/po4a.cfg b/src/man/po/po4a.cfg
index 0dcc802..515c1c3 100644
--- a/src/man/po/po4a.cfg
+++ b/src/man/po/po4a.cfg
@@ -28,6 +28,7 @@
 [type:docbook] sss_ssh_knownhostsproxy.1.xml $lang:$(builddir)/$lang/sss_ssh_knownhostsproxy.1.xml
 [type:docbook] idmap_sss.8.xml $lang:$(builddir)/$lang/idmap_sss.8.xml
 [type:docbook] sssctl.8.xml $lang:$(builddir)/$lang/sssctl.8.xml
+[type:docbook] sssd-secrets.5.xml $lang:$(builddir)/$lang/sssd-secrets.5.xml
 [type:docbook] include/service_discovery.xml $lang:$(builddir)/$lang/include/service_discovery.xml opt:"-k 0"
 [type:docbook] include/upstream.xml $lang:$(builddir)/$lang/include/upstream.xml opt:"-k 0"
 [type:docbook] include/failover.xml $lang:$(builddir)/$lang/include/failover.xml opt:"-k 0"
diff --git a/src/man/sssd-secrets.5.xml b/src/man/sssd-secrets.5.xml
new file mode 100644
index 000..71a79f5
--- /dev/null
+++ b/src/man/sssd-secrets.5.xml
@@ -0,0 +1,446 @@
+
+http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd;>
+
+SSSD Manual pages
+
+http://www.w3.org/2001/XInclude; href="include/upstream.xml" />
+
+
+sssd-secrets
+5
+File Formats and Conventions
+
+
+
+sssd-secrets
+SSSD Secrets responder
+
+
+
+DESCRIPTION
+
+This manual page describes the configuration of the Secrets responder
+for
+
+sssd
+8
+.
+For a detailed syntax reference, refer to the FILE FORMAT section of the
+
+sssd.conf
+5
+ manual page.
+
+
+ Many system and user applications need to store private
+ information such as passwords or service keys and have no good
+ way to properly deal with them. The simple approach is to embed
+ these secrets into configuration files
+ potentially ending up exposing sensitive key material to
+ backups, config management system and in general making it
+ harder to secure data.
+ 
+ 
+ The https://github.com/latchset/custodia;>custodia
+ project was born to deal with this problem in cloud like
+ environments, but we found the idea compelling even at a
+ single system level. As a security service, SSSD is ideal to
+ host this capability while offering the same API via a Unix
+ Socket. This will make it possible to use local calls and have
+ them transparently routed to a local or a remote key management
+  

[SSSD] [sssd PR#33][-Changes requested] SECRETS: Some small misc fixes + fixing #3168

[fidencio]

  URL: https://github.com/SSSD/sssd/pull/33
Title: #33: SECRETS: Some small misc fixes + fixing #3168

Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] Re: [PATCH ding-libs] Extend API to const key for clients that don't need to modify their keys

[Philip Prindeville]

Is there a ding-libs website?

I wanted to subscribe to the mailing list and read the archives but 
fedorahosted.org only seems to point to the git repo… nothing about a ding-libs 
general website, etc.


