diff options
Diffstat (limited to 'src/db')
-rw-r--r-- | src/db/sysdb.c | 2 | ||||
-rw-r--r-- | src/db/sysdb.h | 11 | ||||
-rw-r--r-- | src/db/sysdb_search.c | 46 | ||||
-rw-r--r-- | src/db/sysdb_subdomains.c | 40 |
4 files changed, 41 insertions, 58 deletions
diff --git a/src/db/sysdb.c b/src/db/sysdb.c index 2647c630..623cf2b5 100644 --- a/src/db/sysdb.c +++ b/src/db/sysdb.c @@ -1822,7 +1822,7 @@ errno_t sysdb_get_real_name(TALLOC_CTX *mem_ctx, return ENOMEM; } - ret = sysdb_getpwnam(tmp_ctx, sysdb, name, &res); + ret = sysdb_getpwnam(tmp_ctx, sysdb, sysdb->domain, name, &res); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("Cannot canonicalize username\n")); goto done; diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 9f8c85be..0c15cc66 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -429,15 +429,6 @@ errno_t sysdb_store_domgroup(struct sss_domain_info *domain, errno_t sysdb_delete_domgroup(struct sss_domain_info *domain, const char *name, gid_t gid); -int sysdb_subdom_getpwnam(TALLOC_CTX *mem_ctx, - struct sysdb_ctx *sysdb, - const char *name, - struct ldb_result **res); -int sysdb_subdom_getgrnam(TALLOC_CTX *mem_ctx, - struct sysdb_ctx *sysdb, - const char *name, - struct ldb_result **res); - errno_t sysdb_get_ranges(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, size_t *range_count, struct range_info ***range_list); @@ -464,6 +455,7 @@ int sysdb_domain_init(TALLOC_CTX *mem_ctx, * therefore they cannot be called within a transaction */ int sysdb_getpwnam(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, struct ldb_result **res); @@ -478,6 +470,7 @@ int sysdb_enumpwent(TALLOC_CTX *mem_ctx, int sysdb_getgrnam(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, struct ldb_result **res); diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index 49f628bf..902a2637 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -29,6 +29,7 @@ int sysdb_getpwnam(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, struct ldb_result **_res) { @@ -37,6 +38,7 @@ int sysdb_getpwnam(TALLOC_CTX *mem_ctx, struct ldb_dn *base_dn; struct ldb_result *res; char *sanitized_name; + const char *src_name; int ret; tmp_ctx = talloc_new(NULL); @@ -45,13 +47,27 @@ int sysdb_getpwnam(TALLOC_CTX *mem_ctx, } base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, - SYSDB_TMPL_USER_BASE, sysdb->domain->name); + SYSDB_TMPL_USER_BASE, domain->name); if (!base_dn) { ret = ENOMEM; goto done; } - ret = sss_filter_sanitize(tmp_ctx, name, &sanitized_name); + /* If this is a subomain we need to use fully qualified names for the + * search as well by default */ + if (domain->parent && domain->fqnames) { + ret = ENOMEM; + src_name = talloc_asprintf(tmp_ctx, domain->names->fq_fmt, + name, domain->name); + } else { + ret = EINVAL; + src_name = name; + } + if (!src_name) { + goto done; + } + + ret = sss_filter_sanitize(tmp_ctx, src_name, &sanitized_name); if (ret != EOK) { goto done; } @@ -191,6 +207,7 @@ static int mpg_res_convert(struct ldb_result *res) int sysdb_getgrnam(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, struct ldb_result **_res) { @@ -200,6 +217,7 @@ int sysdb_getgrnam(TALLOC_CTX *mem_ctx, char *sanitized_name; struct ldb_dn *base_dn; struct ldb_result *res; + const char *src_name; int ret; tmp_ctx = talloc_new(NULL); @@ -210,18 +228,32 @@ int sysdb_getgrnam(TALLOC_CTX *mem_ctx, if (sysdb->mpg) { fmt_filter = SYSDB_GRNAM_MPG_FILTER; base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, - SYSDB_DOM_BASE, sysdb->domain->name); + SYSDB_DOM_BASE, domain->name); } else { fmt_filter = SYSDB_GRNAM_FILTER; base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, - SYSDB_TMPL_GROUP_BASE, sysdb->domain->name); + SYSDB_TMPL_GROUP_BASE, domain->name); } if (!base_dn) { ret = ENOMEM; goto done; } - ret = sss_filter_sanitize(tmp_ctx, name, &sanitized_name); + /* If this is a subomain we need to use fully qualified names for the + * search as well by default */ + if (domain->parent && domain->fqnames) { + ret = ENOMEM; + src_name = talloc_asprintf(tmp_ctx, domain->names->fq_fmt, + name, domain->name); + } else { + ret = EINVAL; + src_name = name; + } + if (!src_name) { + goto done; + } + + ret = sss_filter_sanitize(tmp_ctx, src_name, &sanitized_name); if (ret != EOK) { goto done; } @@ -365,9 +397,7 @@ int sysdb_initgroups(TALLOC_CTX *mem_ctx, return ENOMEM; } - /* if this is a subdomain we need to search for the fully qualified - * name in the database */ - ret = sysdb_subdom_getpwnam(tmp_ctx, sysdb, name, &res); + ret = sysdb_getpwnam(tmp_ctx, sysdb, sysdb->domain, name, &res); if (ret != EOK) { DEBUG(1, ("sysdb_getpwnam failed: [%d][%s]\n", ret, strerror(ret))); diff --git a/src/db/sysdb_subdomains.c b/src/db/sysdb_subdomains.c index ea1ce998..9f20ed59 100644 --- a/src/db/sysdb_subdomains.c +++ b/src/db/sysdb_subdomains.c @@ -668,43 +668,3 @@ errno_t sysdb_delete_domgroup(struct sss_domain_info *domain, return sysdb_delete_group(domain->sysdb, name, gid); } - -int sysdb_subdom_getpwnam(TALLOC_CTX *mem_ctx, - struct sysdb_ctx *sysdb, - const char *name, - struct ldb_result **res) -{ - char *src_name = NULL; - int ret; - - if (sysdb->domain->parent) { - src_name = talloc_asprintf(mem_ctx, sysdb->domain->names->fq_fmt, - name, sysdb->domain->name); - if (!src_name) return ENOMEM; - } - - ret = sysdb_getpwnam(mem_ctx, sysdb, src_name ? src_name : name, res); - talloc_zfree(src_name); - - return ret; -} - -int sysdb_subdom_getgrnam(TALLOC_CTX *mem_ctx, - struct sysdb_ctx *sysdb, - const char *name, - struct ldb_result **res) -{ - char *src_name = NULL; - int ret; - - if (sysdb->domain->parent) { - src_name = talloc_asprintf(mem_ctx, sysdb->domain->names->fq_fmt, - name, sysdb->domain->name); - if (!src_name) return ENOMEM; - } - - ret = sysdb_getgrnam(mem_ctx, sysdb, src_name ? src_name : name, res); - talloc_zfree(src_name); - - return ret; -} |