On 08/22/2012 03:50 PM, Stephen Gallagher wrote:
On Wed, 2012-08-22 at 15:43 +0200, Michal Židek wrote:
https://fedorahosted.org/sssd/ticket/1365
Note: It affected not only krb5, but other providers as well.
Patch is attached.
Nack. Please do not copy-paste everywhere. This should be a function.
_______________________________________________
sssd-devel mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
New patch is attached.
>From a425a8e628530f8025bb90cecb66df0cf2192e8f Mon Sep 17 00:00:00 2001
From: Michal Zidek <[email protected]>
Date: Wed, 22 Aug 2012 15:16:26 +0200
Subject: [PATCH] Fix: IPv6 address with square brackets doesn't work.
https://fedorahosted.org/sssd/ticket/1365
---
src/providers/ad/ad_common.c | 7 +++++++
src/providers/ipa/ipa_common.c | 7 +++++++
src/providers/krb5/krb5_common.c | 15 ++++++++++++++-
src/providers/ldap/ldap_common.c | 7 +++++++
src/util/util.c | 23 +++++++++++++++++++++++
src/util/util.h | 9 +++++++++
6 files changed, 67 insertions(+), 1 deletion(-)
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
index 90cfe41..4ce6174 100644
--- a/src/providers/ad/ad_common.c
+++ b/src/providers/ad/ad_common.c
@@ -194,6 +194,13 @@ ad_servers_init(TALLOC_CTX *mem_ctx,
continue;
}
+ /* It could be ipv6 address in square brackets. Remove
+ * the brackets if needed. */
+ ret = remove_ipv6_brackets(list[i]);
+ if (ret != EOK) {
+ goto done;
+ }
+
ret = be_fo_add_server(bectx, AD_SERVICE_NAME, list[i], 0, NULL, primary);
if (ret && ret != EEXIST) {
DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to add server\n"));
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c
index 6ad6784..3aab9bd 100644
--- a/src/providers/ipa/ipa_common.c
+++ b/src/providers/ipa/ipa_common.c
@@ -847,6 +847,13 @@ errno_t ipa_servers_init(struct be_ctx *ctx,
continue;
}
+ /* It could be ipv6 address in square brackets. Remove
+ * the brackets if needed. */
+ ret = remove_ipv6_brackets(list[i]);
+ if (ret != EOK) {
+ goto done;
+ }
+
ret = be_fo_add_server(ctx, "IPA", list[i], 0, NULL, primary);
if (ret && ret != EEXIST) {
DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to add server\n"));
diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c
index bd7a302..0e96b80 100644
--- a/src/providers/krb5/krb5_common.c
+++ b/src/providers/krb5/krb5_common.c
@@ -520,7 +520,13 @@ errno_t krb5_servers_init(struct be_ctx *ctx,
continue;
}
- port_str = strrchr(server_spec, ':');
+ /* Do not try to get port number if last character is ']' */
+ if (server_spec[strlen(server_spec) - 1] != ']') {
+ port_str = strrchr(server_spec, ':');
+ } else {
+ port_str = NULL;
+ }
+
if (port_str == NULL) {
port = 0;
} else {
@@ -564,6 +570,13 @@ errno_t krb5_servers_init(struct be_ctx *ctx,
}
}
+ /* It could be ipv6 address in square brackets. Remove
+ * the brackets if needed. */
+ ret = remove_ipv6_brackets(server_spec);
+ if (ret != EOK) {
+ goto done;
+ }
+
ret = be_fo_add_server(ctx, service_name, server_spec, (int) port,
list[i], primary);
if (ret && ret != EEXIST) {
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index ce75875..c11d036 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -1185,6 +1185,13 @@ errno_t sdap_urls_init(struct be_ctx *ctx,
talloc_steal(service, list[i]);
+ /* It could be ipv6 address in square brackets. Remove
+ * the brackets if needed. */
+ ret = remove_ipv6_brackets(lud->lud_host);
+ if (ret != EOK) {
+ goto done;
+ }
+
ret = be_fo_add_server(ctx, service->name, lud->lud_host,
lud->lud_port, list[i], primary);
ldap_free_urldesc(lud);
diff --git a/src/util/util.c b/src/util/util.c
index f1aaebc..b812ef1 100644
--- a/src/util/util.c
+++ b/src/util/util.c
@@ -611,3 +611,26 @@ void to_sized_string(struct sized_string *out, const char *in)
}
}
+/* This function only removes first and last
+ * character if the first character was '['.
+ *
+ * NOTE: This means, that ipv6addr must NOT be followed
+ * by port number.
+ */
+errno_t
+remove_ipv6_brackets(char *ipv6addr)
+{
+ size_t len;
+
+ if (ipv6addr && ipv6addr[0] == '[') {
+ len = strlen(ipv6addr);
+ if (len < 3) {
+ return EINVAL;
+ }
+
+ memmove(ipv6addr, &ipv6addr[1], len - 2);
+ ipv6addr[len -2] = '\0';
+ }
+
+ return EOK;
+}
diff --git a/src/util/util.h b/src/util/util.h
index b51aebb..a23b1c2 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -513,6 +513,15 @@ errno_t sss_filter_sanitize(TALLOC_CTX *mem_ctx,
char *
sss_escape_ip_address(TALLOC_CTX *mem_ctx, int family, const char *addr);
+/* This function only removes first and last
+ * character if the first character was '['.
+ *
+ * NOTE: This means, that ipv6addr must NOT be followed
+ * by port number.
+ */
+errno_t
+remove_ipv6_brackets(char *ipv6addr);
+
/* from sss_tc_utf8.c */
char *
sss_tc_utf8_str_tolower(TALLOC_CTX *mem_ctx, const char *s);
--
1.7.11.2
_______________________________________________
sssd-devel mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