> On Sep 29, 2016, at 4:50 AM, Michal Židek  wrote:
> 
> Moving this to sssd-devel list. So that other
> developers can see the patch and review process.
> 
> I will start the review after today's meeting.
> 
> Michal
> 
> (Lukas, Stephen, I put you two to CC only because you
> were also original recipients of the mail, I will not
> CC you further)
> 
> On 09/28/2016 03:00 AM, Philip Prindeville wrote:
>> From: Philip Prindeville 
>> 
>> Add c_str as a "const char *" to the hash_key_t.
>> 
>> ---
>>  dhash/dhash.c   | 35 ++-
>>  dhash/dhash.h   |  4 +++-
>>  dhash/examples/dhash_test.c |  3 +++
>>  3 files changed, 36 insertions(+), 6 deletions(-)
>> 
>> diff --git a/dhash/dhash.c b/dhash/dhash.c
>> index 45ee0cf..5f9f631 100644
>> --- a/dhash/dhash.c
>> +++ b/dhash/dhash.c
>> @@ -44,6 +44,7 @@
>>  #include 
>>  #include 
>>  #include 
>> +#include 
>>  #include 
>>  #include "dhash.h"
>> 
>> @@ -70,6 +71,9 @@
>>  } \
>>  } while(0)
>> 
>> +#define discard_const(ptr) ((void *)((intptr_t)(ptr)))
>> +#define discard_const_p(type, ptr) ((type *)discard_const(ptr))
>> +
>>  
>> /*/
>>  /** Internal Type Definitions 
>> /
>>  
>> /*/
>> @@ -176,7 +180,7 @@ static void sys_free_wrapper(void *ptr, void *pvt)
>>  static address_t convert_key(hash_key_t *key)
>>  {
>>  address_t h;
>> -unsigned char *k;
>> +const unsigned char *k;
>> 
>>  switch(key->type) {
>>  case HASH_KEY_ULONG:
>> @@ -184,7 +188,12 @@ static address_t convert_key(hash_key_t *key)
>>  break;
>>  case HASH_KEY_STRING:
>>  /* Convert string to integer */
>> -for (h = 0, k = (unsigned char *) key->str; *k; k++)
>> +for (h = 0, k = (const unsigned char *) key->str; *k; k++)
>> +h = h * PRIME_1 ^ (*k - ' ');
>> +break;
>> +case HASH_KEY_CONST_STRING:
>> +/* Convert string to integer */
>> +for (h = 0, k = (const unsigned char *) key->c_str; *k; k++)
>>  h = h * PRIME_1 ^ (*k - ' ');
>>  break;
>>  default:
>> @@ -212,6 +221,7 @@ static bool is_valid_key_type(hash_key_enum key_type)
>>  switch(key_type) {
>>  case HASH_KEY_ULONG:
>>  case HASH_KEY_STRING:
>> +case HASH_KEY_CONST_STRING:
>>  return true;
>>  default:
>>  return false;
>> @@ -244,6 +254,8 @@ static bool key_equal(hash_key_t *a, hash_key_t *b)
>>  return (a->ul == b->ul);
>>  case HASH_KEY_STRING:
>>  return (strcmp(a->str, b->str) == 0);
>> +case HASH_KEY_CONST_STRING:
>> +return (strcmp(a->c_str, b->c_str) == 0);
>>  }
>>  return false;
>>  }
>> @@ -671,7 +683,9 @@ int hash_destroy(hash_table_t *table)
>>  q = p->next;
>>  hdelete_callback(table, HASH_TABLE_DESTROY, 
>> >entry);
>>  if (p->entry.key.type == HASH_KEY_STRING) {
>> -hfree(table, (char *)p->entry.key.str);
>> +hfree(table, p->entry.key.str);
>> +} else if (p->entry.key.type == 
>> HASH_KEY_CONST_STRING) {
>> +hfree(table, 
>> discard_const(p->entry.key.c_str));
>>  }
>>  hfree(table, (char *)p);
>>  p = q;
>> @@ -978,7 +992,16 @@ int hash_enter(hash_table_t *table, hash_key_t *key, 
>> hash_value_t *value)
>>  hfree(table, element);
>>  return HASH_ERROR_NO_MEMORY;
>>  }
>> -memcpy((void *)element->entry.key.str, key->str, len);
>> +memcpy(element->entry.key.str, key->str, len);
>> +break;
>> +case HASH_KEY_CONST_STRING:
>> +len = strlen(key->c_str)+1;
>> +element->entry.key.c_str = halloc(table, len);
>> +if (element->entry.key.c_str == NULL) {
>> +hfree(table, element);
>> +return HASH_ERROR_NO_MEMORY;
>> +}
>> +memcpy(discard_const(element->entry.key.c_str), key->c_str, 
>> len);
>>  break;
>>  }
>> 
>> @@ -1071,7 +1094,9 @@ int hash_delete(hash_table_t *table, hash_key_t *key)
>>  }
>>  }
>>  if (element->entry.key.type == HASH_KEY_STRING) {
>> -hfree(table, (char *)element->entry.key.str);
>> +hfree(table, element->entry.key.str);
>> +} else if (element->entry.key.type == 

[SSSD] Re: [RFC] Use GNULIB's compiler warning code

[Jakub Hrozek]

