Blame SOURCES/0013-nss-allow-larger-buffer-for-certificate-based-reques.patch

bb7cd1
From e7c9ff18f41d9951aff3c99dca7db1871e53cfaf Mon Sep 17 00:00:00 2001
bb7cd1
From: Sumit Bose <sbose@redhat.com>
bb7cd1
Date: Tue, 28 Feb 2017 14:19:53 +0100
bb7cd1
Subject: [PATCH 13/15] nss: allow larger buffer for certificate based requests
bb7cd1
bb7cd1
To make sure larger certificates can be processed as well the maximal
bb7cd1
buffer size is increased for requests by certificate.
bb7cd1
bb7cd1
Related to https://pagure.io/SSSD/sssd/issue/3050
bb7cd1
bb7cd1
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
bb7cd1
---
bb7cd1
 src/responder/common/responder_packet.c | 21 ++++++++++++++++++++-
bb7cd1
 src/responder/common/responder_packet.h |  1 +
bb7cd1
 2 files changed, 21 insertions(+), 1 deletion(-)
bb7cd1
bb7cd1
diff --git a/src/responder/common/responder_packet.c b/src/responder/common/responder_packet.c
bb7cd1
index 4f5e110837eb76609d31a77c62a00e00530ffc90..cc4d66995965cca4c86a80c31d2afd4c9ac3e0e4 100644
bb7cd1
--- a/src/responder/common/responder_packet.c
bb7cd1
+++ b/src/responder/common/responder_packet.c
bb7cd1
@@ -179,6 +179,8 @@ int sss_packet_recv(struct sss_packet *packet, int fd)
bb7cd1
     size_t rb;
bb7cd1
     size_t len;
bb7cd1
     void *buf;
bb7cd1
+    size_t new_len;
bb7cd1
+    int ret;
bb7cd1
 
bb7cd1
     buf = (uint8_t *)packet->buffer + packet->iop;
bb7cd1
     if (packet->iop > 4) len = sss_packet_get_len(packet) - packet->iop;
bb7cd1
@@ -205,7 +207,24 @@ int sss_packet_recv(struct sss_packet *packet, int fd)
bb7cd1
     }
bb7cd1
 
bb7cd1
     if (sss_packet_get_len(packet) > packet->memsize) {
bb7cd1
-        return EINVAL;
bb7cd1
+        /* Allow certificate based requests to use larger buffer but not
bb7cd1
+         * larger than SSS_CERT_PACKET_MAX_RECV_SIZE. Due to the way
bb7cd1
+         * sss_packet_grow() works the packet len must be set to '0' first and
bb7cd1
+         * then grow to the expected size. */
bb7cd1
+        if ((sss_packet_get_cmd(packet) == SSS_NSS_GETNAMEBYCERT
bb7cd1
+                    || sss_packet_get_cmd(packet) == SSS_NSS_GETLISTBYCERT)
bb7cd1
+                && packet->memsize < SSS_CERT_PACKET_MAX_RECV_SIZE
bb7cd1
+                && (new_len = sss_packet_get_len(packet))
bb7cd1
+                                   < SSS_CERT_PACKET_MAX_RECV_SIZE) {
bb7cd1
+            new_len = sss_packet_get_len(packet);
bb7cd1
+            sss_packet_set_len(packet, 0);
bb7cd1
+            ret = sss_packet_grow(packet, new_len);
bb7cd1
+            if (ret != EOK) {
bb7cd1
+                return ret;
bb7cd1
+            }
bb7cd1
+        } else {
bb7cd1
+            return EINVAL;
bb7cd1
+        }
bb7cd1
     }
bb7cd1
 
bb7cd1
     packet->iop += rb;
bb7cd1
diff --git a/src/responder/common/responder_packet.h b/src/responder/common/responder_packet.h
bb7cd1
index 3ad0eee28477e446c9e4996617beb55f32923d47..afceb4aaefa40fd86bdfde820c92c09b65cd8702 100644
bb7cd1
--- a/src/responder/common/responder_packet.h
bb7cd1
+++ b/src/responder/common/responder_packet.h
bb7cd1
@@ -25,6 +25,7 @@
bb7cd1
 #include "sss_client/sss_cli.h"
bb7cd1
 
bb7cd1
 #define SSS_PACKET_MAX_RECV_SIZE 1024
bb7cd1
+#define SSS_CERT_PACKET_MAX_RECV_SIZE ( 10 * SSS_PACKET_MAX_RECV_SIZE )
bb7cd1
 
bb7cd1
 struct sss_packet;
bb7cd1
 
bb7cd1
-- 
bb7cd1
2.9.3
bb7cd1