diff options
-rw-r--r-- | Makefile.am | 13 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 68 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 6 | ||||
-rw-r--r-- | src/tests/cmocka/test_fqnames.c | 287 | ||||
-rw-r--r-- | src/tests/cmocka/test_nss_srv.c | 141 | ||||
-rw-r--r-- | src/util/usertools.c | 77 | ||||
-rw-r--r-- | src/util/util.h | 9 |
7 files changed, 576 insertions, 25 deletions
diff --git a/Makefile.am b/Makefile.am index 250f9b67..767e9b96 100644 --- a/Makefile.am +++ b/Makefile.am @@ -150,7 +150,8 @@ if HAVE_CMOCKA test-find-uid \ test-io \ sss_nss_idmap-tests \ - dyndns-tests + dyndns-tests \ + fqnames-tests endif check_PROGRAMS = \ @@ -1299,6 +1300,16 @@ dyndns_tests_LDADD = \ $(CMOCKA_LIBS) \ libsss_test_common.la \ libsss_util.la + +fqnames_tests_SOURCES = \ + $(TEST_MOCK_OBJ) \ + src/tests/cmocka/test_fqnames.c +fqnames_tests_CFLAGS = \ + $(AM_CFLAGS) +fqnames_tests_LDADD = \ + $(CMOCKA_LIBS) \ + libsss_util.la + endif noinst_PROGRAMS = pam_test_client diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index b902964f..3bb1ca76 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -143,12 +143,41 @@ <term>full_name_format (string)</term> <listitem> <para> - The default <citerefentry> + A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</manvolnum> </citerefentry>-compatible format that describes how to - translate a (name, domain) tuple into a fully qualified - name. + compose a fully qualified name from user name + and domain name components. + </para> + <para> + The following expansions are supported: + <variablelist> + <varlistentry> + <term>%1$s</term> + <listitem><para>user name</para></listitem> + </varlistentry> + <varlistentry> + <term>%2$s</term> + <listitem> + <para> + domain name as specified in the + SSSD config file. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>%3$s</term> + <listitem> + <para> + domain flat name. Mostly usable + for Active Directory domains, both + directly configured or disovered + via IPA trusts. + </para> + </listitem> + </varlistentry> + </variablelist> </para> <para> Each domain can have an individual format string configured. @@ -1533,8 +1562,37 @@ override_homedir = /home/%u <refentrytitle>printf</refentrytitle> <manvolnum>3</manvolnum> </citerefentry>-compatible format that describes how to - translate a (name, domain) tuple for this domain into a fully - qualified name. + compose a fully qualified name from user name + and domain name components. + </para> + <para> + The following expansions are supported: + <variablelist> + <varlistentry> + <term>%1$s</term> + <listitem><para>user name</para></listitem> + </varlistentry> + <varlistentry> + <term>%2$s</term> + <listitem> + <para> + domain name as specified in the + SSSD config file. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>%3$s</term> + <listitem> + <para> + domain flat name. Mostly usable + for Active Directory domains, both + directly configured or disovered + via IPA trusts. + </para> + </listitem> + </varlistentry> + </variablelist> </para> <para> Default: <quote>%1$s@%2$s</quote>. diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 268cfc83..39076e2b 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -307,7 +307,7 @@ static int fill_pwent(struct sss_packet *packet, int ncret; TALLOC_CTX *tmp_ctx = NULL; - if (add_domain) dom_len = strlen(domain); + if (add_domain) dom_len = sss_fqdom_len(dom->names, dom); to_sized_string(&pwfield, nctx->pwfield); @@ -2161,7 +2161,7 @@ static int fill_members(struct sss_packet *packet, if (add_domain) { delim = 1; - dom_len = strlen(domain); + dom_len = sss_fqdom_len(dom->names, dom); } else { delim = 0; dom_len = 0; @@ -2292,7 +2292,7 @@ static int fill_grent(struct sss_packet *packet, if (add_domain) { delim = 1; - dom_len = strlen(domain); + dom_len = sss_fqdom_len(dom->names, dom); } else { delim = 0; dom_len = 0; diff --git a/src/tests/cmocka/test_fqnames.c b/src/tests/cmocka/test_fqnames.c new file mode 100644 index 00000000..e0735083 --- /dev/null +++ b/src/tests/cmocka/test_fqnames.c @@ -0,0 +1,287 @@ +/* + Authors: + Jakub Hrozek <jhrozek@redhat.com> + + Copyright (C) 2013 Red Hat + + SSSD tests: Fully Qualified Names Tests + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include <popt.h> + +#include "tests/cmocka/common_mock.h" + +#define NAME "name" +#define DOMNAME "domname" +#define FLATNAME "flatname" + +struct fqdn_test_ctx { + struct sss_domain_info *dom; + + struct sss_names_ctx *nctx; +}; + +void fqdn_test_setup(void **state) +{ + struct fqdn_test_ctx *test_ctx; + + assert_true(leak_check_setup()); + + test_ctx = talloc_zero(global_talloc_context, struct fqdn_test_ctx); + assert_non_null(test_ctx); + + test_ctx->dom = talloc_zero(test_ctx, struct sss_domain_info); + assert_non_null(test_ctx->dom); + test_ctx->dom->name = discard_const(DOMNAME); + test_ctx->dom->flat_name = discard_const(FLATNAME); + + check_leaks_push(test_ctx); + *state = test_ctx; +} + +void fqdn_test_teardown(void **state) +{ + struct fqdn_test_ctx *test_ctx = talloc_get_type(*state, + struct fqdn_test_ctx); + + if (test_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); + return; + } + + assert_true(check_leaks_pop(test_ctx) == true); + talloc_free(test_ctx); + assert_true(leak_check_teardown()); +} + +void test_default(void **state) +{ + struct fqdn_test_ctx *test_ctx = talloc_get_type(*state, + struct fqdn_test_ctx); + errno_t ret; + + char *fqdn; + const int fqdn_size = 255; + char fqdn_s[fqdn_size]; + size_t domsize; + + if (test_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); + return; + } + + ret = sss_names_init_from_args(test_ctx, + "(?P<name>[^@]+)@?(?P<domain>[^@]*$)", + "%1$s@%2$s", &test_ctx->nctx); + assert_int_equal(ret, EOK); + assert_int_equal(test_ctx->nctx->fq_flags, FQ_FMT_NAME | FQ_FMT_DOMAIN); + + fqdn = sss_tc_fqname(test_ctx, test_ctx->nctx, test_ctx->dom, NAME); + assert_non_null(fqdn); + assert_string_equal(fqdn, NAME"@"DOMNAME); + talloc_free(fqdn); + + ret = sss_fqname(fqdn_s, fqdn_size, test_ctx->nctx, test_ctx->dom, NAME); + assert_int_equal(ret + 1, sizeof(NAME"@"DOMNAME)); + assert_string_equal(fqdn_s, NAME"@"DOMNAME); + + domsize = sss_fqdom_len(test_ctx->nctx, test_ctx->dom); + assert_int_equal(domsize, sizeof(DOMNAME)-1); + + talloc_free(test_ctx->nctx); +} + +void test_all(void **state) +{ + struct fqdn_test_ctx *test_ctx = talloc_get_type(*state, + struct fqdn_test_ctx); + errno_t ret; + + char *fqdn; + const int fqdn_size = 255; + char fqdn_s[fqdn_size]; + size_t domsize; + + if (test_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); + return; + } + + ret = sss_names_init_from_args(test_ctx, + "(?P<name>[^@]+)@?