Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport][ipa-4-9] ipa-kdb: do not use OpenLDAP functions with NULL LDAP context #5595

Closed
wants to merge 5 commits into from
Closed

[Backport][ipa-4-9] ipa-kdb: do not use OpenLDAP functions with NULL LDAP context #5595

wants to merge 5 commits into from

Conversation

rcritten
Copy link
Contributor

@rcritten rcritten commented Mar 1, 2021

This PR was opened automatically because PR #5581 was pushed to master and backport to ipa-4-9 is required.

@abbra @rcritten
ipa-kdb: do not use OpenLDAP functions with NULL LDAP context
6c58683 
Calling to ipadb_get_connection() will remove LDAP context if any error
happens. This means upper layers must always verify that LDAP context
exists after such calls.

ipadb_get_user_auth() may re-read global configuration and that may fail
and cause IPA context to have NULL LDAP context.

Fixes: https://pagure.io/freeipa/issue/8681

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
@abbra @rcritten
ipa-kdb: fix compiler warnings
673b71c 
There are few fields in KDB structures that have 'conflicting' types but
need to be compared. They come from MIT Kerberos and we have no choice
here.

In the same way, SID structures have own requirements.

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
@abbra @rcritten
ipa-kdb: add missing prototypes
3711e5a 
On Fedora 33 GCC defaults to -Wmissing-prototypes and emits warnings
about function prototypes missing. If -Werror is specified, this breaks
compilation.

We also default to -Werror=implicit-function-declaration

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
@abbra @rcritten
ipa-kdb: reformat ipa_kdb_certauth
84b0483 
Add prototype to the exported function

Replace few tabs by spaces and mark static code as static.

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
@abbra @rcritten
ipa-kdb: mark test functions as static
6524175 
No need to define missing prototypes to single use test functions.

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
@rcritten
Copy link
Contributor Author

rcritten commented Mar 1, 2021

PR was ACKed automatically because this is backport of PR #5581. Wait for CI to finish before pushing. In case of questions or problems contact @abbra who is author of the original PR.

@rcritten rcritten added the ack Pull Request approved, can be merged label Mar 1, 2021
@flo-renaud flo-renaud added the pushed Pull Request has already been pushed label Mar 2, 2021
@flo-renaud
Copy link
Contributor

ipa-4-9:

  • 2832810 ipa-kdb: do not use OpenLDAP functions with NULL LDAP context
  • 0da9de4 ipa-kdb: fix compiler warnings
  • c7ce801 ipa-kdb: add missing prototypes
  • f340baa ipa-kdb: reformat ipa_kdb_certauth
  • 2968609 ipa-kdb: mark test functions as static

@flo-renaud flo-renaud closed this Mar 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
ack Pull Request approved, can be merged pushed Pull Request has already been pushed
Projects
None yet
Milestone
No milestone
3 participants
@rcritten @flo-renaud @abbra