summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2013-05-07 23:28:14 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-05-27 19:09:04 +0200
commita157a30729b3733e72b8a344ea79558613349bf6 (patch)
tree06e8f8fddf2db761d0eb0f8248c0f2988e699aa6
parentaae5af7fb5fbdd780b06f2b5fb89dfe8ab52fb34 (diff)
downloadsssd-a157a30729b3733e72b8a344ea79558613349bf6.tar.gz
sssd-a157a30729b3733e72b8a344ea79558613349bf6.tar.bz2
sssd-a157a30729b3733e72b8a344ea79558613349bf6.zip
Handle SID strings in sdap_attrs_get_sid_str() as well
This patch add a basic check if the SID returned by the LDAP server is in a string representation. If not it is assumed that a binary SID was returned by the LDAP server which is converted into a string representation which is returned to the caller.
-rw-r--r--src/providers/ldap/ldap_common.c29
1 files changed, 20 insertions, 9 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index ddc88ab5..acb24b19 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -1583,15 +1583,26 @@ sdap_attrs_get_sid_str(TALLOC_CTX *mem_ctx,
return ENOENT;
}
- err = sss_idmap_bin_sid_to_sid(idmap_ctx->map,
- el->values[0].data,
- el->values[0].length,
- &sid_str);
- if (err != IDMAP_SUCCESS) {
- DEBUG(SSSDBG_MINOR_FAILURE,
- ("Could not convert SID: [%s]\n",
- idmap_error_string(err)));
- return EIO;
+ if (el->values[0].length > 2 &&
+ el->values[0].data[0] == 'S' &&
+ el->values[0].data[1] == '-') {
+ sid_str = talloc_strndup(mem_ctx, (char *) el->values[0].data,
+ el->values[0].length);
+ if (sid_str == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("talloc_strndup failed.\n"));
+ return ENOMEM;
+ }
+ } else {
+ err = sss_idmap_bin_sid_to_sid(idmap_ctx->map,
+ el->values[0].data,
+ el->values[0].length,
+ &sid_str);
+ if (err != IDMAP_SUCCESS) {
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Could not convert SID: [%s]\n",
+ idmap_error_string(err)));
+ return EIO;
+ }
}
*_sid_str = talloc_steal(mem_ctx, sid_str);