Return user and group names lowercased in case insensitive domains

author: Jakub Hrozek <jhrozek@redhat.com> 2011-12-21 18:05:26 +0100
committer: Stephen Gallagher <sgallagh@redhat.com> 2011-12-21 14:48:08 -0500
commit: c922d91a7507e7f6d7caddb1c5cd5f6512cbcbfb (patch)
tree: c9bf0c923d0f6490565f4a3f40853ca5b86bb4d6
parent: 605397003f963922b7ed1d3a95d255b47ad76089 (diff)
download: sssd-c922d91a7507e7f6d7caddb1c5cd5f6512cbcbfb.tar.gz
sssd-c922d91a7507e7f6d7caddb1c5cd5f6512cbcbfb.tar.xz
sssd-c922d91a7507e7f6d7caddb1c5cd5f6512cbcbfb.zip
1 files changed, 32 insertions, 12 deletions
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index 71c949f1d..3bc30ab86 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -353,6 +353,7 @@ static int fill_pwent(struct sss_packet *packet,
     struct ldb_message *msg;
     uint8_t *body;
     const char *name;
+    const char *orig_name;
     const char *gecos;
     const char *homedir;
     const char *shell;
@@ -381,23 +382,23 @@ static int fill_pwent(struct sss_packet *packet,
 
         msg = msgs[i];
 
-        name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
+        orig_name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
         uid = ldb_msg_find_attr_as_uint64(msg, SYSDB_UIDNUM, 0);
         gid = get_gid_override(msg, dom);
 
-        if (!name || !uid || !gid) {
+        if (!orig_name || !uid || !gid) {
             DEBUG(2, ("Incomplete or fake user object for %s[%llu]! Skipping\n",
-                      name?name:"<NULL>", (unsigned long long int)uid));
+                      orig_name?orig_name:"<NULL>", (unsigned long long int)uid));
             continue;
         }
 
         if (filter_users) {
             ncret = sss_ncache_check_user(nctx->ncache,
                                         nctx->neg_timeout,
-                                        dom, name);
+                                        dom, orig_name);
             if (ncret == EEXIST) {
                 DEBUG(4, ("User [%s@%s] filtered out! (negative cache)\n",
-                          name, domain));
+                          orig_name, domain));
                 continue;
             }
         }
@@ -409,6 +410,13 @@ static int fill_pwent(struct sss_packet *packet,
             packet_initialized = true;
         }
 
+        name = sss_get_cased_name(tmp_ctx, orig_name, dom->case_sensitive);
+        if (name == NULL) {
+            DEBUG(SSSDBG_CRIT_FAILURE,
+                  ("sss_get_cased_name failed, skipping\n"));
+            continue;
+        }
+
         gecos = ldb_msg_find_attr_as_string(msg, SYSDB_GECOS, NULL);
         homedir = get_homedir_override(tmp_ctx, msg, nctx, dom, name, uid);
         shell = get_shell_override(tmp_ctx, msg, nctx);
@@ -1733,7 +1741,8 @@ static int fill_grent(struct sss_packet *packet,
     uint8_t *body;
     size_t blen;
     uint32_t gid;
-    const char *name;
+    const char *orig_name;
+    char *name;
     size_t nsize;
     size_t delim;
     size_t dom_len;
@@ -1745,6 +1754,7 @@ static int fill_grent(struct sss_packet *packet,
     bool add_domain = dom->fqnames;
     const char *domain = dom->name;
     const char *namefmt = nctx->rctx->names->fq_fmt;
+    TALLOC_CTX *tmp_ctx = NULL;
 
     if (add_domain) {
         delim = 1;
@@ -1767,6 +1777,8 @@ static int fill_grent(struct sss_packet *packet,
     rsize = 0;
 
     for (i = 0; i < *count; i++) {
+        talloc_zfree(tmp_ctx);
+        tmp_ctx = talloc_new(NULL);
         msg = msgs[i];
 
         /* new group */
@@ -1782,24 +1794,31 @@ static int fill_grent(struct sss_packet *packet,
         rsize = 0;
 
         /* find group name/gid */
-        name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
+        orig_name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
         gid = ldb_msg_find_attr_as_uint64(msg, SYSDB_GIDNUM, 0);
-        if (!name || !gid) {
+        if (!orig_name || !gid) {
             DEBUG(2, ("Incomplete group object for %s[%llu]! Skipping\n",
-                      name?name:"<NULL>", (unsigned long long int)gid));
+                      orig_name?orig_name:"<NULL>", (unsigned long long int)gid));
             continue;
         }
 
         if (filter_groups) {
             ret = sss_ncache_check_group(nctx->ncache,
-                                         nctx->neg_timeout, dom, name);
+                                         nctx->neg_timeout, dom, orig_name);
             if (ret == EEXIST) {
                 DEBUG(4, ("Group [%s@%s] filtered out! (negative cache)\n",
-                          name, domain));
+                          orig_name, domain));
                 continue;
             }
         }
 
+        name = sss_get_cased_name(tmp_ctx, orig_name, dom->case_sensitive);
+        if (name == NULL) {
+            DEBUG(SSSDBG_CRIT_FAILURE,
+                  ("sss_get_cased_name failed, skipping\n"));
+            continue;
+        }
+
         nsize = strlen(name) + 1; /* includes terminating \0 */
         if (add_domain) nsize += delim + dom_len;
 
@@ -1865,7 +1884,7 @@ static int fill_grent(struct sss_packet *packet,
             memnum = 0;
 
             for (j = 0; j < el->num_values; j++) {
-                name = (const char *)el->values[j].data;
+                name = (char *)el->values[j].data;
 
                 if (nctx->filter_users_in_groups) {
                     ret = sss_ncache_check_user(nctx->ncache,
@@ -1943,6 +1962,7 @@ static int fill_grent(struct sss_packet *packet,
         num++;
         continue;
     }
+    talloc_zfree(tmp_ctx);
 
 done:
     *count = i;
author	Jakub Hrozek <jhrozek@redhat.com>	2011-12-21 18:05:26 +0100
committer	Stephen Gallagher <sgallagh@redhat.com>	2011-12-21 14:48:08 -0500
commit	c922d91a7507e7f6d7caddb1c5cd5f6512cbcbfb (patch)
tree	c9bf0c923d0f6490565f4a3f40853ca5b86bb4d6
parent	605397003f963922b7ed1d3a95d255b47ad76089 (diff)
download	sssd-c922d91a7507e7f6d7caddb1c5cd5f6512cbcbfb.tar.gz sssd-c922d91a7507e7f6d7caddb1c5cd5f6512cbcbfb.tar.xz sssd-c922d91a7507e7f6d7caddb1c5cd5f6512cbcbfb.zip