summaryrefslogtreecommitdiff
path: root/src/db
diff options
context:
space:
mode:
Diffstat (limited to 'src/db')
-rw-r--r--src/db/sysdb.c2
-rw-r--r--src/db/sysdb.h11
-rw-r--r--src/db/sysdb_search.c46
-rw-r--r--src/db/sysdb_subdomains.c40
4 files changed, 41 insertions, 58 deletions
diff --git a/src/db/sysdb.c b/src/db/sysdb.c
index 2647c630..623cf2b5 100644
--- a/src/db/sysdb.c
+++ b/src/db/sysdb.c
@@ -1822,7 +1822,7 @@ errno_t sysdb_get_real_name(TALLOC_CTX *mem_ctx,
return ENOMEM;
}
- ret = sysdb_getpwnam(tmp_ctx, sysdb, name, &res);
+ ret = sysdb_getpwnam(tmp_ctx, sysdb, sysdb->domain, name, &res);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("Cannot canonicalize username\n"));
goto done;
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 9f8c85be..0c15cc66 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -429,15 +429,6 @@ errno_t sysdb_store_domgroup(struct sss_domain_info *domain,
errno_t sysdb_delete_domgroup(struct sss_domain_info *domain,
const char *name, gid_t gid);
-int sysdb_subdom_getpwnam(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- const char *name,
- struct ldb_result **res);
-int sysdb_subdom_getgrnam(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- const char *name,
- struct ldb_result **res);
-
errno_t sysdb_get_ranges(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
size_t *range_count,
struct range_info ***range_list);
@@ -464,6 +455,7 @@ int sysdb_domain_init(TALLOC_CTX *mem_ctx,
* therefore they cannot be called within a transaction */
int sysdb_getpwnam(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
struct ldb_result **res);
@@ -478,6 +470,7 @@ int sysdb_enumpwent(TALLOC_CTX *mem_ctx,
int sysdb_getgrnam(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
struct ldb_result **res);
diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c
index 49f628bf..902a2637 100644
--- a/src/db/sysdb_search.c
+++ b/src/db/sysdb_search.c
@@ -29,6 +29,7 @@
int sysdb_getpwnam(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
struct ldb_result **_res)
{
@@ -37,6 +38,7 @@ int sysdb_getpwnam(TALLOC_CTX *mem_ctx,
struct ldb_dn *base_dn;
struct ldb_result *res;
char *sanitized_name;
+ const char *src_name;
int ret;
tmp_ctx = talloc_new(NULL);
@@ -45,13 +47,27 @@ int sysdb_getpwnam(TALLOC_CTX *mem_ctx,
}
base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_TMPL_USER_BASE, sysdb->domain->name);
+ SYSDB_TMPL_USER_BASE, domain->name);
if (!base_dn) {
ret = ENOMEM;
goto done;
}
- ret = sss_filter_sanitize(tmp_ctx, name, &sanitized_name);
+ /* If this is a subomain we need to use fully qualified names for the
+ * search as well by default */
+ if (domain->parent && domain->fqnames) {
+ ret = ENOMEM;
+ src_name = talloc_asprintf(tmp_ctx, domain->names->fq_fmt,
+ name, domain->name);
+ } else {
+ ret = EINVAL;
+ src_name = name;
+ }
+ if (!src_name) {
+ goto done;
+ }
+
+ ret = sss_filter_sanitize(tmp_ctx, src_name, &sanitized_name);
if (ret != EOK) {
goto done;
}
@@ -191,6 +207,7 @@ static int mpg_res_convert(struct ldb_result *res)
int sysdb_getgrnam(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
struct ldb_result **_res)
{
@@ -200,6 +217,7 @@ int sysdb_getgrnam(TALLOC_CTX *mem_ctx,
char *sanitized_name;
struct ldb_dn *base_dn;
struct ldb_result *res;
+ const char *src_name;
int ret;
tmp_ctx = talloc_new(NULL);
@@ -210,18 +228,32 @@ int sysdb_getgrnam(TALLOC_CTX *mem_ctx,
if (sysdb->mpg) {
fmt_filter = SYSDB_GRNAM_MPG_FILTER;
base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_DOM_BASE, sysdb->domain->name);
+ SYSDB_DOM_BASE, domain->name);
} else {
fmt_filter = SYSDB_GRNAM_FILTER;
base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_TMPL_GROUP_BASE, sysdb->domain->name);
+ SYSDB_TMPL_GROUP_BASE, domain->name);
}
if (!base_dn) {
ret = ENOMEM;
goto done;
}
- ret = sss_filter_sanitize(tmp_ctx, name, &sanitized_name);
+ /* If this is a subomain we need to use fully qualified names for the
+ * search as well by default */
+ if (domain->parent && domain->fqnames) {
+ ret = ENOMEM;
+ src_name = talloc_asprintf(tmp_ctx, domain->names->fq_fmt,
+ name, domain->name);
+ } else {
+ ret = EINVAL;
+ src_name = name;
+ }
+ if (!src_name) {
+ goto done;
+ }
+
+ ret = sss_filter_sanitize(tmp_ctx, src_name, &sanitized_name);
if (ret != EOK) {
goto done;
}
@@ -365,9 +397,7 @@ int sysdb_initgroups(TALLOC_CTX *mem_ctx,
return ENOMEM;
}
- /* if this is a subdomain we need to search for the fully qualified
- * name in the database */
- ret = sysdb_subdom_getpwnam(tmp_ctx, sysdb, name, &res);
+ ret = sysdb_getpwnam(tmp_ctx, sysdb, sysdb->domain, name, &res);
if (ret != EOK) {
DEBUG(1, ("sysdb_getpwnam failed: [%d][%s]\n",
ret, strerror(ret)));
diff --git a/src/db/sysdb_subdomains.c b/src/db/sysdb_subdomains.c
index ea1ce998..9f20ed59 100644
--- a/src/db/sysdb_subdomains.c
+++ b/src/db/sysdb_subdomains.c
@@ -668,43 +668,3 @@ errno_t sysdb_delete_domgroup(struct sss_domain_info *domain,
return sysdb_delete_group(domain->sysdb, name, gid);
}
-
-int sysdb_subdom_getpwnam(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- const char *name,
- struct ldb_result **res)
-{
- char *src_name = NULL;
- int ret;
-
- if (sysdb->domain->parent) {
- src_name = talloc_asprintf(mem_ctx, sysdb->domain->names->fq_fmt,
- name, sysdb->domain->name);
- if (!src_name) return ENOMEM;
- }
-
- ret = sysdb_getpwnam(mem_ctx, sysdb, src_name ? src_name : name, res);
- talloc_zfree(src_name);
-
- return ret;
-}
-
-int sysdb_subdom_getgrnam(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- const char *name,
- struct ldb_result **res)
-{
- char *src_name = NULL;
- int ret;
-
- if (sysdb->domain->parent) {
- src_name = talloc_asprintf(mem_ctx, sysdb->domain->names->fq_fmt,
- name, sysdb->domain->name);
- if (!src_name) return ENOMEM;
- }
-
- ret = sysdb_getgrnam(mem_ctx, sysdb, src_name ? src_name : name, res);
- talloc_zfree(src_name);
-
- return ret;
-}