Fix scope of kadmind ACL wildcard back-references

author Greg Hudson <ghudson@mit.edu>

Thu, 12 Mar 2015 20:36:33 +0000 (16:36 -0400)

committer Tom Yu <tlyu@mit.edu>

Tue, 12 May 2015 19:41:27 +0000 (15:41 -0400)
author Greg Hudson <ghudson@mit.edu>
Thu, 12 Mar 2015 20:36:33 +0000 (16:36 -0400)
committer Tom Yu <tlyu@mit.edu>
Tue, 12 May 2015 19:41:27 +0000 (15:41 -0400)
diff --git a/src/lib/kadm5/srv/server_acl.c b/src/lib/kadm5/srv/server_acl.c

index b2aeb7daa4e8e73a6645f0b7b18663799503f1a8..9d971a9e5286077a2ce05371822a16b0db95c09a 100644 (file)
--- a/src/lib/kadm5/srv/server_acl.c
+++ b/src/lib/kadm5/srv/server_acl.c
@@ -611,8 +611,8 @@ kadm5int_acl_find_entry(kcontext, principal, dest_princ)
      wildstate_t         state;
  
      DPRINT(DEBUG_CALLS, acl_debug_level, ("* kadm5int_acl_find_entry()\n"));
-    memset(&state, 0, sizeof state);
      for (entry=acl_list_head; entry; entry = entry->ae_next) {
+        memset(&state, 0, sizeof(state));
          if (entry->ae_name_bad)
              continue;
          if (!strcmp(entry->ae_name, "*")) {
diff --git a/src/tests/t_kadmin_acl.py b/src/tests/t_kadmin_acl.py

index c4b8465d8dd73bd5d4160a65e833161b99033798..8b04c1e3a01ebc6c161cef572ab9c8397a75aead 100644 (file)
--- a/src/tests/t_kadmin_acl.py
+++ b/src/tests/t_kadmin_acl.py
@@ -65,6 +65,8 @@ restricted_modify  im  *         +preauth
  restricted_rename  ad  *         +preauth
  
  */*                d   *2/*1
+# The next line is a regression test for #8154; it is not used directly.
+one/*/*/five       l
  */two/*/*          d   *3/*1/*2
  */admin            a
  wctarget           a   wild/*
author	Greg Hudson <ghudson@mit.edu>
	Thu, 12 Mar 2015 20:36:33 +0000 (16:36 -0400)
committer	Tom Yu <tlyu@mit.edu>
	Tue, 12 May 2015 19:41:27 +0000 (15:41 -0400)
src/lib/kadm5/srv/server_acl.c		patch \| blob \| blame \| history
src/tests/t_kadmin_acl.py		patch \| blob \| blame \| history