diff options
| author | nectar <nectar@FreeBSD.org> | 2004-01-09 13:43:49 +0000 |
|---|---|---|
| committer | nectar <nectar@FreeBSD.org> | 2004-01-09 13:43:49 +0000 |
| commit | 9b32167d5f7827194140898b20cd7754dc0592a2 (patch) | |
| tree | 9830bf12756c06757b6c6257578e50e701a2e090 /crypto/openssl | |
| parent | c3b2098e8bebb749bb3ce19d33dc899f0a680a50 (diff) | |
| download | FreeBSD-src-9b32167d5f7827194140898b20cd7754dc0592a2.zip FreeBSD-src-9b32167d5f7827194140898b20cd7754dc0592a2.tar.gz | |
It was reported that when using nss_ldap, getgrent(3) would behave
incorrectly when encountering `large' groups (many members and/or many
long member names). The reporter tracked this down to the glibc NSS
module compatibility code (nss_compat.c): it would prematurely record
that a NSS module was finished iterating through its database in some
cases.
Two aspects are corrected:
1. nss_compat.c recorded that a NSS module was finished iterating
whenever the module reported something other than SUCCESS. The
correct logic is to continue iteration when the module reports
either SUCCESS or RETURN. The __nss_compat_getgrent_r and
__nss_compat_getpwent_r routines are updated to reflect this.
2. An internal helper macro __nss_compat_result is used to map glibc
NSS status codes to BSD NSS status codes (e.g. NSS_STATUS_SUCCESS ->
NS_SUCCESS). It provided the obvious mapping.
When a NSS routine is called with a too-small buffer, the
convention in the BSD NSS code is to report RETURN. (This is used
to implement reentrant APIs such as getpwnam_r(3).) However, the
convention in glibc for this case is to set errno = ERANGE and
overload TRYAGAIN. __nss_compat_result is updated to handle this
case.
PR: bin/60287
Reported by: Lachlan O'Dea <odela01@ca.com>
Diffstat (limited to 'crypto/openssl')
0 files changed, 0 insertions, 0 deletions
