diff options
| author | Michal Zidek <mzidek@redhat.com> | 2014-09-10 12:56:54 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-09-15 11:17:27 +0200 |
| commit | 8d47f715ca63388f2dcbcdf3f2ccdb44e7d47b93 (patch) | |
| tree | f136f0ad323c96e0c0a970815c78802e5531ecbc /src/providers/ldap/sdap.c | |
| parent | 10f2902a1a630cdc952263b5dc5f41fb557e2791 (diff) | |
| download | sssd-8d47f715ca63388f2dcbcdf3f2ccdb44e7d47b93.tar.gz sssd-8d47f715ca63388f2dcbcdf3f2ccdb44e7d47b93.tar.xz sssd-8d47f715ca63388f2dcbcdf3f2ccdb44e7d47b93.zip | |
Use the alternative objectclass in group maps.
Use the alternative group objectclass in queries.
Fixes:
https://fedorahosted.org/sssd/ticket/2436
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 7ba70236daccb48432350147d0560b3302518cee)
(cherry picked from commit 9e99c000a4e2647328e71b4db272b4b73a7189c5)
Diffstat (limited to 'src/providers/ldap/sdap.c')
| -rw-r--r-- | src/providers/ldap/sdap.c | 40 |
1 files changed, 36 insertions, 4 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index e8d23c9dc..fead21a4f 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -290,6 +290,8 @@ int sdap_get_map(TALLOC_CTX *memctx, /* =Parse-msg============================================================= */ +static bool objectclass_matched(struct sdap_attr_map *map, + const char *objcl, int len); int sdap_parse_entry(TALLOC_CTX *memctx, struct sdap_handle *sh, struct sdap_msg *sm, struct sdap_attr_map *map, int attrs_num, @@ -357,9 +359,7 @@ int sdap_parse_entry(TALLOC_CTX *memctx, } for (i = 0; vals[i]; i++) { - /* the objectclass is always the first name in the map */ - if (strncasecmp(map[0].name, - vals[i]->bv_val, vals[i]->bv_len) == 0) { + if (objectclass_matched(map, vals[i]->bv_val, vals[i]->bv_len)) { /* ok it's an entry of the right type */ break; } @@ -511,6 +511,25 @@ done: return ret; } +static bool objectclass_matched(struct sdap_attr_map *map, + const char *objcl, int len) +{ + if (len == 0) { + len = strlen(objcl) + 1; + } + + if (strncasecmp(map[SDAP_OC_GROUP].name, objcl, len) == 0) { + return true; + } + + if (map[SDAP_OC_GROUP_ALT].name != NULL + && strncasecmp(map[SDAP_OC_GROUP_ALT].name, objcl, len) == 0) { + return true; + } + + return false; +} + /* Parses an LDAPDerefRes into sdap_deref_attrs structure */ errno_t sdap_parse_deref(TALLOC_CTX *mem_ctx, struct sdap_attr_map_info *minfo, @@ -610,7 +629,7 @@ errno_t sdap_parse_deref(TALLOC_CTX *mem_ctx, for (i=0; ocs[i]; i++) { /* the objectclass is always the first name in the map */ - if (strcasecmp(minfo[mi].map[0].name, ocs[i]) == 0) { + if (objectclass_matched(minfo[mi].map, ocs[i], 0)) { DEBUG(SSSDBG_TRACE_ALL, "Found map for objectclass '%s'\n", ocs[i]); map = minfo[mi].map; @@ -1458,3 +1477,16 @@ errno_t sdap_get_netgroup_primary_name(TALLOC_CTX *memctx, opts->netgroup_map[SDAP_AT_NETGROUP_NAME].name, attrs, dom, _netgroup_name); } + +char *sdap_make_oc_list(TALLOC_CTX *mem_ctx, struct sdap_attr_map *map) +{ + if (map[SDAP_OC_GROUP_ALT].name == NULL) { + return talloc_asprintf(mem_ctx, "objectClass=%s", + map[SDAP_OC_GROUP].name); + } else { + return talloc_asprintf(mem_ctx, + "|(objectClass=%s)(objectClass=%s)", + map[SDAP_OC_GROUP].name, + map[SDAP_OC_GROUP_ALT].name); + } +} |