realmd configures sssd.conf and smb.conf. No data that was retrieved before join (and the point where mutual trust, sealing is established) should be used when configuring sssd.conf and/or smb.conf. Such data should be retrieved again. I need to check exactly which fields this affects.
After discussing this further, due to the mutual trust inherent in the keytab, we need to make sure that the configuration fields do not contain invalid characters, and are properly parseable. We'll do this in two ways, restricting input from LDAP, and cleaning output to sssd.conf.
Values output to samba.conf and sssd.conf is already clean of newlines, which are the problematic character here.
Fixed with these commits: commit 6d5ac47cc22c273a55bea89dffbe537a3c86ad2c Author: Stef Walter <stefw@redhat.com> Date: Tue Apr 14 11:30:53 2015 +0200 service: Limit the characters we read from LDAP We strictly limit this to characters expected in domain names. commit 502980a8a17eddb5fe3d16bcad229a6d0ba11065 Author: Stef Walter <stefw@redhat.com> Date: Sat Apr 11 13:29:40 2015 +0200 service: Only accept specific characters when parsing MSCLDAP response This provides an extra layer of protection against injecting odd characters into configuration files.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.