diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/providers/krb5/krb5_utils.c | 45 | ||||
| -rw-r--r-- | src/tests/krb5_utils-tests.c | 30 |
2 files changed, 45 insertions, 30 deletions
diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c index df789215..6bf1cf61 100644 --- a/src/providers/krb5/krb5_utils.c +++ b/src/providers/krb5/krb5_utils.c @@ -157,24 +157,14 @@ done: return ret; } -#define S_EXP_TEMP "{TEMP}" -#define L_EXP_TEMP (sizeof(S_EXP_TEMP) - 1) #define S_EXP_UID "{uid}" #define L_EXP_UID (sizeof(S_EXP_UID) - 1) #define S_EXP_USERID "{USERID}" #define L_EXP_USERID (sizeof(S_EXP_USERID) - 1) #define S_EXP_EUID "{euid}" #define L_EXP_EUID (sizeof(S_EXP_EUID) - 1) -#define S_EXP_NULL "{null}" -#define L_EXP_NULL (sizeof(S_EXP_NULL) - 1) #define S_EXP_USERNAME "{username}" #define L_EXP_USERNAME (sizeof(S_EXP_USERNAME) - 1) -#define S_EXP_LIBDIR "{LIBDIR}" -#define L_EXP_LIBDIR (sizeof(S_EXP_LIBDIR) - 1) -#define S_EXP_BINDIR "{BINDIR}" -#define L_EXP_BINDIR (sizeof(S_EXP_BINDIR) - 1) -#define S_EXP_SBINDIR "{SBINDIR}" -#define L_EXP_SBINDIR (sizeof(S_EXP_SBINDIR) - 1) char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, const char *template, bool file_mode, @@ -325,11 +315,7 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, /* Additional syntax from krb5.conf default_ccache_name */ case '{': - if (strncmp(n, S_EXP_TEMP, L_EXP_TEMP) == 0) { - /* let the libkrb5 library resolve this */ - result = talloc_asprintf_append(result, "%%"S_EXP_TEMP); - n += L_EXP_TEMP - 1; - } else if (strncmp(n , S_EXP_UID, L_EXP_UID) == 0) { + if (strncmp(n , S_EXP_UID, L_EXP_UID) == 0) { action = 'U'; n += L_EXP_UID - 1; rerun = true; @@ -346,26 +332,25 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, n += L_EXP_EUID - 1; rerun = true; continue; - } else if (strncmp(n , S_EXP_NULL, L_EXP_NULL) == 0) { - /* skip immediately */ - n += L_EXP_NULL - 1; } else if (strncmp(n , S_EXP_USERNAME, L_EXP_USERNAME) == 0) { action = 'u'; n += L_EXP_USERNAME - 1; rerun = true; continue; - } else if (strncmp(n , S_EXP_LIBDIR, L_EXP_LIBDIR) == 0) { - /* skip, only the libkrb5 library can resolve this */ - result = talloc_asprintf_append(result, "%%"S_EXP_LIBDIR); - n += L_EXP_LIBDIR - 1; - } else if (strncmp(n , S_EXP_BINDIR, L_EXP_BINDIR) == 0) { - /* skip, only the libkrb5 library can resolve this */ - result = talloc_asprintf_append(result, "%%"S_EXP_BINDIR); - n += L_EXP_BINDIR - 1; - } else if (strncmp(n , S_EXP_SBINDIR, L_EXP_SBINDIR) == 0) { - /* skip, only the libkrb5 library can resolve this */ - result = talloc_asprintf_append(result, "%%"S_EXP_SBINDIR); - n += L_EXP_SBINDIR - 1; + } else { + /* ignore any expansion variable we do not understand and + * let libkrb5 hndle it or fail */ + name = n; + n = strchr(name, '}'); + if (!n) { + DEBUG(SSSDBG_CRIT_FAILURE, ( + "Invalid substitution sequence in cache " + "template. Missing closing '}' in [%s].\n", + template)); + goto done; + } + result = talloc_asprintf_append(result, "%s%%%.*s", p, + (int)(n - name + 1), name); } break; default: diff --git a/src/tests/krb5_utils-tests.c b/src/tests/krb5_utils-tests.c index 174d463b..4715774f 100644 --- a/src/tests/krb5_utils-tests.c +++ b/src/tests/krb5_utils-tests.c @@ -673,6 +673,35 @@ START_TEST(test_no_substitution) } END_TEST +START_TEST(test_krb5_style_expansion) +{ + char *result; + bool private_path = false; + const char *file_template; + const char *expected; + + file_template = BASE"/%{uid}/%{USERID}/%{euid}/%{username}"; + expected = BASE"/"UID"/"UID"/"UID"/"USERNAME; + result = expand_ccname_template(tmp_ctx, kr, file_template, true, + true, &private_path); + + fail_unless(result != NULL, "Cannot expand template [%s].", file_template); + fail_unless(strcmp(result, expected) == 0, + "Expansion failed, result [%s], expected [%s].", + result, expected); + + file_template = BASE"/%{unknown}"; + expected = BASE"/%{unknown}"; + result = expand_ccname_template(tmp_ctx, kr, file_template, true, + false, &private_path); + + fail_unless(result != NULL, "Cannot expand template [%s].", file_template); + fail_unless(strcmp(result, expected) == 0, + "Expansion failed, result [%s], expected [%s].", + result, expected); +} +END_TEST + START_TEST(test_compare_principal_realm) { int ret; @@ -738,6 +767,7 @@ Suite *krb5_utils_suite (void) tcase_add_test (tc_ccname_template, test_pid); tcase_add_test (tc_ccname_template, test_percent); tcase_add_test (tc_ccname_template, test_multiple_substitutions); + tcase_add_test (tc_ccname_template, test_krb5_style_expansion); suite_add_tcase (s, tc_ccname_template); TCase *tc_create_dir = tcase_create("create_dir"); |