On Tue, Sep 27, 2016 at 12:06:32AM +0200, Lukas Slebodnik wrote:
> On (26/09/16 23:32), Fabiano Fidêncio wrote:
> >On Mon, Sep 26, 2016 at 9:58 PM, Lukas Slebodnik  wrote:
> >> On (26/09/16 21:47), Fabiano Fidêncio wrote:
> >>>On Mon, Sep 26, 2016 at 9:26 PM, Lukas Slebodnik  
> >>>wrote:
>  On (26/09/16 12:14), Fabiano Fidêncio wrote:
> >Jakub,
> >
> >On Mon, Sep 26, 2016 at 11:35 AM, Jakub Hrozek  
> >wrote:
> >> On Mon, Sep 05, 2016 at 03:39:19PM +0200, Fabiano Fidêncio wrote:
> >>> On Thu, Aug 11, 2016 at 2:33 PM, Fabiano Fidêncio 
> >>>  wrote:
> >>> > Howdy!
> >>> >
> >>> > I've suggested, a long time ago, that we could start making use of
> >>> > GNULIB's compiler warnings from 'manywarnings' module. This is
> >>> > basically what we have been doing in a few projects that I (used to
> >>> > and still) maintain (like spice-gtk and libosinfo, for instance).
> >>> >
> >>> > For now I didn't try to fix any of the warnings that we cannot cope
> >>> > with, mainly because I'm not sure whether you guys will agree on 
> >>> > using
> >>> > it or not.
> >>> >
> >>> > Here is an experimental patch that works properly on Fedora 24. I
> >>> > still have to make some tests on RHEL-6, RHEL-7 and a few other
> >>> > systems (Debian, at least) in order to make sure that we won't break
> >>> > the build because of the patch.
> >>> >
> >>> > If you are okay with the change, I'll start going through the 
> >>> > warnings
> >>> > that we cannot cope with and slowly start fixing them. Although, I
> >>> > have the feeling that fixing some of them would cause a lot of
> >>> > undesired changes, which will just bring troubles for ourselves when
> >>> > backporting fixes downstream (and here I'm talking about
> >>> > -Wformat-signedess, -Wsign-compare, -Wunused-parameter, ... for
> >>> > instance).
> >>> >
> >>> > I'm looking forward to hear some feedback!
> >>> >
> >>> > Best Regards,
> >>> > --
> >>> > Fabiano Fidêncio
> >>>
> >>> ping?
> >>
> >> I'm sorry this patch totally stalled.
> >>
> >> In general I'm all for adding more checks and let a machine help us
> >> write safer code. I'm not sure if adding all warnings on all platforms
> >> will ever be possible, though. For example, there was a warning in
> >> krb5_child because an old libkrb5 release used a "char *" parameter
> >> where a "const char *" was more appropriate and we said we'd never fix
> >> this because a newer version fixed the API (or used a different
> >> function? Not sure..)
> >>
> >> But I wonder how to move this patch forward the best. Are there any
> >> warnings that you think are more important to enable than others?
> >>
> >> What about enabling a single warning, then running SSSD build and
> >> creating a ticket with the warnings (running make 1 >> a
> >> good way to start..). Then we can see what needs fixing in SSSD for 
> >> each
> >> of the additional warnings or if we decide this is not worth our time,
> >> we can either close or defer that ticket.
> >>
> >> These tickets might also be a good way for a newcomer to contribute 
> >> some
> >> code to SSSD!
> >
> >So, general comments here.
> >
> >We have a list of the current warnings that we cannot deal with in
> >src/sssd-compile-warnings.m4. From this list we can, already, have a
> >good idea about what is worth to fix or not.
> >
> >About the idea to try to build SSSD ... well, it can be done.
> >I'll take some time later on and prepare a bug for each of the
> >warnings that we can't cope with and them we can discuss there whether
> >would make sense to fix those or not.
> >
>  Here are few of my observation.
>  The patch added 255 new configure time checks.
> 
>  The configure tooks 5 extra seconds in my case (everything in ram-disk).
>  But in our CI machines it added +20 seconds in average.
>  The configure scriot is execute 5 times in our CI-script
>  (debug build, distcheck, intgcheck, mock, coverage build)
> 
>  In Summary, the patch would add unnecessary 100 seconds.
> 
>  I would prefer if all compile time warnings were part of AM_CFLAGS
>  and we shoul add compile time checks only for warnings which are 
>  supported by
>  new compilers or are supported only by gcc or only by clang.
> >>>
> >>>I'm completely fine dropping the patch.
> >>>
> >> I am not against patch.
> >> I want enabling warnings But I would prefer more efficient
> >> version if possible.
> >> Reducing 255 configure time checks to 25 could be reasonable IMHO.
> >> The extra time overhead at configure time would be reasonable.
> >>
> >> e.g. We could enable warning 

[SSSD] Re: [PATCH ding-libs] Extend API to const key for clients that don't need to modify their keys

[Michal Židek]

Moving this to sssd-devel list. So that other
developers can see the patch and review process.

I will start the review after today's meeting.

Michal

(Lukas, Stephen, I put you two to CC only because you
were also original recipients of the mail, I will not
CC you further)

On 09/28/2016 03:00 AM, Philip Prindeville wrote:

From: Philip Prindeville 

Add c_str as a "const char *" to the hash_key_t.

