diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2013-07-31 10:59:43 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-05-02 13:34:50 +0200 |
commit | 4dd38025efda88f123eac672f87d3cda12f050c8 (patch) | |
tree | 438cb4577369e3fff8e7b5fe5895ad811c422f4b /src/providers/ldap/ldap_options.c | |
parent | fcb8e3f1f49bb34c409d8dbd75889eb72be05517 (diff) | |
download | sssd-4dd38025efda88f123eac672f87d3cda12f050c8.tar.gz sssd-4dd38025efda88f123eac672f87d3cda12f050c8.tar.xz sssd-4dd38025efda88f123eac672f87d3cda12f050c8.zip |
LDAP: Make it possible to extend an attribute map
https://fedorahosted.org/sssd/ticket/2073
This commit adds a new option ldap_user_extra_attrs that is unset by
default. When set, the option contains a list of LDAP attributes the LDAP
provider would download and store in addition to the usual set.
The list can either contain LDAP attribute names only, or colon-separated
tuples of LDAP attribute and SSSD cache attribute name. In case only LDAP
attribute name is specified, the attribute is saved to the cache verbatim.
Using a custom SSSD attribute name might be required by environments that
configure several SSSD domains with different LDAP schemas.
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/providers/ldap/ldap_options.c')
-rw-r--r-- | src/providers/ldap/ldap_options.c | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_options.c b/src/providers/ldap/ldap_options.c index 8813572ff..11ed9c31f 100644 --- a/src/providers/ldap/ldap_options.c +++ b/src/providers/ldap/ldap_options.c @@ -23,6 +23,44 @@ #include "providers/ldap/sdap_async_private.h" #include "util/crypto/sss_crypto.h" +static int sdap_extend_map_with_list(TALLOC_CTX *mem_ctx, + struct sdap_options *opts, + int extra_attr_index, + struct sdap_attr_map *src_map, + size_t num_entries, + struct sdap_attr_map **_map, + size_t *_new_size) +{ + const char *extra_attrs; + char **extra_attrs_list; + errno_t ret; + + extra_attrs = dp_opt_get_string(opts->basic, extra_attr_index); + if (extra_attrs == NULL) { + *_map = src_map; + *_new_size = num_entries; + return EOK; + } + + /* split server parm into a list */ + ret = split_on_separator(mem_ctx, extra_attrs, ',', true, true, + &extra_attrs_list, NULL); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, "Failed to parse server list!\n"); + return ret; + } + + ret = sdap_extend_map(mem_ctx, src_map, + num_entries, extra_attrs_list, + _map, _new_size); + talloc_free(extra_attrs_list); + if (ret != EOK) { + return ret; + } + + return EOK; +} + int ldap_get_options(TALLOC_CTX *memctx, struct sss_domain_info *dom, struct confdb_ctx *cdb, @@ -257,6 +295,13 @@ int ldap_get_options(TALLOC_CTX *memctx, goto done; } + ret = sdap_extend_map_with_list(opts, opts, SDAP_USER_EXTRA_ATTRS, + opts->user_map, SDAP_OPTS_USER, + &opts->user_map, &opts->user_map_cnt); + if (ret != EOK) { + goto done; + } + ret = sdap_get_map(opts, cdb, conf_path, default_group_map, SDAP_OPTS_GROUP, |