Make LDAP extra attributes available to IPA and AD

https://fedorahosted.org/sssd/ticket/2073

Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>

7 files changed, 61 insertions, 48 deletions

diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf
index aa20ca0bb..ed0189618 100644
--- a/src/config/etc/sssd.api.d/sssd-ad.conf
+++ b/src/config/etc/sssd.api.d/sssd-ad.conf
@@ -54,6 +54,7 @@ ldap_id_mapping = bool, None, false
 ldap_user_search_base = str, None, false
 ldap_user_search_scope = str, None, false
 ldap_user_search_filter = str, None, false
+ldap_user_extra_attrs = str, None, false
 ldap_user_object_class = str, None, false
 ldap_user_name = str, None, false
 ldap_user_uid_number = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf
index 9259d9979..3a3f6a4cf 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -61,6 +61,7 @@ ldap_id_mapping = bool, None, false
 ldap_user_search_base = str, None, false
 ldap_user_search_scope = str, None, false
 ldap_user_search_filter = str, None, false
+ldap_user_extra_attrs = str, None, false
 ldap_user_object_class = str, None, false
 ldap_user_name = str, None, false
 ldap_user_uid_number = str, None, false
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
index 8528ad3dc..2607e766d 100644
--- a/src/providers/ad/ad_common.c
+++ b/src/providers/ad/ad_common.c
@@ -201,11 +201,12 @@ ad_create_sdap_options(TALLOC_CTX *mem_ctx,
         goto done;
     }
 
-    ret = sdap_extend_map(id_opts,
-                          id_opts->user_map,
-                          SDAP_OPTS_USER, NULL,
-                          &id_opts->user_map,
-                          &id_opts->user_map_cnt);
+    ret = sdap_extend_map_with_list(id_opts, id_opts,
+                                    SDAP_USER_EXTRA_ATTRS,
+                                    id_opts->user_map,
+                                    SDAP_OPTS_USER,
+                                    &id_opts->user_map,
+                                    &id_opts->user_map_cnt);
     if (ret != EOK) {
         goto done;
     }
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c
index 19de10d8b..f594de27a 100644
--- a/src/providers/ipa/ipa_common.c
+++ b/src/providers/ipa/ipa_common.c
@@ -547,11 +547,12 @@ int ipa_get_id_options(struct ipa_options *ipa_opts,
         goto done;
     }
 
-    ret = sdap_extend_map(ipa_opts->id,
-                          ipa_opts->id->user_map,
-                          SDAP_OPTS_USER, NULL,
-                          &ipa_opts->id->user_map,
-                          &ipa_opts->id->user_map_cnt);
+    ret = sdap_extend_map_with_list(ipa_opts->id, ipa_opts->id,
+                                    SDAP_USER_EXTRA_ATTRS,
+                                    ipa_opts->id->user_map,
+                                    SDAP_OPTS_USER,
+                                    &ipa_opts->id->user_map,
+                                    &ipa_opts->id->user_map_cnt);
     if (ret != EOK) {
         goto done;
     }
diff --git a/src/providers/ldap/ldap_options.c b/src/providers/ldap/ldap_options.c
index 11ed9c31f..eb00aab32 100644
--- a/src/providers/ldap/ldap_options.c
+++ b/src/providers/ldap/ldap_options.c
@@ -23,44 +23,6 @@
 #include "providers/ldap/sdap_async_private.h"
 #include "util/crypto/sss_crypto.h"
 
-static int sdap_extend_map_with_list(TALLOC_CTX *mem_ctx,
-                                     struct sdap_options *opts,
-                                     int extra_attr_index,
-                                     struct sdap_attr_map *src_map,
-                                     size_t num_entries,
-                                     struct sdap_attr_map **_map,
-                                     size_t *_new_size)
-{
-    const char *extra_attrs;
-    char **extra_attrs_list;
-    errno_t ret;
-
-    extra_attrs = dp_opt_get_string(opts->basic, extra_attr_index);
-    if (extra_attrs == NULL) {
-        *_map = src_map;
-        *_new_size = num_entries;
-        return EOK;
-    }
-
-    /* split server parm into a list */
-    ret = split_on_separator(mem_ctx, extra_attrs, ',', true, true,
-                             &extra_attrs_list, NULL);
-    if (ret != EOK) {
-        DEBUG(SSSDBG_OP_FAILURE, "Failed to parse server list!\n");
-        return ret;
-    }
-
-    ret = sdap_extend_map(mem_ctx, src_map,
-                          num_entries, extra_attrs_list,
-                          _map, _new_size);
-    talloc_free(extra_attrs_list);
-    if (ret != EOK) {
-        return ret;
-    }
-
-    return EOK;
-}
-
 int ldap_get_options(TALLOC_CTX *memctx,
                      struct sss_domain_info *dom,
                      struct confdb_ctx *cdb,
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index 37a187436..e8d23c9dc 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -187,6 +187,45 @@ int sdap_extend_map(TALLOC_CTX *memctx,
     return EOK;
 }
 
+int sdap_extend_map_with_list(TALLOC_CTX *mem_ctx,
+                              struct sdap_options *opts,
+                              int extra_attr_index,
+                              struct sdap_attr_map *src_map,
+                              size_t num_entries,
+                              struct sdap_attr_map **_map,
+                              size_t *_new_size)
+{
+    const char *extra_attrs;
+    char **extra_attrs_list;
+    errno_t ret;
+
+    extra_attrs = dp_opt_get_string(opts->basic, extra_attr_index);
+    if (extra_attrs == NULL) {
+        *_map = src_map;
+        *_new_size = num_entries;
+        return EOK;
+    }
+
+    /* split server parm into a list */
+    ret = split_on_separator(mem_ctx, extra_attrs, ',', true, true,
+                             &extra_attrs_list, NULL);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE, ("Failed to parse server list!\n"));
+        return ret;
+    }
+
+
+    ret = sdap_extend_map(mem_ctx, src_map,
+                          num_entries, extra_attrs_list,
+                          _map, _new_size);
+    talloc_free(extra_attrs_list);
+    if (ret != EOK) {
+        return ret;
+    }
+
+    return EOK;
+}
+
 int sdap_get_map(TALLOC_CTX *memctx,
                  struct confdb_ctx *cdb,
                  const char *conf_path,
diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
index 38eec1c4d..fdf92eecf 100644
--- a/src/providers/ldap/sdap.h
+++ b/src/providers/ldap/sdap.h
@@ -476,6 +476,14 @@ int sdap_extend_map(TALLOC_CTX *memctx,
                     struct sdap_attr_map **_map,
                     size_t *_new_size);
 
+int sdap_extend_map_with_list(TALLOC_CTX *mem_ctx,
+                              struct sdap_options *opts,
+                              int extra_attr_index,
+                              struct sdap_attr_map *src_map,
+                              size_t num_entries,
+                              struct sdap_attr_map **_map,
+                              size_t *_new_size);
+
 int sdap_get_map(TALLOC_CTX *memctx,
                  struct confdb_ctx *cdb,
                  const char *conf_path,