IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
8,358 Commits 11 Branches 60 Tags
5017726ebaf6eea3dedb1325efe00c0d6c4b6187
Commit Graph

4 Commits

Author SHA1 Message Date
Martin Babinsky
782ad36639 OTP: emit a log message when LDAP entry for config record is not found 
This patch proposes a fix to the following defect found by covscan of FreeIPA
master code:

"""
Error: CHECKED_RETURN (CWE-252):
/daemons/ipa-slapi-plugins/libotp/otp_config.c:239: check_return: Calling
"slapi_search_internal_get_entry" without checking return value (as is done
elsewhere 14 out of 16 times).
/daemons/ipa-slapi-plugins/ipa-enrollment/ipa_enrollment.c:402:
example_checked: Example 1: "slapi_search_internal_get_entry(sdn, NULL,
&config_entry, ipaenrollment_plugin_id)" has its value checked in "(rc =
slapi_search_internal_get_entry(sdn, NULL, &config_entry,
ipaenrollment_plugin_id)) != 0".
/daemons/ipa-slapi-plugins/ipa-lockout/ipa_lockout.c:207: example_assign:
Example 2: Assigning: "ret" = return value from
"slapi_search_internal_get_entry(sdn, NULL, &config_entry, getPluginID())".
/daemons/ipa-slapi-plugins/ipa-lockout/ipa_lockout.c:212: example_checked:
Example 2 (cont.): "ret" has its value checked in "ret".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c:651: example_assign: Example
3: Assigning: "search_result" = return value from
"slapi_search_internal_get_entry(sdn, attrlist, e2, ipapwd_plugin_id)".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c:653: example_checked:
Example 3 (cont.): "search_result" has its value checked in "search_result !=
0".  /daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c:1035: example_assign:
Example 4: Assigning: "ret" = return value from
"slapi_search_internal_get_entry(tmp_dn, NULL, &pwdop->pwdata.target,
ipapwd_plugin_id)".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c:1039:
example_checked: Example 4 (cont.): "ret" has its value checked in "ret != 0".
/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c:817: example_assign: Example 5:
Assigning: "ret" = return value from "slapi_search_internal_get_entry(tmp_dn,
NULL, &e, getPluginID())".
/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c:820: example_checked: Example 5
(cont.): "ret" has its value checked in "ret == 10".
"""

The patch is a part of series related to
https://fedorahosted.org/freeipa/ticket/4795

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2015-01-30 11:02:16 +01:00
Nathaniel McCallum
953c6846b7 Move authentication configuration cache into libotp 
This enables plugins to share authentication configuration cache code.

Additionally, update the caching mechanism to be declarative and faster.

Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>
 2014-12-03 08:48:56 +01:00
Nathaniel McCallum
bdccb0c721 Preliminary refactoring of libotp files 
There are no major changes in this commit other than changing filenames
and symbols to have consistent namespaces. This prepares for larger
changes to come in subsequent commits.

Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>
 2014-12-03 08:48:56 +01:00
Nathaniel McCallum
93d99c92b3 Add libotp internal library for slapi plugins 
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2014-02-14 16:03:25 +01:00