sysdb: sysdb_search_group_by_name should work like sysdb_search_user_by_name

Currently sysdb_search_group_by_name uses an optimization which might fail in case-insensitive environments. The DN of the group object is generated with the help of the given name. Since the DN is case-sensitive a group lookup will fail if different cases are used. sysdb_search_user_by_name already handles case-insensitive searches well and sysdb_search_group_by_name should use the same scheme. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
author: Sumit Bose <sbose@redhat.com> 2014-09-12 17:40:11 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2014-09-17 14:35:13 +0200
commit: 8b512a26e7f0ea1ea8b954de1ad027eb3b1cab6f (patch)
tree: 0152c4b7fbb95cb8a28c9b88dc84b973af408f54 /src/db/sysdb_ops.c
parent: 23600a657f84bbd71dca4dd77d65a1c6f4f4ff86 (diff)
download: sssd-8b512a26e7f0ea1ea8b954de1ad027eb3b1cab6f.tar.gz
sssd-8b512a26e7f0ea1ea8b954de1ad027eb3b1cab6f.tar.xz
sssd-8b512a26e7f0ea1ea8b954de1ad027eb3b1cab6f.zip
1 files changed, 42 insertions, 43 deletions
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 9a8d9fab5..1d51119d7 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -310,14 +310,23 @@ done:
 
 /* =Search-User-by-[UID/SID/NAME]============================================= */
 
-int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
-                              struct sss_domain_info *domain,
-                              const char *name,
-                              const char **attrs,
-                              struct ldb_message **msg)
+enum sysdb_obj_type {
+    SYSDB_UNKNOWN = 0,
+    SYSDB_USER,
+    SYSDB_GROUP
+};
+
+static int sysdb_search_by_name(TALLOC_CTX *mem_ctx,
+                                struct sss_domain_info *domain,
+                                const char *name,
+                                enum sysdb_obj_type type,
+                                const char **attrs,
+                                struct ldb_message **msg)
 {
     TALLOC_CTX *tmp_ctx;
-    const char *def_attrs[] = { SYSDB_NAME, SYSDB_UIDNUM, NULL };
+    const char *def_attrs[] = { SYSDB_NAME, NULL, NULL };
+    const char *base_tmpl = NULL;
+    const char *filter_tmpl = NULL;
     struct ldb_message **msgs = NULL;
     struct ldb_dn *basedn;
     size_t msgs_count = 0;
@@ -326,13 +335,28 @@ int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
     char *filter;
     int ret;
 
+    switch (type) {
+    case SYSDB_USER:
+        def_attrs[1] = SYSDB_UIDNUM;
+        base_tmpl = SYSDB_TMPL_USER_BASE;
+        filter_tmpl = SYSDB_PWNAM_FILTER;
+        break;
+    case SYSDB_GROUP:
+        def_attrs[1] = SYSDB_GIDNUM;
+        base_tmpl = SYSDB_TMPL_GROUP_BASE;
+        filter_tmpl = SYSDB_GRNAM_FILTER;
+        break;
+    default:
+        return EINVAL;
+    }
+
     tmp_ctx = talloc_new(NULL);
     if (!tmp_ctx) {
         return ENOMEM;
     }
 
     basedn = ldb_dn_new_fmt(tmp_ctx, domain->sysdb->ldb,
-                            SYSDB_TMPL_USER_BASE, domain->name);
+                            base_tmpl, domain->name);
     if (!basedn) {
         ret = ENOMEM;
         goto done;
@@ -344,7 +368,7 @@ int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
         goto done;
     }
 
-    filter = talloc_asprintf(tmp_ctx, SYSDB_PWNAM_FILTER, lc_sanitized_name,
+    filter = talloc_asprintf(tmp_ctx, filter_tmpl, lc_sanitized_name,
                              sanitized_name, sanitized_name);
     if (!filter) {
         ret = ENOMEM;
@@ -371,6 +395,15 @@ done:
     return ret;
 }
 
+int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
+                              struct sss_domain_info *domain,
+                              const char *name,
+                              const char **attrs,
+                              struct ldb_message **msg)
+{
+    return sysdb_search_by_name(mem_ctx, domain, name, SYSDB_USER, attrs, msg);
+}
+
 int sysdb_search_user_by_uid(TALLOC_CTX *mem_ctx,
                              struct sss_domain_info *domain,
                              uid_t uid,
@@ -509,41 +542,7 @@ int sysdb_search_group_by_name(TALLOC_CTX *mem_ctx,
                                const char **attrs,
                                struct ldb_message **msg)
 {
-    TALLOC_CTX *tmp_ctx;
-    static const char *def_attrs[] = { SYSDB_NAME, SYSDB_GIDNUM, NULL };
-    struct ldb_message **msgs = NULL;
-    struct ldb_dn *basedn;
-    size_t msgs_count = 0;
-    int ret;
-
-    tmp_ctx = talloc_new(NULL);
-    if (!tmp_ctx) {
-        return ENOMEM;
-    }
-
-    basedn = sysdb_group_dn(tmp_ctx, domain, name);
-    if (!basedn) {
-        ret = ENOMEM;
-        goto done;
-    }
-
-    ret = sysdb_search_entry(tmp_ctx, domain->sysdb, basedn, LDB_SCOPE_BASE,
-                             NULL, attrs?attrs:def_attrs, &msgs_count, &msgs);
-    if (ret) {
-        goto done;
-    }
-
-    *msg = talloc_steal(mem_ctx, msgs[0]);
-
-done:
-    if (ret == ENOENT) {
-        DEBUG(SSSDBG_TRACE_FUNC, "No such entry\n");
-    }
-    else if (ret) {
-        DEBUG(SSSDBG_OP_FAILURE, "Error: %d (%s)\n", ret, strerror(ret));
-    }
-    talloc_zfree(tmp_ctx);
-    return ret;
+    return sysdb_search_by_name(mem_ctx, domain, name, SYSDB_GROUP, attrs, msg);
 }
 
 int sysdb_search_group_by_gid(TALLOC_CTX *mem_ctx,
author	Sumit Bose <sbose@redhat.com>	2014-09-12 17:40:11 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2014-09-17 14:35:13 +0200
commit	8b512a26e7f0ea1ea8b954de1ad027eb3b1cab6f (patch)
tree	0152c4b7fbb95cb8a28c9b88dc84b973af408f54 /src/db/sysdb_ops.c
parent	23600a657f84bbd71dca4dd77d65a1c6f4f4ff86 (diff)
download	sssd-8b512a26e7f0ea1ea8b954de1ad027eb3b1cab6f.tar.gz sssd-8b512a26e7f0ea1ea8b954de1ad027eb3b1cab6f.tar.xz sssd-8b512a26e7f0ea1ea8b954de1ad027eb3b1cab6f.zip