CONFDB: fail if there are domains with same name

Fail to start sssd if the domains given in the domains option are the same as
or only differ in case.

Resolves:
https://fedorahosted.org/sssd/ticket/2171

Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>

1 files changed, 18 insertions, 0 deletions

diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index c5cb0c864..f0b8bf3d4 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -35,6 +35,10 @@
     } \
 } while(0)
 
+/* Warning messages */
+#define SAME_DOMAINS_ERROR_MSG "Domain '%s' is the same as or differs only "\
+                               "in case from domain '%s'.\n"
+
 static char *prepend_cn(char *str, int *slen, const char *comp, int clen)
 {
     char *ret;
@@ -1187,6 +1191,20 @@ int confdb_get_domains(struct confdb_ctx *cdb,
     }
 
     for (i = 0; domlist[i]; i++) {
+        /* check if domain name is really unique */
+        DLIST_FOR_EACH(domain, cdb->doms) {
+            if (strcasecmp(domain->name, domlist[i]) == 0) {
+                DEBUG(SSSDBG_FATAL_FAILURE,
+                      (SAME_DOMAINS_ERROR_MSG, domlist[i], domain->name));
+                sss_log(SSS_LOG_CRIT,
+                        SAME_DOMAINS_ERROR_MSG, domlist[i], domain->name);
+
+                ret = EINVAL;
+                goto done;
+            }
+        }
+
+        domain = NULL;
         ret = confdb_get_domain_internal(cdb, cdb, domlist[i], &domain);
         if (ret) {
             DEBUG(0, ("Error (%d [%s]) retrieving domain [%s], skipping!\n",