From patchwork Wed Mar 26 09:48:39 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Siddhesh Poyarekar X-Patchwork-Id: 291 Return-Path: X-Original-To: siddhesh@wilcox.dreamhost.com Delivered-To: siddhesh@wilcox.dreamhost.com Received: from homiemail-mx22.g.dreamhost.com (caibbdcaabij.dreamhost.com [208.113.200.189]) by wilcox.dreamhost.com (Postfix) with ESMTP id 047833600A6 for ; Wed, 26 Mar 2014 02:48:11 -0700 (PDT) Received: by homiemail-mx22.g.dreamhost.com (Postfix, from userid 14307373) id A9E6251F5003; Wed, 26 Mar 2014 02:48:11 -0700 (PDT) X-Original-To: glibc@patchwork.siddhesh.in Delivered-To: x14307373@homiemail-mx22.g.dreamhost.com Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by homiemail-mx22.g.dreamhost.com (Postfix) with ESMTPS id 843415190523 for ; Wed, 26 Mar 2014 02:48:11 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:mime-version :content-type; q=dns; s=default; b=MQX59/ysRVImeg7X2ulWnW7k4V+r/ fH7RJkNpEPo4FSiTaGMFtowNAilxMEd7ziLPqel3gWx6p/Kl4MARhm8HE/ZrAh/o XRC3MKEo9SfCtTzkWGdcPxMU5Pch+A4/bfEnCyJA8v+s/5g8w3wlCrA67rRwJg9G GQuxnBeR9VhOIQ= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:mime-version :content-type; s=default; bh=R333cvIo9Tv5vBJFc+es4NZhTg8=; b=oPA 79G/Wd7FOw5XDN3Z8d9MUZZS4HJ8ORH2XV/Nxcv+mzwiGA6Ie1XP5e6lNxFOSvuf YGceEIdNfgn3HrtS6JfwMhevZNTwn1BWUVCA1miTsNUVbuvUL3GMWIJ75lQKSZ5n +owKv1INTj9x5vZQBzM1tnY8J8nzARWWtzRU72vc= Received: (qmail 18782 invoked by alias); 26 Mar 2014 09:48:08 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 18770 invoked by uid 89); 26 Mar 2014 09:48:08 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-3.9 required=5.0 tests=AWL, BAYES_00, RP_MATCHES_RCVD, SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Date: Wed, 26 Mar 2014 15:18:39 +0530 From: Siddhesh Poyarekar To: libc-alpha@sourceware.org Subject: [PATCH] Fix nscd lookup for innetgr when netgroup has wildcards (BZ #16758) Message-ID: <20140326094838.GA9707@spoyarek.pnq.redhat.com> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.22.1-rc1 (2013-10-16) X-DH-Original-To: glibc@patchwork.siddhesh.in nscd works correctly when the request in innetgr is a wildcard, i.e. when one or more of host, user or domain parameters is NULL. However, it does not work when the the triplet in the netgroup definition has a wildcard. This is easy to reproduce for a triplet defined as follows: foonet (,foo,) Here, an innetgr call that looks like this: innetgr ("foonet", "foohost", "foo", NULL); should succeed and so should: innetgr ("foonet", NULL, "foo", "foodomain"); It does succeed with nscd disabled, but not with nscd enabled. This fix adds this additional check for all three parts of the triplet so that it gives the correct result. Tested on x86_64. Siddhesh [BZ #16758] * nscd/netgroupcache.c (addinnetgrX): Succeed if triplet has blank values. --- nscd/netgroupcache.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c index 5ba1e1f..5d15aa4 100644 --- a/nscd/netgroupcache.c +++ b/nscd/netgroupcache.c @@ -560,15 +560,19 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, { bool success = true; - if (host != NULL) + /* For the host, user and domain in each triplet, we assume success + if the value is blank because that is how the wildcard entry to + match anything is stored in the netgroup cache. */ + if (host != NULL && *triplets != '\0') success = strcmp (host, triplets) == 0; triplets = (const char *) rawmemchr (triplets, '\0') + 1; - if (success && user != NULL) + if (success && user != NULL && *triplets != '\0') success = strcmp (user, triplets) == 0; triplets = (const char *) rawmemchr (triplets, '\0') + 1; - if (success && (domain == NULL || strcmp (domain, triplets) == 0)) + if (success && (domain == NULL || *triplets == '\0' + || strcmp (domain, triplets) == 0)) { dataset->resp.result = 1; break;