LDAP: Try all attributes when saving an entry

The same LDAP attribute might be used several times for the same user or group attribute. For instance, some servers have a global "ID" number that should be used for both UID and GID. However, our sdap_parse_entry() function only copied the LDAP attribute to the first matching sysdb attribute. This patch adds a second nested loop that checks if any of the other LDAP attributes are eligible. Reviewed-by: Michal Židek <mzidek@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2014-07-04 16:58:11 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2014-07-08 20:28:03 +0200
commit: eed2073f6f7bed7df0327b9fc0f2d410975d5332 (patch)
tree: 77d1b5b6d79dcc9ae6f617949fd600e792362446 /src/providers
parent: e592d5f157be869151983bd1b46d6f4f7a29daaf (diff)
download: sssd-eed2073f6f7bed7df0327b9fc0f2d410975d5332.tar.gz
sssd-eed2073f6f7bed7df0327b9fc0f2d410975d5332.tar.xz
sssd-eed2073f6f7bed7df0327b9fc0f2d410975d5332.zip
1 files changed, 24 insertions, 3 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index e8d23c9dc..133e6dcf3 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -302,7 +302,7 @@ int sdap_parse_entry(TALLOC_CTX *memctx,
     struct ldb_val v;
     char *str;
     int lerrno;
-    int a, i, ret;
+    int a, i, ret, ai;
     const char *name;
     bool store;
     bool base64;
@@ -480,8 +480,29 @@ int sdap_parse_entry(TALLOC_CTX *memctx,
                         v.length = vals[i]->bv_len;
                     }
 
-                    ret = sysdb_attrs_add_val(attrs, name, &v);
-                    if (ret) goto done;
+                    if (map) {
+                        /* The same LDAP attr might be used for more sysdb
+                         * attrs in case there is a map. Find all that match
+                         * and copy the value
+                         */
+                        for (ai = a; ai < attrs_num; ai++) {
+                            /* check if this attr is valid with the chosen
+                             * schema */
+                            if (!map[ai].name) continue;
+
+                            /* check if it is an attr we are interested in */
+                            if (strcasecmp(base_attr, map[ai].name) == 0) {
+                                ret = sysdb_attrs_add_val(attrs,
+                                                          map[ai].sys_name,
+                                                          &v);
+                                if (ret) goto done;
+                            }
+                        }
+                    } else {
+                        /* No map, just store the attribute */
+                        ret = sysdb_attrs_add_val(attrs, name, &v);
+                        if (ret) goto done;
+                    }
                 }
                 ldap_value_free_len(vals);
             }
author	Jakub Hrozek <jhrozek@redhat.com>	2014-07-04 16:58:11 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2014-07-08 20:28:03 +0200
commit	eed2073f6f7bed7df0327b9fc0f2d410975d5332 (patch)
tree	77d1b5b6d79dcc9ae6f617949fd600e792362446 /src/providers
parent	e592d5f157be869151983bd1b46d6f4f7a29daaf (diff)
download	sssd-eed2073f6f7bed7df0327b9fc0f2d410975d5332.tar.gz sssd-eed2073f6f7bed7df0327b9fc0f2d410975d5332.tar.xz sssd-eed2073f6f7bed7df0327b9fc0f2d410975d5332.zip