From patchwork Fri Dec 14 13:40:14 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Suresh Jayaraman X-Patchwork-Id: 1878571 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork1.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork1.kernel.org (Postfix) with ESMTP id B625C40079 for ; Fri, 14 Dec 2012 13:40:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754164Ab2LNNk0 (ORCPT ); Fri, 14 Dec 2012 08:40:26 -0500 Received: from cantor2.suse.de ([195.135.220.15]:42478 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753887Ab2LNNk0 (ORCPT ); Fri, 14 Dec 2012 08:40:26 -0500 Received: from relay1.suse.de (unknown [195.135.220.254]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx2.suse.de (Postfix) with ESMTP id 64562A50DD; Fri, 14 Dec 2012 14:40:25 +0100 (CET) Message-ID: <50CB2C3E.8090306@suse.com> Date: Fri, 14 Dec 2012 19:10:14 +0530 From: Suresh Jayaraman User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Thunderbird/17.0 MIME-Version: 1.0 To: steved@redhat.com Cc: "J. Bruce Fields" , linux-nfs@vger.kernel.org Subject: [PATCH] idmapd: allow non-ASCII characters (UTF-8) in NFSv4 domain name Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org The validateascii() check in imconv() maps NFSv4 domain names with non-ASCII characters to 'nobody'. In setups where Active directory or LDAP is used this causes names with UTF-8 characters to being mapped to 'nobody' because of this check. As Bruce Fields puts it: "idmapd doesn't seem like the right place to enforce restrictions on names. Once the system has allowed a name it's too late to be complaining about it here." Replace the validateascii() call in imconv() with a check for null-termination just to be extra-careful and remove the validateascii() function itself as the only user of that function is being removed by this patch. Signed-off-by: Suresh Jayaraman Cc: J. Bruce Fields --- utils/idmapd/idmapd.c | 28 +++++----------------------- 1 file changed, 5 insertions(+), 23 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c index e80efb4..9d66225 100644 --- a/utils/idmapd/idmapd.c +++ b/utils/idmapd/idmapd.c @@ -145,7 +145,6 @@ static void svrreopen(int, short, void *); static int nfsopen(struct idmap_client *); static void nfscb(int, short, void *); static void nfsdcb(int, short, void *); -static int validateascii(char *, u_int32_t); static int addfield(char **, ssize_t *, char *); static int getfield(char **, char *, size_t); @@ -642,6 +641,8 @@ out: static void imconv(struct idmap_client *ic, struct idmap_msg *im) { + u_int32_t len; + switch (im->im_conv) { case IDMAP_CONV_IDTONAME: idtonameres(im); @@ -652,10 +653,10 @@ imconv(struct idmap_client *ic, struct idmap_msg *im) im->im_id, im->im_name); break; case IDMAP_CONV_NAMETOID: - if (validateascii(im->im_name, sizeof(im->im_name)) == -1) { - im->im_status |= IDMAP_STATUS_INVALIDMSG; + len = strnlen(im->im_name, IDMAP_NAMESZ - 1); + /* Check for NULL termination just to be careful */ + if (im->im_name[len+1] != '\0') return; - } nametoidres(im); if (verbose > 1) xlog_warn("%s %s: (%s) name \"%s\" -> id \"%d\"", @@ -855,25 +856,6 @@ nametoidres(struct idmap_msg *im) } static int -validateascii(char *string, u_int32_t len) -{ - u_int32_t i; - - for (i = 0; i < len; i++) { - if (string[i] == '\0') - break; - - if (string[i] & 0x80) - return (-1); - } - - if ((i >= len) || string[i] != '\0') - return (-1); - - return (i + 1); -} - -static int addfield(char **bpp, ssize_t *bsizp, char *fld) { char ch, *bp = *bpp;