summaryrefslogtreecommitdiff
path: root/src/providers
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2011-03-16 12:35:27 -0400
committerStephen Gallagher <sgallagh@redhat.com>2011-03-23 04:58:37 -0400
commitde96baa345785993145a4955c5affcc70700d5c1 (patch)
tree5075c856ac13d56648bc73e493bebfd38146d9a4 /src/providers
parentd86c2d2995933d61fc3c63f74ec260b5c8c75bf9 (diff)
downloadsssd-de96baa345785993145a4955c5affcc70700d5c1.tar.gz
sssd-de96baa345785993145a4955c5affcc70700d5c1.tar.bz2
sssd-de96baa345785993145a4955c5affcc70700d5c1.zip
Ignore aliases for users
Users in ldap with multiple values for their username attribute will now be compared against the RDN of the entry to determine the "primary" username. We will save only this primary name to the ldb cache.
Diffstat (limited to 'src/providers')
-rw-r--r--src/providers/ldap/sdap_async_accounts.c46
1 files changed, 26 insertions, 20 deletions
diff --git a/src/providers/ldap/sdap_async_accounts.c b/src/providers/ldap/sdap_async_accounts.c
index 5c2078e7..7b3820e8 100644
--- a/src/providers/ldap/sdap_async_accounts.c
+++ b/src/providers/ldap/sdap_async_accounts.c
@@ -40,7 +40,7 @@ static int sdap_save_user(TALLOC_CTX *memctx,
{
struct ldb_message_element *el;
int ret;
- const char *name;
+ const char *name = NULL;
const char *pwd;
const char *gecos;
const char *homedir;
@@ -49,25 +49,35 @@ static int sdap_save_user(TALLOC_CTX *memctx,
gid_t gid;
struct sysdb_attrs *user_attrs;
char *upn = NULL;
- int i;
+ size_t i;
char *val = NULL;
int cache_timeout;
char *usn_value = NULL;
size_t c;
char **missing = NULL;
+ TALLOC_CTX *tmpctx = NULL;
DEBUG(9, ("Save user\n"));
- ret = sysdb_attrs_get_el(attrs,
- opts->user_map[SDAP_AT_USER_NAME].sys_name, &el);
- if (el->num_values == 0) {
- ret = EINVAL;
+ tmpctx = talloc_new(memctx);
+ if (!tmpctx) {
+ ret = ENOMEM;
+ goto fail;
}
- if (ret) {
+
+ user_attrs = sysdb_new_attrs(tmpctx);
+ if (user_attrs == NULL) {
+ ret = ENOMEM;
+ goto fail;
+ }
+
+ ret = sysdb_attrs_primary_name(ctx, attrs,
+ opts->user_map[SDAP_AT_USER_NAME].name,
+ &name);
+ if (ret != EOK) {
DEBUG(1, ("Failed to save the user - entry has no name attribute\n"));
- return ret;
+ goto fail;
}
- name = (const char *)el->values[0].data;
ret = sysdb_attrs_get_el(attrs,
opts->user_map[SDAP_AT_USER_PWD].sys_name, &el);
@@ -129,12 +139,6 @@ static int sdap_save_user(TALLOC_CTX *memctx,
goto fail;
}
- user_attrs = sysdb_new_attrs(memctx);
- if (user_attrs == NULL) {
- ret = ENOMEM;
- goto fail;
- }
-
ret = sysdb_attrs_get_el(attrs, SYSDB_ORIG_DN, &el);
if (ret) {
goto fail;
@@ -271,7 +275,7 @@ static int sdap_save_user(TALLOC_CTX *memctx,
/* Make sure that any attributes we requested from LDAP that we
* did not receive are also removed from the sysdb
*/
- ret = list_missing_attrs(NULL, opts->user_map, SDAP_OPTS_USER,
+ ret = list_missing_attrs(user_attrs, opts->user_map, SDAP_OPTS_USER,
ldap_attrs, attrs, &missing);
if (ret != EOK) {
goto fail;
@@ -285,21 +289,23 @@ static int sdap_save_user(TALLOC_CTX *memctx,
DEBUG(6, ("Storing info for user %s\n", name));
- ret = sysdb_store_user(memctx, ctx, dom,
+ ret = sysdb_store_user(user_attrs, ctx, dom,
name, pwd, uid, gid, gecos, homedir, shell,
user_attrs, missing, cache_timeout);
if (ret) goto fail;
- talloc_zfree(missing);
if (_usn_value) {
*_usn_value = usn_value;
}
+ talloc_steal(memctx, user_attrs);
+ talloc_free(tmpctx);
return EOK;
fail:
- DEBUG(2, ("Failed to save user %s\n", name));
- talloc_free(missing);
+ DEBUG(2, ("Failed to save user [%s]\n",
+ name ? name : "Unknown"));
+ talloc_free(tmpctx);
return ret;
}