(?P<domain>[^@]*$)", + "%1$s@%2$s@%3$s", &test_ctx->nctx); + assert_int_equal(ret, EOK); + assert_int_equal(test_ctx->nctx->fq_flags, + FQ_FMT_NAME | FQ_FMT_DOMAIN | FQ_FMT_FLAT_NAME); + + fqdn = sss_tc_fqname(test_ctx, test_ctx->nctx, test_ctx->dom, NAME); + assert_non_null(fqdn); + assert_string_equal(fqdn, NAME"@"DOMNAME"@"FLATNAME); + talloc_free(fqdn); + + ret = sss_fqname(fqdn_s, fqdn_size, test_ctx->nctx, test_ctx->dom, NAME); + assert_int_equal(ret + 1, sizeof(NAME"@"DOMNAME"@"FLATNAME)); + assert_string_equal(fqdn_s, NAME"@"DOMNAME"@"FLATNAME); + + domsize = sss_fqdom_len(test_ctx->nctx, test_ctx->dom); + assert_int_equal(domsize, sizeof(DOMNAME)-1 + sizeof(FLATNAME)-1); + + talloc_free(test_ctx->nctx); +} + +void test_flat(void **state) +{ + struct fqdn_test_ctx *test_ctx = talloc_get_type(*state, + struct fqdn_test_ctx); + errno_t ret; + + char *fqdn; + const int fqdn_size = 255; + char fqdn_s[fqdn_size]; + size_t domsize; + + if (test_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); + return; + } + + ret = sss_names_init_from_args(test_ctx, + "(?P<name>[^@]+)@?(?P<domain>[^@]*$)", + "%1$s@%3$s", &test_ctx->nctx); + assert_int_equal(ret, EOK); + assert_int_equal(test_ctx->nctx->fq_flags, FQ_FMT_NAME | FQ_FMT_FLAT_NAME); + + fqdn = sss_tc_fqname(test_ctx, test_ctx->nctx, test_ctx->dom, NAME); + assert_non_null(fqdn); + assert_string_equal(fqdn, NAME"@"FLATNAME); + talloc_free(fqdn); + + ret = sss_fqname(fqdn_s, fqdn_size, test_ctx->nctx, test_ctx->dom, NAME); + assert_int_equal(ret + 1, sizeof(NAME"@"FLATNAME)); + assert_string_equal(fqdn_s, NAME"@"FLATNAME); + + domsize = sss_fqdom_len(test_ctx->nctx, test_ctx->dom); + assert_int_equal(domsize, sizeof(FLATNAME)-1); + + talloc_free(test_ctx->nctx); +} + +void test_flat_fallback(void **state) +{ + struct fqdn_test_ctx *test_ctx = talloc_get_type(*state, + struct fqdn_test_ctx); + errno_t ret; + + char *fqdn; + const int fqdn_size = 255; + char fqdn_s[fqdn_size]; + size_t domsize; + + if (test_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); + return; + } + + ret = sss_names_init_from_args(test_ctx, + "(?P<name>[^@]+)@?(?P<domain>[^@]*$)", + "%1$s@%3$s", &test_ctx->nctx); + assert_int_equal(ret, EOK); + assert_int_equal(test_ctx->nctx->fq_flags, FQ_FMT_NAME | FQ_FMT_FLAT_NAME); + + test_ctx->dom->flat_name = NULL; + + /* If flat name is requested but does not exist, the code falls back to domain + * name + */ + fqdn = sss_tc_fqname(test_ctx, test_ctx->nctx, test_ctx->dom, NAME); + assert_non_null(fqdn); + assert_string_equal(fqdn, NAME"@"DOMNAME); + talloc_free(fqdn); + + ret = sss_fqname(fqdn_s, fqdn_size, test_ctx->nctx, test_ctx->dom, NAME); + assert_int_equal(ret + 1, sizeof(NAME"@"DOMNAME)); + assert_string_equal(fqdn_s, NAME"@"DOMNAME); + + domsize = sss_fqdom_len(test_ctx->nctx, test_ctx->dom); + assert_int_equal(domsize, sizeof(DOMNAME)-1); + + talloc_free(test_ctx->nctx); +} + +void test_init_nouser(void **state) +{ + struct fqdn_test_ctx *test_ctx = talloc_get_type(*state, + struct fqdn_test_ctx); + errno_t ret; + + if (test_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); + return; + } + + ret = sss_names_init_from_args(test_ctx, + "(?P<name>[^@]+)@?