diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-04-21 10:32:13 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-05-03 14:09:14 -0400 |
commit | 45f75fc8e98092fa48faa3d180fd42f7efd51486 (patch) | |
tree | fdfde37f2236c5a3be39e9f49963a2a8423177ea | |
parent | 4f3fd1fb264a7eaf3a9d062d49e071b0d17e4deb (diff) | |
download | sssd-45f75fc8e98092fa48faa3d180fd42f7efd51486.tar.gz sssd-45f75fc8e98092fa48faa3d180fd42f7efd51486.tar.bz2 sssd-45f75fc8e98092fa48faa3d180fd42f7efd51486.zip |
LDAP: Add routine to extract domain SID from an object SID
Also makes the domain prefix macros from sss_idmap public.
-rw-r--r-- | src/lib/idmap/sss_idmap.c | 2 | ||||
-rw-r--r-- | src/lib/idmap/sss_idmap.h | 3 | ||||
-rw-r--r-- | src/providers/ldap/sdap_idmap.c | 44 | ||||
-rw-r--r-- | src/providers/ldap/sdap_idmap.h | 5 |
4 files changed, 52 insertions, 2 deletions
diff --git a/src/lib/idmap/sss_idmap.c b/src/lib/idmap/sss_idmap.c index b00d6150..c970293b 100644 --- a/src/lib/idmap/sss_idmap.c +++ b/src/lib/idmap/sss_idmap.c @@ -29,8 +29,6 @@ #include "lib/idmap/sss_idmap.h" #include "lib/idmap/sss_idmap_private.h" -#define DOM_SID_PREFIX "S-1-5-21-" -#define DOM_SID_PREFIX_LEN (sizeof(DOM_SID_PREFIX) - 1) #define SID_FMT "%s-%d" #define SID_STR_MAX_LEN 1024 diff --git a/src/lib/idmap/sss_idmap.h b/src/lib/idmap/sss_idmap.h index 146f831e..78e786af 100644 --- a/src/lib/idmap/sss_idmap.h +++ b/src/lib/idmap/sss_idmap.h @@ -29,6 +29,9 @@ #include <stdint.h> #include <stdbool.h> +#define DOM_SID_PREFIX "S-1-5-21-" +#define DOM_SID_PREFIX_LEN (sizeof(DOM_SID_PREFIX) - 1) + /** * @defgroup sss_idmap Map Unix UIDs and GIDs to SIDs and back * Libsss_idmap provides a mechanism to translate a SID to a UNIX UID or GID diff --git a/src/providers/ldap/sdap_idmap.c b/src/providers/ldap/sdap_idmap.c index 02e3d0ea..96ad65b1 100644 --- a/src/providers/ldap/sdap_idmap.c +++ b/src/providers/ldap/sdap_idmap.c @@ -322,3 +322,47 @@ done: } return ret; } + +errno_t +sdap_idmap_get_dom_sid_from_object(TALLOC_CTX *mem_ctx, + const char *object_sid, + char **dom_sid_str) +{ + const char *p; + long long a; + size_t c; + char *endptr; + + if (object_sid == NULL + || strncmp(object_sid, DOM_SID_PREFIX, DOM_SID_PREFIX_LEN) != 0) { + return EINVAL; + } + + p = object_sid + DOM_SID_PREFIX_LEN; + c = 0; + + do { + errno = 0; + a = strtoull(p, &endptr, 10); + if (errno != 0 || a > UINT32_MAX) { + return EINVAL; + } + + if (*endptr == '-') { + p = endptr + 1; + } else { + return EINVAL; + } + c++; + } while(c < 3); + + /* If we made it here, we are now one character past + * the last hyphen in the object-sid. + * Copy the dom-sid substring. + */ + *dom_sid_str = talloc_strndup(mem_ctx, object_sid, + (endptr-object_sid)); + if (!*dom_sid_str) return ENOMEM; + + return EOK; +} diff --git a/src/providers/ldap/sdap_idmap.h b/src/providers/ldap/sdap_idmap.h index 9ac8be13..ee71da28 100644 --- a/src/providers/ldap/sdap_idmap.h +++ b/src/providers/ldap/sdap_idmap.h @@ -49,4 +49,9 @@ sdap_idmap_add_domain(struct sdap_idmap_ctx *idmap_ctx, const char *dom_name, const char *dom_sid, id_t slice); + +errno_t +sdap_idmap_get_dom_sid_from_object(TALLOC_CTX *mem_ctx, + const char *object_sid, + char **dom_sid_str); #endif /* SDAP_IDMAP_H_ */ |