From 5871b0956bcbdd4ef9155826b18936fb386ca53b Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Tue, 21 Jan 2025 11:07:05 +0100 Subject: [PATCH 1/3] certmap: remove stray export declaration --- src/lib/certmap/sss_certmap.exports | 1 - 1 file changed, 1 deletion(-) diff --git a/src/lib/certmap/sss_certmap.exports b/src/lib/certmap/sss_certmap.exports index 7d7667738e3..952917e5fa6 100644 --- a/src/lib/certmap/sss_certmap.exports +++ b/src/lib/certmap/sss_certmap.exports @@ -2,7 +2,6 @@ SSS_CERTMAP_0.0 { global: sss_certmap_init; sss_certmap_free_ctx; - sss_certmap_err_msg; sss_certmap_add_rule; sss_certmap_match_cert; sss_certmap_get_search_filter; From 8569e0575c5e4c29097e171ad2f654d082f6275c Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Tue, 21 Jan 2025 13:32:34 +0100 Subject: [PATCH 2/3] SDAP: avoid "time info" debug copy&paste --- src/providers/ldap/ldap_auth.c | 5 +---- src/providers/ldap/ldap_common.h | 16 ++++++++++++++++ src/providers/ldap/sdap_access.c | 5 +---- 3 files changed, 18 insertions(+), 8 deletions(-) diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index 370cdf17188..3e3052f001f 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -95,10 +95,7 @@ static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now, return ret; } - DEBUG(SSSDBG_TRACE_ALL, - "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] " - "daylight [%d] now [%"SPRItime"] expire_time [%"SPRItime"].\n", - tzname[0], tzname[1], timezone, daylight, now, expire_time); + sdap_debug_time_info(now, expire_time); if (expire_time == 0) { /* Used by the MIT LDAP KDB plugin to indicate "never" */ diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h index 6832e12399d..2d27891656e 100644 --- a/src/providers/ldap/ldap_common.h +++ b/src/providers/ldap/ldap_common.h @@ -22,6 +22,7 @@ #ifndef _LDAP_COMMON_H_ #define _LDAP_COMMON_H_ +#include #include #include "providers/backend.h" @@ -46,6 +47,21 @@ #define LDAP_ENUM_PURGE_TIMEOUT 10800 +__attribute__((always_inline)) +static inline void sdap_debug_time_info(time_t now, time_t expire_time) +{ + DEBUG(SSSDBG_TRACE_ALL, +#ifdef _XOPEN_SOURCE + "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] " + "daylight [%d] now [%"SPRItime"] expire_time [%"SPRItime"].\n", + tzname[0], tzname[1], timezone, daylight, now, expire_time); +#else /* `timezone` and `daylight` aren't available */ + "Time info: tzname[0] [%s] tzname[1] [%s]" + "now [%"SPRItime"] expire_time [%"SPRItime"].\n", + tzname[0], tzname[1], now, expire_time); +#endif +} + enum ldap_child_command { LDAP_CHILD_GET_TGT = 0, LDAP_CHILD_SELECT_PRINCIPAL = 1 diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c index bbfa2620d04..376f4ba5074 100644 --- a/src/providers/ldap/sdap_access.c +++ b/src/providers/ldap/sdap_access.c @@ -567,10 +567,7 @@ bool nds_check_expired(const char *exp_time_str) } now = time(NULL); - DEBUG(SSSDBG_TRACE_ALL, - "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] " - "daylight [%d] now [%"SPRItime"] expire_time [%"SPRItime"].\n", - tzname[0], tzname[1], timezone, daylight, now, expire_time); + sdap_debug_time_info(now, expire_time); if (difftime(now, expire_time) > 0.0) { DEBUG(SSSDBG_CONF_SETTINGS, "NDS account expired.\n"); From 01d79150465f939194f07f86897a5be33bb3152d Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Tue, 21 Jan 2025 15:21:22 +0100 Subject: [PATCH 3/3] UTILS: don't use extern `timezone` if _XOPEN_SOURCE not defined --- src/util/util.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/src/util/util.c b/src/util/util.c index bc34b0ba662..1e36dfa0ef9 100644 --- a/src/util/util.c +++ b/src/util/util.c @@ -788,6 +788,24 @@ errno_t sss_fd_nonblocking(int fd) /* Convert GeneralizedTime (http://en.wikipedia.org/wiki/GeneralizedTime) * to unix time (seconds since epoch). Use UTC time zone. */ +__attribute__((always_inline)) +static inline long sss_get_timezone(void) +{ + tzset(); +#ifdef _XOPEN_SOURCE + return timezone; +#else + static const time_t t = 0; + struct tm tm; + if (localtime_r(&t, &tm) != NULL) { + return -(tm.tm_gmtoff); + } else { + DEBUG(SSSDBG_CRIT_FAILURE, "localtime_r() failed, ignoring timezone\n"); + return 0; + } +#endif +} + errno_t sss_utc_to_time_t(const char *str, const char *format, time_t *_unix_time) { char *end; @@ -830,8 +848,7 @@ errno_t sss_utc_to_time_t(const char *str, const char *format, time_t *_unix_tim return EINVAL; } - tzset(); - ut -= timezone; + ut -= sss_get_timezone(); *_unix_time = ut; return EOK; }