Re: Possible bug in cross platform code
[Date Prev][Date Next] [Thread Prev][Thread Next]Re: Possible bug in cross platform code
- From: Geoffrey McRae <geoff [at] spacevs.com>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: Possible bug in cross platform code
- Date: Thu, 11 Jun 2015 20:04:45 +1000
Just realized this is not an endian bug, but a signed int problem, the value 2580790735 is larger then the s32 max of 0x7fffffff, this is not causing a problem on the amd64 machine because the native int length is 64bits. The field where this value is stored should clearly be an unsigned int.
-Geoff On 11/06/15 19:51, Geoffrey McRae wrote:
Hi All,I have spent the better part of a day trying to get nscd to work on a Raspberri pi2, and I believe I have found the cause is due to a bug in the code that passes the objectSid to LDAP. Here is my config which is working perfectly fine on my x86_64 machine.# /etc/nslcd.conf # nslcd configuration file. See nslcd.conf(5) # for details. # The user and group nslcd should run as. uid nslcd gid nslcd # The location at which the LDAP server(s) should be reachable. uri ldap://192.168.50.200/ # The search base that will be used for all queries. base dc=home,dc=local # The LDAP protocol version to use. #ldap_version 3 # The DN to bind with for normal lookups. binddn REMOVED bindpw REMOVED #binddn cn=annonymous,dc=example,dc=net #bindpw secret # The DN used for password modifications by root. #rootpwmoddn cn=admin,dc=example,dc=com # SSL options #ssl off #tls_reqcert never # The search scope. #scope sub referrals no nss_min_uid 1000 pam_authz_search (!(userAccountControl:1.2.840.113556.1.4.803:=2))#filter passwd (&(objectClass=user)(objectClass=person)(!(objectClass=computer))(memberOf=CN=Domain Admins,CN=Users,DC=home,DC=local)(!(sAMAccountName=Administrator))) filter passwd (&(objectClass=user)(objectClass=person)(!(objectClass=computer)))map passwd uid sAMAccountName map passwd uidNumber objectSid:S-1-5-21-1601041238-2580790735-1343166637 map passwd gidNumber objectSid:S-1-5-21-1601041238-2580790735-1343166637 map passwd homeDirectory "${unixHomeDirectory:-/home/$sAMAccountName}" map passwd loginShell "${loginShell:-/bin/bash}" map passwd gecos displayName#filter shadow (&(objectClass=user)(objectClass=person)(!(objectClass=computer))(memberOf=CN=Domain Admins,CN=Users,DC=home,DC=home,DC=local)(!(sAMAccountName=Administrator))) filter shadow (&(objectClass=user)(objectClass=person)(!(objectClass=computer)))map shadow uid sAMAccountName map shadow shadowLastChange pwdLastSet filter group (|(objectClass=group)(objectClass=person))#filter group (|(objectClass=group)(&(objectClass=person)(memberOf=CN=Domain Admins,CN=Users,DC=home,DC=local)(!(sAMAccountName=Administrator))))map group cn sAMAccountName map group gidNumber objectSid:S-1-5-21-1601041238-2580790735-1343166637When I run nscd with -dd and compare the output between the two machines I see one major difference, on the desktop put_simple_filter for the objectSid is:put_simple_filter: "objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\56\f3\6d\5f\cf\bd\d3\99\ad\18\0f\50\53\04\00\00"On the RPi it is:put_simple_filter: "objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\56\f3\6d\5f\ff\ff\ff\7f\ad\18\0f\50\53\04\00\00"Note the four bytes that are wrong, this looks like an endian bug because 7fffffff is max int32. Any help would be much appreciated.
-- To unsubscribe send an email to nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see http://lists.arthurdejong.org/nss-pam-ldapd-users/
- Possible bug in cross platform code,
Geoffrey McRae
- Re: Possible bug in cross platform code, Geoffrey McRae
- Re: Possible bug in cross platform code,
Geoffrey McRae
- Re: Possible bug in cross platform code, Arthur de Jong
- Prev by Date: Possible bug in cross platform code
- Next by Date: Re: Possible bug in cross platform code
- Previous by thread: Possible bug in cross platform code
- Next by thread: Re: Possible bug in cross platform code