---
  dhash/dhash.c   | 35 ++-
  dhash/dhash.h   |  4 +++-
  dhash/examples/dhash_test.c |  3 +++
  3 files changed, 36 insertions(+), 6 deletions(-)

diff --git a/dhash/dhash.c b/dhash/dhash.c
index 45ee0cf..5f9f631 100644
--- a/dhash/dhash.c
+++ b/dhash/dhash.c
@@ -44,6 +44,7 @@
  #include 
  #include 
  #include 
+#include 
  #include 
  #include "dhash.h"

@@ -70,6 +71,9 @@
  } \
  } while(0)

+#define discard_const(ptr) ((void *)((intptr_t)(ptr)))
+#define discard_const_p(type, ptr) ((type *)discard_const(ptr))
+
  
/*/
  /** Internal Type Definitions 
/
  
/*/
@@ -176,7 +180,7 @@ static void sys_free_wrapper(void *ptr, void *pvt)
  static address_t convert_key(hash_key_t *key)
  {
  address_t h;
-unsigned char *k;
+const unsigned char *k;

  switch(key->type) {
  case HASH_KEY_ULONG:
@@ -184,7 +188,12 @@ static address_t convert_key(hash_key_t *key)
  break;
  case HASH_KEY_STRING:
  /* Convert string to integer */
-for (h = 0, k = (unsigned char *) key->str; *k; k++)
+for (h = 0, k = (const unsigned char *) key->str; *k; k++)
+h = h * PRIME_1 ^ (*k - ' ');
+break;
+case HASH_KEY_CONST_STRING:
+/* Convert string to integer */
+for (h = 0, k = (const unsigned char *) key->c_str; *k; k++)
  h = h * PRIME_1 ^ (*k - ' ');
  break;
  default:
@@ -212,6 +221,7 @@ static bool is_valid_key_type(hash_key_enum key_type)
  switch(key_type) {
  case HASH_KEY_ULONG:
  case HASH_KEY_STRING:
+case HASH_KEY_CONST_STRING:
  return true;
  default:
  return false;
@@ -244,6 +254,8 @@ static bool key_equal(hash_key_t *a, hash_key_t *b)
  return (a->ul == b->ul);
  case HASH_KEY_STRING:
  return (strcmp(a->str, b->str) == 0);
+case HASH_KEY_CONST_STRING:
+return (strcmp(a->c_str, b->c_str) == 0);
  }
  return false;
  }
@@ -671,7 +683,9 @@ int hash_destroy(hash_table_t *table)
  q = p->next;
  hdelete_callback(table, HASH_TABLE_DESTROY, 
>entry);
  if (p->entry.key.type == HASH_KEY_STRING) {
-hfree(table, (char *)p->entry.key.str);
+hfree(table, p->entry.key.str);
+} else if (p->entry.key.type == 
HASH_KEY_CONST_STRING) {
+hfree(table, 
discard_const(p->entry.key.c_str));
  }
  hfree(table, (char *)p);
  p = q;
@@ -978,7 +992,16 @@ int hash_enter(hash_table_t *table, hash_key_t *key, 
hash_value_t *value)
  hfree(table, element);
  return HASH_ERROR_NO_MEMORY;
  }
-memcpy((void *)element->entry.key.str, key->str, len);
+memcpy(element->entry.key.str, key->str, len);
+break;
+case HASH_KEY_CONST_STRING:
+len = strlen(key->c_str)+1;
+element->entry.key.c_str = halloc(table, len);
+if (element->entry.key.c_str == NULL) {
+hfree(table, element);
+return HASH_ERROR_NO_MEMORY;
+}
+memcpy(discard_const(element->entry.key.c_str), key->c_str, len);
  break;
  }

@@ -1071,7 +1094,9 @@ int hash_delete(hash_table_t *table, hash_key_t *key)
  }
  }
  if (element->entry.key.type == HASH_KEY_STRING) {
-hfree(table, (char *)element->entry.key.str);
+hfree(table, element->entry.key.str);
+} else if (element->entry.key.type == HASH_KEY_CONST_STRING) {
+hfree(table, discard_const(element->entry.key.c_str));
  }
  hfree(table, element);
  return HASH_SUCCESS;
diff --git a/dhash/dhash.h b/dhash/dhash.h
index baa0d6a..c36ab79 100644
--- a/dhash/dhash.h
+++ b/dhash/dhash.h
@@ -112,7 +112,8 @@ typedef struct hash_table_str hash_table_t;

  typedef enum {
  HASH_KEY_STRING,
-HASH_KEY_ULONG
+HASH_KEY_ULONG,
+HASH_KEY_CONST_STRING
  } hash_key_enum;

  typedef enum
@@ -137,6 +138,7 @@ typedef struct hash_key_t {
  hash_key_enum type;
  union {
  char *str;
+

[SSSD] [sssd PR#33][comment] SECRETS: Some small misc fixes + fixing #3168

[fidencio]

  URL: https://github.com/SSSD/sssd/pull/33
Title: #33: SECRETS: Some small misc fixes + fixing #3168

fidencio commented:
"""
And CI has passed: http://sssd-ci.duckdns.org/logs/job/54/46/summary.html
Although, github complains that all checks have failed for some reason.

"""

See the full comment at 
https://github.com/SSSD/sssd/pull/33#issuecomment-250607725
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org