summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2009-03-12 17:23:17 +0100
committerVolker Lendecke <vl@samba.org>2009-05-12 15:21:46 +0200
commitc9efd454c5ffe0126bb21fdaadd421d71c38e2f7 (patch)
tree51e24cdcc2e7463f5cdb4ee77123520c89ac25d1
parent94665adb484c25534b756012e9b55f01737b7713 (diff)
downloadsamba-c9efd454c5ffe0126bb21fdaadd421d71c38e2f7.tar.gz
samba-c9efd454c5ffe0126bb21fdaadd421d71c38e2f7.tar.bz2
samba-c9efd454c5ffe0126bb21fdaadd421d71c38e2f7.zip
Fix bug 6157
This patch picks the alphabetically smallest one of the multi-value attribute "uid". This fixes a regression against 3.0 and also becomes deterministic.
-rw-r--r--source3/include/smbldap.h3
-rw-r--r--source3/lib/smbldap.c56
-rw-r--r--source3/passdb/pdb_ldap.c2
3 files changed, 60 insertions, 1 deletions
diff --git a/source3/include/smbldap.h b/source3/include/smbldap.h
index 353e01aba6..3ac770a548 100644
--- a/source3/include/smbldap.h
+++ b/source3/include/smbldap.h
@@ -211,6 +211,9 @@ const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver );
char * smbldap_talloc_single_attribute(LDAP *ldap_struct, LDAPMessage *entry,
const char *attribute,
TALLOC_CTX *mem_ctx);
+char * smbldap_talloc_smallest_attribute(LDAP *ldap_struct, LDAPMessage *entry,
+ const char *attribute,
+ TALLOC_CTX *mem_ctx);
void talloc_autofree_ldapmsg(TALLOC_CTX *mem_ctx, LDAPMessage *result);
void talloc_autofree_ldapmod(TALLOC_CTX *mem_ctx, LDAPMod **mod);
char *smbldap_talloc_dn(TALLOC_CTX *mem_ctx, LDAP *ld,
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 63629265f1..4360d3ab57 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -333,6 +333,62 @@ ATTRIB_MAP_ENTRY sidmap_attr_list[] = {
return result;
}
+ char * smbldap_talloc_smallest_attribute(LDAP *ldap_struct, LDAPMessage *entry,
+ const char *attribute,
+ TALLOC_CTX *mem_ctx)
+{
+ char **values;
+ char *result;
+ size_t converted_size;
+ int i, num_values;
+
+ if (attribute == NULL) {
+ return NULL;
+ }
+
+ values = ldap_get_values(ldap_struct, entry, attribute);
+
+ if (values == NULL) {
+ DEBUG(10, ("attribute %s does not exist\n", attribute));
+ return NULL;
+ }
+
+ if (!pull_utf8_talloc(mem_ctx, &result, values[0], &converted_size)) {
+ DEBUG(10, ("pull_utf8_talloc failed\n"));
+ ldap_value_free(values);
+ return NULL;
+ }
+
+ num_values = ldap_count_values(values);
+
+ for (i=1; i<num_values; i++) {
+ char *tmp;
+
+ if (!pull_utf8_talloc(mem_ctx, &tmp, values[i],
+ &converted_size)) {
+ DEBUG(10, ("pull_utf8_talloc failed\n"));
+ TALLOC_FREE(result);
+ ldap_value_free(values);
+ return NULL;
+ }
+
+ if (StrCaseCmp(tmp, result) < 0) {
+ TALLOC_FREE(result);
+ result = tmp;
+ } else {
+ TALLOC_FREE(tmp);
+ }
+ }
+
+ ldap_value_free(values);
+
+#ifdef DEBUG_PASSWORDS
+ DEBUG (100, ("smbldap_get_single_attribute: [%s] = [%s]\n",
+ attribute, result));
+#endif
+ return result;
+}
+
static int ldapmsg_destructor(LDAPMessage **result) {
ldap_msgfree(*result);
return 0;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 2d3b91f184..a8fdbdae33 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -560,7 +560,7 @@ static bool init_sam_from_ldap(struct ldapsam_privates *ldap_state,
goto fn_exit;
}
- if (!(username = smbldap_talloc_single_attribute(priv2ld(ldap_state),
+ if (!(username = smbldap_talloc_smallest_attribute(priv2ld(ldap_state),
entry,
"uid",
ctx))) {