summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/providers/krb5/krb5_auth.c4
-rw-r--r--src/providers/krb5/krb5_utils.c16
-rw-r--r--src/providers/krb5/krb5_utils.h2
-rw-r--r--src/tests/krb5_utils-tests.c46
4 files changed, 56 insertions, 12 deletions
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 6aaf7fbe..66cee473 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -626,7 +626,9 @@ static void krb5_find_ccache_step(struct tevent_req *req)
kr->ccname = expand_ccname_template(kr, kr,
dp_opt_get_cstring(kr->krb5_ctx->opts,
KRB5_CCNAME_TMPL),
- true, &private_path);
+ true,
+ state->be_ctx->domain->case_sensitive,
+ &private_path);
if (kr->ccname == NULL) {
DEBUG(1, ("expand_ccname_template failed.\n"));
ret = ENOMEM;
diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c
index 7fb0c8b3..2957598c 100644
--- a/src/providers/krb5/krb5_utils.c
+++ b/src/providers/krb5/krb5_utils.c
@@ -30,13 +30,14 @@
char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr,
const char *template, bool file_mode,
- bool *private_path)
+ bool case_sensitive, bool *private_path)
{
char *copy;
char *p;
char *n;
char *result = NULL;
char *dummy;
+ char *name;
char *res = NULL;
const char *cache_dir_tmpl;
TALLOC_CTX *tmp_ctx = NULL;
@@ -79,8 +80,16 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr,
"because user name is empty.\n"));
goto done;
}
+ name = sss_get_cased_name(tmp_ctx, kr->pd->user,
+ case_sensitive);
+ if (!name) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ ("sss_get_cased_name failed\n"));
+ goto done;
+ }
+
result = talloc_asprintf_append(result, "%s%s", p,
- kr->pd->user);
+ name);
if (!file_mode) *private_path = true;
break;
case 'U':
@@ -132,7 +141,8 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr,
}
dummy = expand_ccname_template(tmp_ctx, kr, cache_dir_tmpl,
- false, private_path);
+ false, case_sensitive,
+ private_path);
if (dummy == NULL) {
DEBUG(1, ("Expanding credential cache directory "
"template failed.\n"));
diff --git a/src/providers/krb5/krb5_utils.h b/src/providers/krb5/krb5_utils.h
index 8977e14f..7cc57d42 100644
--- a/src/providers/krb5/krb5_utils.h
+++ b/src/providers/krb5/krb5_utils.h
@@ -33,7 +33,7 @@
char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr,
const char *template, bool file_mode,
- bool *private_path);
+ bool case_sensitive, bool *private_path);
errno_t become_user(uid_t uid, gid_t gid);
diff --git a/src/tests/krb5_utils-tests.c b/src/tests/krb5_utils-tests.c
index 6993398a..aacc384d 100644
--- a/src/tests/krb5_utils-tests.c
+++ b/src/tests/krb5_utils-tests.c
@@ -421,7 +421,7 @@ static void do_test(const char *file_template, const char *dir_template,
fail_unless(ret == EOK, "Failed to set Ccache dir");
result = expand_ccname_template(tmp_ctx, kr, file_template, true,
- &private_path);
+ true, &private_path);
fail_unless(result != NULL, "Cannot expand template [%s].", file_template);
fail_unless(strcmp(result, expected) == 0,
@@ -448,6 +448,37 @@ START_TEST(test_username)
}
END_TEST
+START_TEST(test_case_sensitive)
+{
+ char *result;
+ int ret;
+ bool private_path = false;
+ const char *file_template = BASE"_%u";
+ const char *expected_cs = BASE"_TestUser";
+ const char *expected_ci = BASE"_testuser";
+
+ kr->pd->user = discard_const("TestUser");
+ ret = dp_opt_set_string(kr->krb5_ctx->opts, KRB5_CCACHEDIR, CCACHE_DIR);
+ fail_unless(ret == EOK, "Failed to set Ccache dir");
+
+ result = expand_ccname_template(tmp_ctx, kr, file_template, true,
+ true, &private_path);
+
+ fail_unless(result != NULL, "Cannot expand template [%s].", file_template);
+ fail_unless(strcmp(result, expected_cs) == 0,
+ "Expansion failed, result [%s], expected [%s].",
+ result, expected_cs);
+
+ result = expand_ccname_template(tmp_ctx, kr, file_template, true,
+ false, &private_path);
+
+ fail_unless(result != NULL, "Cannot expand template [%s].", file_template);
+ fail_unless(strcmp(result, expected_ci) == 0,
+ "Expansion failed, result [%s], expected [%s].",
+ result, expected_ci);
+}
+END_TEST
+
START_TEST(test_uid)
{
do_test(BASE"_%U", CCACHE_DIR, BASE"_"UID, false);
@@ -488,7 +519,7 @@ START_TEST(test_ccache_dir)
fail_unless(ret == EOK, "Failed to set Ccache dir");
result = expand_ccname_template(tmp_ctx, kr, "%d/"FILENAME, true,
- &private_path);
+ true, &private_path);
fail_unless(result == NULL, "Using %%d in ccache dir should fail.");
fail_unless(private_path == false,
@@ -509,7 +540,7 @@ START_TEST(test_pid)
fail_unless(ret == EOK, "Failed to set Ccache dir");
result = expand_ccname_template(tmp_ctx, kr, "%d/"FILENAME, true,
- &private_path);
+ true, &private_path);
fail_unless(result == NULL, "Using %%P in ccache dir should fail.");
fail_unless(private_path == false,
@@ -533,7 +564,7 @@ START_TEST(test_unknow_template)
bool private_path = false;
result = expand_ccname_template(tmp_ctx, kr, test_template, true,
- &private_path);
+ true, &private_path);
fail_unless(result == NULL, "Unknown template [%s] should fail.",
test_template);
@@ -542,7 +573,7 @@ START_TEST(test_unknow_template)
fail_unless(ret == EOK, "Failed to set Ccache dir");
test_template = "%d/"FILENAME;
result = expand_ccname_template(tmp_ctx, kr, test_template, true,
- &private_path);
+ true, &private_path);
fail_unless(result == NULL, "Unknown template [%s] should fail.",
test_template);
@@ -559,7 +590,7 @@ START_TEST(test_NULL)
bool private_path = false;
result = expand_ccname_template(tmp_ctx, kr, test_template, true,
- &private_path);
+ true, &private_path);
fail_unless(result == NULL, "Expected NULL as a result for an empty input.",
test_template);
@@ -576,7 +607,7 @@ START_TEST(test_no_substitution)
bool private_path = false;
result = expand_ccname_template(tmp_ctx, kr, test_template, true,
- &private_path);
+ true, &private_path);
fail_unless(result != NULL, "Cannot expand template [%s].", test_template);
fail_unless(strcmp(result, test_template) == 0,
@@ -599,6 +630,7 @@ Suite *krb5_utils_suite (void)
tcase_add_test (tc_ccname_template, test_NULL);
tcase_add_test (tc_ccname_template, test_unknow_template);
tcase_add_test (tc_ccname_template, test_username);
+ tcase_add_test (tc_ccname_template, test_case_sensitive);
tcase_add_test (tc_ccname_template, test_uid);
tcase_add_test (tc_ccname_template, test_upn);
tcase_add_test (tc_ccname_template, test_realm);