(?P<domain>[^@]*$)", + "%2$s@%3$s", &test_ctx->nctx); + /* Initialization with no user name must fail */ + assert_int_not_equal(ret, EOK); +} + +int main(int argc, const char *argv[]) +{ + poptContext pc; + int opt; + struct poptOption long_options[] = { + POPT_AUTOHELP + SSSD_DEBUG_OPTS + POPT_TABLEEND + }; + + const UnitTest tests[] = { + unit_test_setup_teardown(test_default, + fqdn_test_setup, fqdn_test_teardown), + unit_test_setup_teardown(test_all, + fqdn_test_setup, fqdn_test_teardown), + unit_test_setup_teardown(test_flat, + fqdn_test_setup, fqdn_test_teardown), + unit_test_setup_teardown(test_flat_fallback, + fqdn_test_setup, fqdn_test_teardown), + unit_test_setup_teardown(test_init_nouser, + fqdn_test_setup, fqdn_test_teardown), + }; + + /* Set debug level to invalid value so we can deside if -d 0 was used. */ + debug_level = SSSDBG_INVALID; + + pc = poptGetContext(argv[0], argc, argv, long_options, 0); + while((opt = poptGetNextOpt(pc)) != -1) { + switch(opt) { + default: + fprintf(stderr, "\nInvalid option %s: %s\n\n", + poptBadOption(pc, 0), poptStrerror(opt)); + poptPrintUsage(pc, stderr, 0); + return 1; + } + } + poptFreeContext(pc); + + DEBUG_INIT(debug_level); + + /* Even though normally the tests should clean up after themselves + * they might not after a failed run. Remove the old db to be sure */ + tests_set_cwd(); + + return run_tests(tests); +} diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c index 092e6803..e8cc9aae 100644 --- a/src/tests/cmocka/test_nss_srv.c +++ b/src/tests/cmocka/test_nss_srv.c @@ -411,14 +411,109 @@ void test_nss_getpwnam_update(void **state) assert_string_equal(shell, "/bin/ksh"); } +/* Check that a FQDN is returned if the domain is FQDN-only and a + * FQDN is requested + */ +static int test_nss_getpwnam_check_fqdn(uint8_t *body, size_t blen) +{ + struct passwd pwd; + errno_t ret; + + nss_test_ctx->cctx->rctx->domains[0].fqnames = false; + + ret = parse_user_packet(body, blen, &pwd); + assert_int_equal(ret, EOK); + + assert_int_equal(pwd.pw_uid, 124); + assert_int_equal(pwd.pw_gid, 457); + assert_string_equal(pwd.pw_name, "testuser_fqdn@"TEST_DOM_NAME); + assert_string_equal(pwd.pw_shell, "/bin/sh"); + return EOK; +} + +void test_nss_getpwnam_fqdn(void **state) +{ + errno_t ret; + + /* Prime the cache with a valid user */ + ret = sysdb_add_user(nss_test_ctx->tctx->sysdb, + nss_test_ctx->tctx->dom, + "testuser_fqdn", 124, 457, "test user", + "/home/testuser", "/bin/sh", NULL, + NULL, 300, 0); + assert_int_equal(ret, EOK); + + mock_input_user("testuser_fqdn@"TEST_DOM_NAME); + will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETPWNAM); + mock_fill_user(); + + /* Query for that user, call a callback when command finishes */ + set_cmd_cb(test_nss_getpwnam_check_fqdn); + nss_test_ctx->cctx->rctx->domains[0].fqnames = true; + ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETPWNAM, + nss_test_ctx->nss_cmds); + assert_int_equal(ret, EOK); + + /* Wait until the test finishes with EOK */ + ret = test_ev_loop(nss_test_ctx->tctx); + assert_int_equal(ret, EOK); +} + +/* + * Check that FQDN processing is able to handle arbitrarily sized + * delimeter + */ +static int test_nss_getpwnam_check_resize_fqdn(uint8_t *body, size_t blen) +{ + struct passwd pwd; + errno_t ret; + + nss_test_ctx->cctx->rctx->domains[0].fqnames = false; + + ret = parse_user_packet(body, blen, &pwd); + assert_int_equal(ret, EOK); + + assert_int_equal(pwd.pw_uid, 125); + assert_int_equal(pwd.pw_gid, 458); + assert_string_equal(pwd.pw_name, "testuser_fqdn_resize@@@@@"TEST_DOM_NAME); + assert_string_equal(pwd.pw_shell, "/bin/sh"); + return EOK; +} + +void test_nss_getpwnam_fqdn_resize(void **state) +{ + errno_t ret; + + /* Prime the cache with a valid user */ + ret = sysdb_add_user(nss_test_ctx->tctx->sysdb, + nss_test_ctx->tctx->dom, + "testuser_fqdn_resize", 125, 458, "test user", + "/home/testuser", "/bin/sh", NULL, + NULL, 300, 0); + assert_int_equal(ret, EOK); + + mock_input_user("testuser_fqdn_resize@"TEST_DOM_NAME); + will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETPWNAM); + mock_fill_user(); + will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); + + /* Query for that user, call a callback when command finishes */ + set_cmd_cb(test_nss_getpwnam_check_resize_fqdn); + nss_test_ctx->cctx->rctx->domains[0].fqnames = true; + ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETPWNAM, + nss_test_ctx->nss_cmds); + assert_int_equal(ret, EOK); + + /* Wait until the test finishes with EOK */ + ret = test_ev_loop(nss_test_ctx->tctx); + assert_int_equal(ret, EOK); +} + /* Testsuite setup and teardown */ -void nss_test_setup(void **state) +void test_nss_setup(struct sss_test_conf_param params[], + void **state) { errno_t ret; - struct sss_test_conf_param params[] = { - { "enumerate", "false" }, - { NULL, NULL }, /* Sentinel */ - }; nss_test_ctx = talloc_zero(NULL, struct nss_test_ctx); assert_non_null(nss_test_ctx); @@ -451,6 +546,38 @@ void nss_test_setup(void **state) assert_non_null(nss_test_ctx->cctx); } +void nss_test_setup(void **state) +{ + struct sss_test_conf_param params[] = { + { "enumerate", "false" }, + { NULL, NULL }, /* Sentinel */ + }; + + test_nss_setup(params, state); +} + +void nss_fqdn_test_setup(void **state) +{ + struct sss_test_conf_param params[] = { + { "enumerate", "false" }, + { "full_name_format", "%1$s@%2$s" }, + { NULL, NULL }, /* Sentinel */ + }; + + test_nss_setup(params, state); +} + +void nss_fqdn_resize_test_setup(void **state) +{ + struct sss_test_conf_param params[] = { + { "enumerate", "false" }, + { "full_name_format", "%1$s@@@@@%2$s" }, + { NULL, NULL }, /* Sentinel */ + }; + + test_nss_setup(params, state); +} + void nss_test_teardown(void **state) { talloc_free(nss_test_ctx); @@ -479,6 +606,10 @@ int main(int argc, const char *argv[]) nss_test_setup, nss_test_teardown), unit_test_setup_teardown(test_nss_getpwnam_update, nss_test_setup, nss_test_teardown), + unit_test_setup_teardown(test_nss_getpwnam_fqdn, + nss_fqdn_test_setup, nss_test_teardown), + unit_test_setup_teardown(test_nss_getpwnam_fqdn_resize, + nss_fqdn_resize_test_setup, nss_test_teardown), }; /* Set debug level to invalid value so we can deside if -d 0 was used. */ diff --git a/src/util/usertools.c b/src/util/usertools.c index 835b9e34..cc8f583b 100644 --- a/src/util/usertools.c +++ b/src/util/usertools.c @@ -140,12 +140,14 @@ static errno_t sss_fqnames_init(struct sss_names_ctx *nctx, const char *fq_fmt) struct pattern_desc { const char *pattern; const char *desc; + int flag; }; struct pattern_desc fqname_patterns[] = { - { "%1$s", "user name" }, - { "%2$s", "domain name" }, - { NULL, NULL } + { "%1$s", "user name", FQ_FMT_NAME }, + { "%2$s", "domain name", FQ_FMT_DOMAIN }, + { "%3$s", "domain flat name", FQ_FMT_FLAT_NAME }, + { NULL, NULL, 0 } }; nctx->fq_fmt = talloc_strdup(nctx, fq_fmt); @@ -163,12 +165,24 @@ static errno_t sss_fqnames_init(struct sss_names_ctx *nctx, const char *fq_fmt) ("Username pattern not found in [%s]\n", nctx->fq_fmt)); return ENOENT; } + nctx->fq_flags = FQ_FMT_NAME; + + for (int i = 1; fqname_patterns[i].pattern; i++) { + char *s; + s = strstr(fq_fmt, fqname_patterns[i].pattern); + if (s == NULL) { + /* Append the format specifier */ + nctx->fq_fmt = talloc_strdup_append(nctx->fq_fmt, + fqname_patterns[i].pattern); + if (nctx->fq_fmt == NULL) { + return ENOMEM; + } + continue; + } - if (strstr(fq_fmt, fqname_patterns[1].pattern) == NULL) { - DEBUG(SSSDBG_MINOR_FAILURE, - ("The pattern for %s was not found, fully-qualified names " - "might not work as expected\n", fqname_patterns[1].desc)); - /* Ignore this error */ + DEBUG(SSSDBG_CONF_SETTINGS, + ("Found the pattern for %s\n", fqname_patterns[i].desc)); + nctx->fq_flags |= fqname_patterns[i].flag; } return EOK; @@ -551,17 +565,46 @@ sss_get_cased_name_list(TALLOC_CTX *mem_ctx, const char * const *orig, static inline const char * safe_fq_str(struct sss_names_ctx *nctx, uint8_t part, const char *str) { - return nctx->fq_flags & part ? str : ""; } +static inline const char * +safe_flat_name(struct sss_names_ctx *nctx, struct sss_domain_info *domain) +{ + const char *s; + + s = safe_fq_str(nctx, FQ_FMT_FLAT_NAME, domain->flat_name); + if (s == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Flat name requested but domain has no" + "flat name set, falling back to domain name\n")); + s = domain->name; + } + + return s; +} + +static inline size_t +fq_part_len(struct sss_names_ctx *nctx, struct sss_domain_info *dom, + uint8_t part, const char *str) +{ + const char *s = str; + + if (part == FQ_FMT_FLAT_NAME) { + s = safe_flat_name(nctx, dom); + } + return nctx->fq_flags & part ? strlen(s) : 0; +} + char * sss_tc_fqname(TALLOC_CTX *mem_ctx, struct sss_names_ctx *nctx, struct sss_domain_info *domain, const char *name) { if (domain == NULL || nctx == NULL) return NULL; - return talloc_asprintf(mem_ctx, nctx->fq_fmt, name, domain->name); + return talloc_asprintf(mem_ctx, nctx->fq_fmt, + safe_fq_str(nctx, FQ_FMT_NAME, name), + safe_fq_str(nctx, FQ_FMT_DOMAIN, domain->name), + safe_flat_name(nctx, domain)); } int @@ -570,5 +613,17 @@ sss_fqname(char *str, size_t size, struct sss_names_ctx *nctx, { if (domain == NULL || nctx == NULL) return -EINVAL; - return snprintf(str, size, nctx->fq_fmt, name, domain->name); + return snprintf(str, size, nctx->fq_fmt, + safe_fq_str(nctx, FQ_FMT_NAME, name), + safe_fq_str(nctx, FQ_FMT_DOMAIN, domain->name), + safe_flat_name(nctx, domain)); +} + +size_t +sss_fqdom_len(struct sss_names_ctx *nctx, + struct sss_domain_info *domain) +{ + size_t len = fq_part_len(nctx, domain, FQ_FMT_DOMAIN, domain->name); + len += fq_part_len(nctx, domain, FQ_FMT_FLAT_NAME, domain->flat_name); + return len; } diff --git a/src/util/util.h b/src/util/util.h index 2f65fa20..87a4061e 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -335,9 +335,14 @@ char *get_username_from_uid(TALLOC_CTX *mem_ctx, uid_t uid); char *get_uppercase_realm(TALLOC_CTX *memctx, const char *name); +#define FQ_FMT_NAME 0x01 +#define FQ_FMT_DOMAIN 0x02 +#define FQ_FMT_FLAT_NAME 0x04 + struct sss_names_ctx { char *re_pattern; char *fq_fmt; + uint8_t fq_flags; pcre *re; }; @@ -381,6 +386,10 @@ int sss_fqname(char *str, size_t size, struct sss_names_ctx *nctx, struct sss_domain_info *domain, const char *name); +size_t +sss_fqdom_len(struct sss_names_ctx *nctx, + struct sss_domain_info *domain); + /* from backup-file.c */ int backup_file(const char *src, int dbglvl); |