File 0011-sudo-use-dbus-array-for-rules-refresh.patch of Package sssd.openSUSE_Leap_42.1_Update

From dfef1d050c35398c6061256a947b4cc9c1f4b8e6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Wed, 23 Jul 2014 14:21:34 +0200
Subject: [PATCH] sudo: use dbus array for rules refresh
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

D-Bus only supports 255 signatures which caused a segmentation fault
when sudo responder tried to refresh more rules at once.

Resolves:
https://fedorahosted.org/sssd/ticket/2387

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

Line numbers and debug message are slightly adjusted by Howard Guo <hguo@suse.com> to fit into this older version of SSSD.

diff -rupN sssd-1.11.5.1/src/providers/data_provider_be.c sssd-1.11.5.1-patched/src/providers/data_provider_be.c
--- sssd-1.11.5.1/src/providers/data_provider_be.c	2014-04-11 18:18:59.000000000 +0200
+++ sssd-1.11.5.1-patched/src/providers/data_provider_be.c	2016-05-02 11:46:09.597956400 +0200
@@ -1551,7 +1551,7 @@ static int be_sudo_handler(DBusMessage *
     DBusError dbus_error;
     DBusMessage *reply = NULL;
     DBusMessageIter iter;
-    dbus_bool_t iter_next = FALSE;
+    DBusMessageIter array_iter;
     struct be_client *be_cli = NULL;
     struct be_req *be_req = NULL;
     struct be_sudo_req *sudo_req = NULL;
@@ -1655,15 +1655,19 @@ static int be_sudo_handler(DBusMessage *
             goto fail;
         }
 
+        dbus_message_iter_next(&iter);
+
+        if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY) {
+            DEBUG(SSSDBG_CRIT_FAILURE, ("Failed, to parse the message!\n"));
+            ret = EIO;
+            err_msg = "Invalid D-Bus message format";
+            goto fail;
+        }
+
+        dbus_message_iter_recurse(&iter, &array_iter);
+
         /* read the rules */
         for (i = 0; i < rules_num; i++) {
-            iter_next = dbus_message_iter_next(&iter);
-            if (iter_next == FALSE) {
-                DEBUG(SSSDBG_CRIT_FAILURE, ("Failed, to parse the message!\n"));
-                ret = EIO;
-                err_msg = "Invalid D-Bus message format";
-                goto fail;
-            }
             if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_STRING) {
                 DEBUG(SSSDBG_CRIT_FAILURE, ("Failed, to parse the message!\n"));
                 ret = EIO;
@@ -1678,6 +1682,8 @@ static int be_sudo_handler(DBusMessage *
                 ret = ENOMEM;
                 goto fail;
             }
+
+            dbus_message_iter_next(&iter);
         }
 
         sudo_req->rules[rules_num] = NULL;
diff -rupN sssd-1.11.5.1/src/responder/sudo/sudosrv_dp.c sssd-1.11.5.1-patched/src/responder/sudo/sudosrv_dp.c
--- sssd-1.11.5.1/src/responder/sudo/sudosrv_dp.c	2014-04-11 18:18:59.000000000 +0200
+++ sssd-1.11.5.1-patched/src/responder/sudo/sudosrv_dp.c	2016-05-02 11:43:09.140331143 +0200
@@ -117,6 +117,7 @@ sss_dp_get_sudoers_msg(void *pvt)
 {
     DBusMessage *msg;
     DBusMessageIter iter;
+    DBusMessageIter array_iter;
     dbus_bool_t dbret;
     errno_t ret;
     struct sss_dp_get_sudoers_info *info;
@@ -169,6 +170,13 @@ sss_dp_get_sudoers_msg(void *pvt)
             goto fail;
         }
 
+        dbret = dbus_message_iter_open_container(&iter, DBUS_TYPE_ARRAY,
+                                                 DBUS_TYPE_STRING_AS_STRING,
+                                                 &array_iter);
+        if (dbret == FALSE) {
+            goto fail;
+        }
+
         for (i = 0; i < info->num_rules; i++) {
             ret = sysdb_attrs_get_string(info->rules[i], SYSDB_NAME, &rule_name);
             if (ret != EOK) {
@@ -177,12 +185,18 @@ sss_dp_get_sudoers_msg(void *pvt)
                 goto fail;
             }
 
-            dbret = dbus_message_iter_append_basic(&iter, DBUS_TYPE_STRING,
+            dbret = dbus_message_iter_append_basic(&array_iter,
+                                                   DBUS_TYPE_STRING,
                                                    &rule_name);
             if (dbret == FALSE) {
                 goto fail;
             }
         }
+
+        dbret = dbus_message_iter_close_container(&iter, &array_iter);
+        if (dbret == FALSE) {
+            goto fail;
+        }
     }
 
     return msg;