linux-nfs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] idmapd: allow non-ASCII characters (UTF-8) in NFSv4 domain name
@ 2012-12-14 13:40 Suresh Jayaraman
  2012-12-17 15:15 ` J. Bruce Fields
  2012-12-17 21:45 ` Steve Dickson
  0 siblings, 2 replies; 6+ messages in thread
From: Suresh Jayaraman @ 2012-12-14 13:40 UTC (permalink / raw)
  To: steved; +Cc: J. Bruce Fields, linux-nfs

The validateascii() check in imconv() maps NFSv4 domain names with non-ASCII
characters to 'nobody'. In setups where Active directory or LDAP is used this
causes names with UTF-8 characters to being mapped to 'nobody' because of this
check.

As Bruce Fields puts it:

"idmapd doesn't seem like the right place to enforce restrictions on names.
Once the system has allowed a name it's too late to be complaining about it
here."

Replace the validateascii() call in imconv() with a check for null-termination
just to be extra-careful and remove the validateascii() function itself
as the only user of that function is being removed by this patch.


Signed-off-by: Suresh Jayaraman <sjayaraman@suse.com>
Cc: J. Bruce Fields <bfields@fieldses.org>
---
 utils/idmapd/idmapd.c |   28 +++++-----------------------
 1 file changed, 5 insertions(+), 23 deletions(-)

diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
index e80efb4..9d66225 100644
--- a/utils/idmapd/idmapd.c
+++ b/utils/idmapd/idmapd.c
@@ -145,7 +145,6 @@ static void svrreopen(int, short, void *);
 static int  nfsopen(struct idmap_client *);
 static void nfscb(int, short, void *);
 static void nfsdcb(int, short, void *);
-static int  validateascii(char *, u_int32_t);
 static int  addfield(char **, ssize_t *, char *);
 static int  getfield(char **, char *, size_t);
 
@@ -642,6 +641,8 @@ out:
 static void
 imconv(struct idmap_client *ic, struct idmap_msg *im)
 {
+	u_int32_t len;
+
 	switch (im->im_conv) {
 	case IDMAP_CONV_IDTONAME:
 		idtonameres(im);
@@ -652,10 +653,10 @@ imconv(struct idmap_client *ic, struct idmap_msg *im)
 			    im->im_id, im->im_name);
 		break;
 	case IDMAP_CONV_NAMETOID:
-		if (validateascii(im->im_name, sizeof(im->im_name)) == -1) {
-			im->im_status |= IDMAP_STATUS_INVALIDMSG;
+		len = strnlen(im->im_name, IDMAP_NAMESZ - 1);
+		/* Check for NULL termination just to be careful */
+		if (im->im_name[len+1] != '\0')
 			return;
-		}
 		nametoidres(im);
 		if (verbose > 1)
 			xlog_warn("%s %s: (%s) name \"%s\" -> id \"%d\"",
@@ -855,25 +856,6 @@ nametoidres(struct idmap_msg *im)
 }
 
 static int
-validateascii(char *string, u_int32_t len)
-{
-	u_int32_t i;
-
-	for (i = 0; i < len; i++) {
-		if (string[i] == '\0')
-			break;
-
-		if (string[i] & 0x80)
-			return (-1);
-	}
-
-	if ((i >= len) || string[i] != '\0')
-		return (-1);
-
-	return (i + 1);
-}
-
-static int
 addfield(char **bpp, ssize_t *bsizp, char *fld)
 {
 	char ch, *bp = *bpp;

^ permalink raw reply related	[flat|nested] 6+ messages in thread
* [PATCH] idmapd: allow non-ASCII characters (UTF-8) in NFSv4 domain name
@ 2012-12-13 16:29 Suresh Jayaraman
  2012-12-13 16:50 ` J. Bruce Fields
  0 siblings, 1 reply; 6+ messages in thread
From: Suresh Jayaraman @ 2012-12-13 16:29 UTC (permalink / raw)
  To: steved, linux-nfs; +Cc: J. Bruce Fields


The validateascii() check in imconv() maps NFSv4 domain names with non-ASCII
characters to 'nobody'. In setups where Active directory or LDAP is used this
causes names with UTF-8 characters to be mapped to 'nobody' because of this
check.

As Bruce Fields puts it:

"idmapd doesn't seem like the right place to enforce restrictions on names.
Once the system has allowed a name it's too late to be complaining about it
here."

Remove the check from imconv() and remove the validateascii() function itself
as the only user of that function is being removed by this patch.


Signed-off-by: Suresh Jayaraman <sjayaraman@suse.com>
Cc: J. Bruce Fields <bfields@fieldses.org>
---

 utils/idmapd/idmapd.c |   24 ------------------------
 1 file changed, 24 deletions(-)

diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
index e80efb4..fe47dac 100644
--- a/utils/idmapd/idmapd.c
+++ b/utils/idmapd/idmapd.c
@@ -145,7 +145,6 @@ static void svrreopen(int, short, void *);
 static int  nfsopen(struct idmap_client *);
 static void nfscb(int, short, void *);
 static void nfsdcb(int, short, void *);
-static int  validateascii(char *, u_int32_t);
 static int  addfield(char **, ssize_t *, char *);
 static int  getfield(char **, char *, size_t);
 
@@ -652,10 +651,6 @@ imconv(struct idmap_client *ic, struct idmap_msg *im)
 			    im->im_id, im->im_name);
 		break;
 	case IDMAP_CONV_NAMETOID:
-		if (validateascii(im->im_name, sizeof(im->im_name)) == -1) {
-			im->im_status |= IDMAP_STATUS_INVALIDMSG;
-			return;
-		}
 		nametoidres(im);
 		if (verbose > 1)
 			xlog_warn("%s %s: (%s) name \"%s\" -> id \"%d\"",
@@ -855,25 +850,6 @@ nametoidres(struct idmap_msg *im)
 }
 
 static int
-validateascii(char *string, u_int32_t len)
-{
-	u_int32_t i;
-
-	for (i = 0; i < len; i++) {
-		if (string[i] == '\0')
-			break;
-
-		if (string[i] & 0x80)
-			return (-1);
-	}
-
-	if ((i >= len) || string[i] != '\0')
-		return (-1);
-
-	return (i + 1);
-}
-
-static int
 addfield(char **bpp, ssize_t *bsizp, char *fld)
 {
 	char ch, *bp = *bpp;


^ permalink raw reply related	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2012-12-17 21:45 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-12-14 13:40 [PATCH] idmapd: allow non-ASCII characters (UTF-8) in NFSv4 domain name Suresh Jayaraman
2012-12-17 15:15 ` J. Bruce Fields
2012-12-17 21:45 ` Steve Dickson
  -- strict thread matches above, loose matches on Subject: below --
2012-12-13 16:29 Suresh Jayaraman
2012-12-13 16:50 ` J. Bruce Fields
2012-12-14 13:37   ` Suresh Jayaraman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).