From 2ea843b8143305bbd1aad5aa0ddfadb0472266bb Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Thu, 12 Oct 2023 12:50:45 +0200 Subject: [PATCH] Bump reva to latest edge To get https://github.com/cs3org/reva/pull/4249 Fixes: #7469 --- changelog/unreleased/bump-reva.md | 1 + .../unreleased/fix-users-by-claim-lookup-binary-uuid.md | 9 +++++++++ go.mod | 2 +- go.sum | 4 ++-- vendor/github.com/cs3org/reva/v2/pkg/trace/trace.go | 2 ++ .../github.com/cs3org/reva/v2/pkg/utils/ldap/identity.go | 4 ++-- vendor/modules.txt | 2 +- 7 files changed, 18 insertions(+), 6 deletions(-) create mode 100644 changelog/unreleased/fix-users-by-claim-lookup-binary-uuid.md diff --git a/changelog/unreleased/bump-reva.md b/changelog/unreleased/bump-reva.md index 5751ff4e104..936d95d4022 100644 --- a/changelog/unreleased/bump-reva.md +++ b/changelog/unreleased/bump-reva.md @@ -7,3 +7,4 @@ https://github.com/owncloud/ocis/pull/6427 https://github.com/owncloud/ocis/pull/7178 https://github.com/owncloud/ocis/pull/7217 https://github.com/owncloud/ocis/pull/7410 +https://github.com/owncloud/ocis/pull/7476 diff --git a/changelog/unreleased/fix-users-by-claim-lookup-binary-uuid.md b/changelog/unreleased/fix-users-by-claim-lookup-binary-uuid.md new file mode 100644 index 00000000000..0bb87072011 --- /dev/null +++ b/changelog/unreleased/fix-users-by-claim-lookup-binary-uuid.md @@ -0,0 +1,9 @@ +Bugfix: GetUserByClaim fixed for Active Directory + +The reva ldap backend for the users and groups service did not hex escape +binary uuids in LDAP filter correctly this could cause problems in Active +Directory setups for services using the GetUserByClaim CS3 request with claim +"userid". + +https://github.com/owncloud/ocis/pull/7476 +https://github.com/owncloud/ocis/issues/7469 diff --git a/go.mod b/go.mod index ef3531cf515..506d25bb518 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/coreos/go-oidc v2.2.1+incompatible github.com/coreos/go-oidc/v3 v3.6.0 github.com/cs3org/go-cs3apis v0.0.0-20230727093620-0f4399be4543 - github.com/cs3org/reva/v2 v2.16.1-0.20231011081722-044d686b88e1 + github.com/cs3org/reva/v2 v2.16.1-0.20231012102459-2b27cd47ab72 github.com/disintegration/imaging v1.6.2 github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e github.com/egirna/icap-client v0.1.1 diff --git a/go.sum b/go.sum index 5a284871a29..77e8ecaa0a5 100644 --- a/go.sum +++ b/go.sum @@ -1013,8 +1013,8 @@ github.com/crewjam/httperr v0.2.0 h1:b2BfXR8U3AlIHwNeFFvZ+BV1LFvKLlzMjzaTnZMybNo github.com/crewjam/httperr v0.2.0/go.mod h1:Jlz+Sg/XqBQhyMjdDiC+GNNRzZTD7x39Gu3pglZ5oH4= github.com/crewjam/saml v0.4.13 h1:TYHggH/hwP7eArqiXSJUvtOPNzQDyQ7vwmwEqlFWhMc= github.com/crewjam/saml v0.4.13/go.mod h1:igEejV+fihTIlHXYP8zOec3V5A8y3lws5bQBFsTm4gA= -github.com/cs3org/reva/v2 v2.16.1-0.20231011081722-044d686b88e1 h1:Efy7Yx7zyqtCmGhR6qRhSmvjNSxnPt69LF0UyV9kd9U= -github.com/cs3org/reva/v2 v2.16.1-0.20231011081722-044d686b88e1/go.mod h1:6M5k4UvGUgZh31t4r70RwbesW+w2EM/gd/gpuQZxAPg= +github.com/cs3org/reva/v2 v2.16.1-0.20231012102459-2b27cd47ab72 h1:53M+ldLYQSxl/iJokKfOUmY0ntMhnATQu9cBZE1X53k= +github.com/cs3org/reva/v2 v2.16.1-0.20231012102459-2b27cd47ab72/go.mod h1:6M5k4UvGUgZh31t4r70RwbesW+w2EM/gd/gpuQZxAPg= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= diff --git a/vendor/github.com/cs3org/reva/v2/pkg/trace/trace.go b/vendor/github.com/cs3org/reva/v2/pkg/trace/trace.go index e3af4e2f347..b613b23a680 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/trace/trace.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/trace/trace.go @@ -85,6 +85,8 @@ func NewTracerProvider(opts ...Option) trace.TracerProvider { // SetDefaultTracerProvider sets the default trace provider func SetDefaultTracerProvider(tp trace.TracerProvider) { otel.SetTracerProvider(tp) + defaultProvider.mutex.Lock() + defer defaultProvider.mutex.Unlock() defaultProvider.initialized = true } diff --git a/vendor/github.com/cs3org/reva/v2/pkg/utils/ldap/identity.go b/vendor/github.com/cs3org/reva/v2/pkg/utils/ldap/identity.go index 3f3c4a8a5e8..f438d332036 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/utils/ldap/identity.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/utils/ldap/identity.go @@ -526,7 +526,7 @@ func (i *Identity) getUserAttributeFilter(attribute, value string) (string, erro default: return "", errors.New("ldap: invalid field " + attribute) } - if attribute == "userid" && i.User.Schema.IDIsOctetString { + if attribute == i.User.Schema.ID && i.User.Schema.IDIsOctetString { id, err := uuid.Parse(value) if err != nil { err := errors.Wrap(err, fmt.Sprintf("error parsing OpaqueID '%s' as UUID", value)) @@ -687,7 +687,7 @@ func (i *Identity) getGroupAttributeFilter(attribute, value string) (string, err default: return "", errors.New("ldap: invalid field " + attribute) } - if attribute == "group_id" && i.Group.Schema.IDIsOctetString { + if attribute == i.Group.Schema.ID && i.Group.Schema.IDIsOctetString { id, err := uuid.Parse(value) if err != nil { err := errors.Wrap(err, fmt.Sprintf("error parsing OpaqueID '%s' as UUID", value)) diff --git a/vendor/modules.txt b/vendor/modules.txt index 878f80f5f22..bda735cde73 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -357,7 +357,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1 github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1 github.com/cs3org/go-cs3apis/cs3/tx/v1beta1 github.com/cs3org/go-cs3apis/cs3/types/v1beta1 -# github.com/cs3org/reva/v2 v2.16.1-0.20231011081722-044d686b88e1 +# github.com/cs3org/reva/v2 v2.16.1-0.20231012102459-2b27cd47ab72 ## explicit; go 1.20 github.com/cs3org/reva/v2/cmd/revad/internal/grace github.com/cs3org/reva/v2/cmd/revad/runtime