From patchwork Wed Mar 26 09:48:39 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Siddhesh Poyarekar X-Patchwork-Id: 333806 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 6472A140088 for ; Wed, 26 Mar 2014 20:48:14 +1100 (EST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:mime-version :content-type; q=dns; s=default; b=Dvmt731qvSI7qkoiyIcoYEJeslJta iQBtQJQCJKJNJyQTuaTiicA0Pre3oL5b25hu7drsliQocLkLszqpBiywt0liqOtl e1ooWUpN5T3iPHKv8Nei8SpCvXl0mWgCrX6FGKSGsBz4QwUmbWRJGuvuPM4G/yt5 5v2ouRNgjamA7M= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:mime-version :content-type; s=default; bh=R333cvIo9Tv5vBJFc+es4NZhTg8=; b=tLS UBz2AQ4nwmh3vgDkhHZbvaE6lwZlvAkIm3UpXhYNdsc6LAZUdX+OUnF2NUX1dzLf w357QvcxPqRRj5+h/9zPYt5oAJGvjOhns/5+qwOSZBJ+IfpeV0q/MX2HG0gImMoE Lx0TGU41MeV0wCwHxoDjk4Ai5Aw/d+V8Vp6LR2MA= Received: (qmail 18782 invoked by alias); 26 Mar 2014 09:48:08 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 18770 invoked by uid 89); 26 Mar 2014 09:48:08 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-3.9 required=5.0 tests=AWL, BAYES_00, RP_MATCHES_RCVD, SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Date: Wed, 26 Mar 2014 15:18:39 +0530 From: Siddhesh Poyarekar To: libc-alpha@sourceware.org Subject: [PATCH] Fix nscd lookup for innetgr when netgroup has wildcards (BZ #16758) Message-ID: <20140326094838.GA9707@spoyarek.pnq.redhat.com> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.22.1-rc1 (2013-10-16) nscd works correctly when the request in innetgr is a wildcard, i.e. when one or more of host, user or domain parameters is NULL. However, it does not work when the the triplet in the netgroup definition has a wildcard. This is easy to reproduce for a triplet defined as follows: foonet (,foo,) Here, an innetgr call that looks like this: innetgr ("foonet", "foohost", "foo", NULL); should succeed and so should: innetgr ("foonet", NULL, "foo", "foodomain"); It does succeed with nscd disabled, but not with nscd enabled. This fix adds this additional check for all three parts of the triplet so that it gives the correct result. Tested on x86_64. Siddhesh [BZ #16758] * nscd/netgroupcache.c (addinnetgrX): Succeed if triplet has blank values. --- nscd/netgroupcache.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c index 5ba1e1f..5d15aa4 100644 --- a/nscd/netgroupcache.c +++ b/nscd/netgroupcache.c @@ -560,15 +560,19 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, { bool success = true; - if (host != NULL) + /* For the host, user and domain in each triplet, we assume success + if the value is blank because that is how the wildcard entry to + match anything is stored in the netgroup cache. */ + if (host != NULL && *triplets != '\0') success = strcmp (host, triplets) == 0; triplets = (const char *) rawmemchr (triplets, '\0') + 1; - if (success && user != NULL) + if (success && user != NULL && *triplets != '\0') success = strcmp (user, triplets) == 0; triplets = (const char *) rawmemchr (triplets, '\0') + 1; - if (success && (domain == NULL || strcmp (domain, triplets) == 0)) + if (success && (domain == NULL || *triplets == '\0' + || strcmp (domain, triplets) == 0)) { dataset->resp.result = 1; break;