From e7c9ff18f41d9951aff3c99dca7db1871e53cfaf Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Tue, 28 Feb 2017 14:19:53 +0100 Subject: [PATCH 13/15] nss: allow larger buffer for certificate based requests To make sure larger certificates can be processed as well the maximal buffer size is increased for requests by certificate. Related to https://pagure.io/SSSD/sssd/issue/3050 Reviewed-by: Jakub Hrozek --- src/responder/common/responder_packet.c | 21 ++++++++++++++++++++- src/responder/common/responder_packet.h | 1 + 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/src/responder/common/responder_packet.c b/src/responder/common/responder_packet.c index 4f5e110837eb76609d31a77c62a00e00530ffc90..cc4d66995965cca4c86a80c31d2afd4c9ac3e0e4 100644 --- a/src/responder/common/responder_packet.c +++ b/src/responder/common/responder_packet.c @@ -179,6 +179,8 @@ int sss_packet_recv(struct sss_packet *packet, int fd) size_t rb; size_t len; void *buf; + size_t new_len; + int ret; buf = (uint8_t *)packet->buffer + packet->iop; if (packet->iop > 4) len = sss_packet_get_len(packet) - packet->iop; @@ -205,7 +207,24 @@ int sss_packet_recv(struct sss_packet *packet, int fd) } if (sss_packet_get_len(packet) > packet->memsize) { - return EINVAL; + /* Allow certificate based requests to use larger buffer but not + * larger than SSS_CERT_PACKET_MAX_RECV_SIZE. Due to the way + * sss_packet_grow() works the packet len must be set to '0' first and + * then grow to the expected size. */ + if ((sss_packet_get_cmd(packet) == SSS_NSS_GETNAMEBYCERT + || sss_packet_get_cmd(packet) == SSS_NSS_GETLISTBYCERT) + && packet->memsize < SSS_CERT_PACKET_MAX_RECV_SIZE + && (new_len = sss_packet_get_len(packet)) + < SSS_CERT_PACKET_MAX_RECV_SIZE) { + new_len = sss_packet_get_len(packet); + sss_packet_set_len(packet, 0); + ret = sss_packet_grow(packet, new_len); + if (ret != EOK) { + return ret; + } + } else { + return EINVAL; + } } packet->iop += rb; diff --git a/src/responder/common/responder_packet.h b/src/responder/common/responder_packet.h index 3ad0eee28477e446c9e4996617beb55f32923d47..afceb4aaefa40fd86bdfde820c92c09b65cd8702 100644 --- a/src/responder/common/responder_packet.h +++ b/src/responder/common/responder_packet.h @@ -25,6 +25,7 @@ #include "sss_client/sss_cli.h" #define SSS_PACKET_MAX_RECV_SIZE 1024 +#define SSS_CERT_PACKET_MAX_RECV_SIZE ( 10 * SSS_PACKET_MAX_RECV_SIZE ) struct sss_packet; -- 2.9.3