The validateascii() check in imconv() maps NFSv4 domain names with
non-ASCII characters to 'nobody'. In setups where Active directory
or LDAP is used this causes names with UTF-8 characters to being
mapped to 'nobody' because of this check.
As Bruce Fields puts it:
"idmapd doesn't seem like the right place to enforce restrictions on
names. Once the system has allowed a name it's too late to be
complaining about it here."
Replace the validateascii() call in imconv() with a check for
null-termination just to be extra-careful and remove the validateascii()
function itself as the only user of that function is being
removed by this patch.
Acked-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
static int nfsopen(struct idmap_client *);
static void nfscb(int, short, void *);
static void nfsdcb(int, short, void *);
static int nfsopen(struct idmap_client *);
static void nfscb(int, short, void *);
static void nfsdcb(int, short, void *);
-static int validateascii(char *, u_int32_t);
static int addfield(char **, ssize_t *, char *);
static int getfield(char **, char *, size_t);
static int addfield(char **, ssize_t *, char *);
static int getfield(char **, char *, size_t);
static void
imconv(struct idmap_client *ic, struct idmap_msg *im)
{
static void
imconv(struct idmap_client *ic, struct idmap_msg *im)
{
switch (im->im_conv) {
case IDMAP_CONV_IDTONAME:
idtonameres(im);
switch (im->im_conv) {
case IDMAP_CONV_IDTONAME:
idtonameres(im);
im->im_id, im->im_name);
break;
case IDMAP_CONV_NAMETOID:
im->im_id, im->im_name);
break;
case IDMAP_CONV_NAMETOID:
- if (validateascii(im->im_name, sizeof(im->im_name)) == -1) {
- im->im_status |= IDMAP_STATUS_INVALIDMSG;
+ len = strnlen(im->im_name, IDMAP_NAMESZ - 1);
+ /* Check for NULL termination just to be careful */
+ if (im->im_name[len+1] != '\0')
nametoidres(im);
if (verbose > 1)
xlog_warn("%s %s: (%s) name \"%s\" -> id \"%d\"",
nametoidres(im);
if (verbose > 1)
xlog_warn("%s %s: (%s) name \"%s\" -> id \"%d\"",
-static int
-validateascii(char *string, u_int32_t len)
-{
- u_int32_t i;
-
- for (i = 0; i < len; i++) {
- if (string[i] == '\0')
- break;
-
- if (string[i] & 0x80)
- return (-1);
- }
-
- if ((i >= len) || string[i] != '\0')
- return (-1);
-
- return (i + 1);
-}
-
static int
addfield(char **bpp, ssize_t *bsizp, char *fld)
{
static int
addfield(char **bpp, ssize_t *bsizp, char *fld)
{