diff options
author | Michal Zidek <mzidek@redhat.com> | 2014-09-10 12:56:54 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-09-15 10:13:00 +0200 |
commit | 7ba70236daccb48432350147d0560b3302518cee (patch) | |
tree | bc39a26bce57ae6361af1b99bd9d4128208df9ad /src/providers/ldap/sdap.c | |
parent | 6f91c61426c8cfbfec52d5e77ae4650007694e69 (diff) | |
download | sssd-7ba70236daccb48432350147d0560b3302518cee.tar.gz sssd-7ba70236daccb48432350147d0560b3302518cee.tar.xz sssd-7ba70236daccb48432350147d0560b3302518cee.zip |
Use the alternative objectclass in group maps.
Use the alternative group objectclass in queries.
Fixes:
https://fedorahosted.org/sssd/ticket/2436
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers/ldap/sdap.c')
-rw-r--r-- | src/providers/ldap/sdap.c | 40 |
1 files changed, 36 insertions, 4 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index ff50f8b5d..7034b11ed 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -290,6 +290,8 @@ int sdap_get_map(TALLOC_CTX *memctx, /* =Parse-msg============================================================= */ +static bool objectclass_matched(struct sdap_attr_map *map, + const char *objcl, int len); int sdap_parse_entry(TALLOC_CTX *memctx, struct sdap_handle *sh, struct sdap_msg *sm, struct sdap_attr_map *map, int attrs_num, @@ -348,9 +350,7 @@ int sdap_parse_entry(TALLOC_CTX *memctx, } for (i = 0; vals[i]; i++) { - /* the objectclass is always the first name in the map */ - if (strncasecmp(map[0].name, - vals[i]->bv_val, vals[i]->bv_len) == 0) { + if (objectclass_matched(map, vals[i]->bv_val, vals[i]->bv_len)) { /* ok it's an entry of the right type */ break; } @@ -530,6 +530,25 @@ done: return ret; } +static bool objectclass_matched(struct sdap_attr_map *map, + const char *objcl, int len) +{ + if (len == 0) { + len = strlen(objcl) + 1; + } + + if (strncasecmp(map[SDAP_OC_GROUP].name, objcl, len) == 0) { + return true; + } + + if (map[SDAP_OC_GROUP_ALT].name != NULL + && strncasecmp(map[SDAP_OC_GROUP_ALT].name, objcl, len) == 0) { + return true; + } + + return false; +} + /* Parses an LDAPDerefRes into sdap_deref_attrs structure */ errno_t sdap_parse_deref(TALLOC_CTX *mem_ctx, struct sdap_attr_map_info *minfo, @@ -630,7 +649,7 @@ errno_t sdap_parse_deref(TALLOC_CTX *mem_ctx, for (i=0; ocs[i]; i++) { /* the objectclass is always the first name in the map */ - if (strcasecmp(minfo[mi].map[0].name, ocs[i]) == 0) { + if (objectclass_matched(minfo[mi].map, ocs[i], 0)) { DEBUG(SSSDBG_TRACE_ALL, "Found map for objectclass '%s'\n", ocs[i]); map = minfo[mi].map; @@ -1449,3 +1468,16 @@ errno_t sdap_get_netgroup_primary_name(TALLOC_CTX *memctx, opts->netgroup_map[SDAP_AT_NETGROUP_NAME].name, attrs, dom, _netgroup_name); } + +char *sdap_make_oc_list(TALLOC_CTX *mem_ctx, struct sdap_attr_map *map) +{ + if (map[SDAP_OC_GROUP_ALT].name == NULL) { + return talloc_asprintf(mem_ctx, "objectClass=%s", + map[SDAP_OC_GROUP].name); + } else { + return talloc_asprintf(mem_ctx, + "|(objectClass=%s)(objectClass=%s)", + map[SDAP_OC_GROUP].name, + map[SDAP_OC_GROUP_ALT].name); + } +} |