summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2012-04-21 10:32:13 -0400
committerStephen Gallagher <sgallagh@redhat.com>2012-05-03 14:09:14 -0400
commit45f75fc8e98092fa48faa3d180fd42f7efd51486 (patch)
treefdfde37f2236c5a3be39e9f49963a2a8423177ea /src
parent4f3fd1fb264a7eaf3a9d062d49e071b0d17e4deb (diff)
downloadsssd-45f75fc8e98092fa48faa3d180fd42f7efd51486.tar.gz
sssd-45f75fc8e98092fa48faa3d180fd42f7efd51486.tar.bz2
sssd-45f75fc8e98092fa48faa3d180fd42f7efd51486.zip
LDAP: Add routine to extract domain SID from an object SID
Also makes the domain prefix macros from sss_idmap public.
Diffstat (limited to 'src')
-rw-r--r--src/lib/idmap/sss_idmap.c2
-rw-r--r--src/lib/idmap/sss_idmap.h3
-rw-r--r--src/providers/ldap/sdap_idmap.c44
-rw-r--r--src/providers/ldap/sdap_idmap.h5
4 files changed, 52 insertions, 2 deletions
diff --git a/src/lib/idmap/sss_idmap.c b/src/lib/idmap/sss_idmap.c
index b00d6150..c970293b 100644
--- a/src/lib/idmap/sss_idmap.c
+++ b/src/lib/idmap/sss_idmap.c
@@ -29,8 +29,6 @@
#include "lib/idmap/sss_idmap.h"
#include "lib/idmap/sss_idmap_private.h"
-#define DOM_SID_PREFIX "S-1-5-21-"
-#define DOM_SID_PREFIX_LEN (sizeof(DOM_SID_PREFIX) - 1)
#define SID_FMT "%s-%d"
#define SID_STR_MAX_LEN 1024
diff --git a/src/lib/idmap/sss_idmap.h b/src/lib/idmap/sss_idmap.h
index 146f831e..78e786af 100644
--- a/src/lib/idmap/sss_idmap.h
+++ b/src/lib/idmap/sss_idmap.h
@@ -29,6 +29,9 @@
#include <stdint.h>
#include <stdbool.h>
+#define DOM_SID_PREFIX "S-1-5-21-"
+#define DOM_SID_PREFIX_LEN (sizeof(DOM_SID_PREFIX) - 1)
+
/**
* @defgroup sss_idmap Map Unix UIDs and GIDs to SIDs and back
* Libsss_idmap provides a mechanism to translate a SID to a UNIX UID or GID
diff --git a/src/providers/ldap/sdap_idmap.c b/src/providers/ldap/sdap_idmap.c
index 02e3d0ea..96ad65b1 100644
--- a/src/providers/ldap/sdap_idmap.c
+++ b/src/providers/ldap/sdap_idmap.c
@@ -322,3 +322,47 @@ done:
}
return ret;
}
+
+errno_t
+sdap_idmap_get_dom_sid_from_object(TALLOC_CTX *mem_ctx,
+ const char *object_sid,
+ char **dom_sid_str)
+{
+ const char *p;
+ long long a;
+ size_t c;
+ char *endptr;
+
+ if (object_sid == NULL
+ || strncmp(object_sid, DOM_SID_PREFIX, DOM_SID_PREFIX_LEN) != 0) {
+ return EINVAL;
+ }
+
+ p = object_sid + DOM_SID_PREFIX_LEN;
+ c = 0;
+
+ do {
+ errno = 0;
+ a = strtoull(p, &endptr, 10);
+ if (errno != 0 || a > UINT32_MAX) {
+ return EINVAL;
+ }
+
+ if (*endptr == '-') {
+ p = endptr + 1;
+ } else {
+ return EINVAL;
+ }
+ c++;
+ } while(c < 3);
+
+ /* If we made it here, we are now one character past
+ * the last hyphen in the object-sid.
+ * Copy the dom-sid substring.
+ */
+ *dom_sid_str = talloc_strndup(mem_ctx, object_sid,
+ (endptr-object_sid));
+ if (!*dom_sid_str) return ENOMEM;
+
+ return EOK;
+}
diff --git a/src/providers/ldap/sdap_idmap.h b/src/providers/ldap/sdap_idmap.h
index 9ac8be13..ee71da28 100644
--- a/src/providers/ldap/sdap_idmap.h
+++ b/src/providers/ldap/sdap_idmap.h
@@ -49,4 +49,9 @@ sdap_idmap_add_domain(struct sdap_idmap_ctx *idmap_ctx,
const char *dom_name,
const char *dom_sid,
id_t slice);
+
+errno_t
+sdap_idmap_get_dom_sid_from_object(TALLOC_CTX *mem_ctx,
+ const char *object_sid,
+ char **dom_sid_str);
#endif /* SDAP_IDMAP_H_ */