diff options
author | Sumit Bose <sbose@redhat.com> | 2013-05-07 23:28:14 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-05-27 19:09:04 +0200 |
commit | a157a30729b3733e72b8a344ea79558613349bf6 (patch) | |
tree | 06e8f8fddf2db761d0eb0f8248c0f2988e699aa6 | |
parent | aae5af7fb5fbdd780b06f2b5fb89dfe8ab52fb34 (diff) | |
download | sssd-a157a30729b3733e72b8a344ea79558613349bf6.tar.gz sssd-a157a30729b3733e72b8a344ea79558613349bf6.tar.bz2 sssd-a157a30729b3733e72b8a344ea79558613349bf6.zip |
Handle SID strings in sdap_attrs_get_sid_str() as well
This patch add a basic check if the SID returned by the LDAP server is
in a string representation. If not it is assumed that a binary SID was
returned by the LDAP server which is converted into a string
representation which is returned to the caller.
-rw-r--r-- | src/providers/ldap/ldap_common.c | 29 |
1 files changed, 20 insertions, 9 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index ddc88ab5..acb24b19 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -1583,15 +1583,26 @@ sdap_attrs_get_sid_str(TALLOC_CTX *mem_ctx, return ENOENT; } - err = sss_idmap_bin_sid_to_sid(idmap_ctx->map, - el->values[0].data, - el->values[0].length, - &sid_str); - if (err != IDMAP_SUCCESS) { - DEBUG(SSSDBG_MINOR_FAILURE, - ("Could not convert SID: [%s]\n", - idmap_error_string(err))); - return EIO; + if (el->values[0].length > 2 && + el->values[0].data[0] == 'S' && + el->values[0].data[1] == '-') { + sid_str = talloc_strndup(mem_ctx, (char *) el->values[0].data, + el->values[0].length); + if (sid_str == NULL) { + DEBUG(SSSDBG_OP_FAILURE, ("talloc_strndup failed.\n")); + return ENOMEM; + } + } else { + err = sss_idmap_bin_sid_to_sid(idmap_ctx->map, + el->values[0].data, + el->values[0].length, + &sid_str); + if (err != IDMAP_SUCCESS) { + DEBUG(SSSDBG_MINOR_FAILURE, + ("Could not convert SID: [%s]\n", + idmap_error_string(err))); + return EIO; + } } *_sid_str = talloc_steal(mem_ctx, sid_str); |