IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use libunistring ulc_casecmp() on unicode strings

Browse Source 
https://fedorahosted.org/freeipa/ticket/3772
This commit is contained in:
Nathaniel McCallum
2013-07-16 11:47:27 -04:00
committed by Martin Kosek
parent e95a7b1b8d
commit 6c0b7f3389
6 changed files with 37 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
daemons/ipa-kdb/Makefile.am
View File

@@ -50,6 +50,7 @@ ipadb_la_LIBADD = \
$(KRB5_LIBS) \
$(LDAP_LIBS) \
$(NDRPAC_LIBS) \
$(UNISTRING_LIBS) \
$(NULL)
if HAVE_CHECK

2
daemons/ipa-kdb/ipa_kdb.h
View File

@@ -158,7 +158,7 @@ int ipadb_ldap_attr_to_krb5_timestamp(LDAP *lcontext, LDAPMessage *le,
char *attrname, krb5_timestamp *result);
int ipadb_ldap_attr_has_value(LDAP *lcontext, LDAPMessage *le,
char *attrname, char *value);
char *attrname, const char *value);
int ipadb_ldap_deref_results(LDAP *lcontext, LDAPMessage *le,
LDAPDerefRes **results);

15
daemons/ipa-kdb/ipa_kdb_common.c
View File

@@ -21,6 +21,7 @@
*/
#include "ipa_kdb.h"
#include <unicase.h>
static struct timeval std_timeout = {300, 0};
@@ -518,20 +519,28 @@ int ipadb_ldap_attr_to_krb5_timestamp(LDAP *lcontext, LDAPMessage *le,
}
int ipadb_ldap_attr_has_value(LDAP *lcontext, LDAPMessage *le,
char *attrname, char *value)
char *attrname, const char *value)
{
struct berval **vals;
int ret = ENOENT;
int i;
int i, result;
vals = ldap_get_values_len(lcontext, le, attrname);
if (vals) {
for (i = 0; vals[i]; i++) {
if (strcasecmp(vals[i]->bv_val, value) == 0) {
if (ulc_casecmp(vals[i]->bv_val, vals[i]->bv_len,
value, strlen(value),
NULL, NULL, &result) != 0) {
ret = errno;
break;
}
if (result == 0) {
ret = 0;
break;
}
}
ldap_value_free_len(vals);
}

15
daemons/ipa-kdb/ipa_kdb_principals.c
View File

@@ -21,6 +21,7 @@
*/
#include "ipa_kdb.h"
#include <unicase.h>
/*
* During TGS request search by ipaKrbPrincipalName (case-insensitive)
@@ -614,7 +615,7 @@ static krb5_error_code ipadb_find_principal(krb5_context kcontext,
bool found = false;
LDAPMessage *le = NULL;
struct berval **vals;
int i;
int i, result;
ipactx = ipadb_get_context(kcontext);
if (!ipactx) {
@@ -643,7 +644,11 @@ static krb5_error_code ipadb_find_principal(krb5_context kcontext,
/* KDC will accept aliases when doing TGT lookup (ref_tgt_again in do_tgs_req.c */
/* Use case-insensitive comparison in such cases */
if ((flags & KRB5_KDB_FLAG_ALIAS_OK) != 0) {
found = (strcasecmp(vals[i]->bv_val, (*principal)) == 0);
if (ulc_casecmp(vals[i]->bv_val, vals[i]->bv_len,
(*principal), strlen(*principal),
NULL, NULL, &result) != 0)
return KRB5_KDB_INTERNAL_ERROR;
found = (result == 0);
} else {
found = (strcmp(vals[i]->bv_val, (*principal)) == 0);
}
@@ -663,7 +668,11 @@ static krb5_error_code ipadb_find_principal(krb5_context kcontext,
/* Again, if aliases are accepted by KDC, use case-insensitive comparison */
if ((flags & KRB5_KDB_FLAG_ALIAS_OK) != 0) {
found = (strcasecmp(vals[0]->bv_val, (*principal)) == 0);
if (ulc_casecmp(vals[0]->bv_val, vals[0]->bv_len,
(*principal), strlen(*principal),
NULL, NULL, &result) != 0)
return KRB5_KDB_INTERNAL_ERROR;
found = (result == 0);
} else {
found = (strcmp(vals[0]->bv_val, (*principal)) == 0);
}