Make re_expression and full_name_format per domain options

 * Allows different user/domain qualified names for different
   domains. For example Domain\User or user@domain.
 * The global re_expression and full_name_format options remain
   as defaults for the domains.
 * Subdomains get the re_expression and full_name_format of
   their parent domain.

https://bugzilla.redhat.com/show_bug.cgi?id=811663

4 files changed, 19 insertions, 17 deletions

diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c
index dd4c0008a..b59b1f341 100644
--- a/src/responder/common/negcache.c
+++ b/src/responder/common/negcache.c
@@ -565,7 +565,6 @@ int sss_ncache_reset_permament(struct sss_nc_ctx *ctx)
 
 errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
                                struct confdb_ctx *cdb,
-                               struct sss_names_ctx *names_ctx,
                                struct resp_ctx *rctx)
 {
     errno_t ret;
@@ -597,8 +596,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
         filter_set = true;
 
         for (i = 0; (filter_list && filter_list[i]); i++) {
-            ret = sss_parse_name(tmpctx, names_ctx, filter_list[i],
-                                 &domainname, &name);
+            ret = sss_parse_name_for_domains(tmpctx, domain_list, filter_list[i],
+                                             &domainname, &name);
             if (ret != EOK) {
                 DEBUG(1, ("Invalid name in filterUsers list: [%s] (%d)\n",
                          filter_list[i], ret));
@@ -642,8 +641,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
     else if (ret != EOK) goto done;
 
     for (i = 0; (filter_list && filter_list[i]); i++) {
-        ret = sss_parse_name(tmpctx, names_ctx, filter_list[i],
-                             &domainname, &name);
+        ret = sss_parse_name_for_domains(tmpctx, domain_list, filter_list[i],
+                                         &domainname, &name);
         if (ret != EOK) {
             DEBUG(1, ("Invalid name in filterUsers list: [%s] (%d)\n",
                      filter_list[i], ret));
@@ -694,7 +693,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
         filter_set = true;
 
         for (i = 0; (filter_list && filter_list[i]); i++) {
-            ret = sss_parse_name(tmpctx, names_ctx, filter_list[i],
+            ret = sss_parse_name(tmpctx, dom->names, filter_list[i],
                                  &domainname, &name);
             if (ret != EOK) {
                 DEBUG(1, ("Invalid name in filterGroups list: [%s] (%d)\n",
@@ -739,8 +738,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
     else if (ret != EOK) goto done;
 
     for (i = 0; (filter_list && filter_list[i]); i++) {
-        ret = sss_parse_name(tmpctx, names_ctx, filter_list[i],
-                             &domainname, &name);
+        ret = sss_parse_name_for_domains(tmpctx, domain_list, filter_list[i],
+                                         &domainname, &name);
         if (ret != EOK) {
             DEBUG(1, ("Invalid name in filterGroups list: [%s] (%d)\n",
                      filter_list[i], ret));
diff --git a/src/responder/common/negcache.h b/src/responder/common/negcache.h
index 9d070c697..b2e6a7a91 100644
--- a/src/responder/common/negcache.h
+++ b/src/responder/common/negcache.h
@@ -72,7 +72,6 @@ int sss_ncache_reset_permament(struct sss_nc_ctx *ctx);
  */
 errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
                                struct confdb_ctx *cdb,
-                               struct sss_names_ctx *names_ctx,
                                struct resp_ctx *rctx);
 
 #endif /* _NSS_NEG_CACHE_H_ */
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
index 27a58eae5..2cc85445c 100644
--- a/src/responder/common/responder.h
+++ b/src/responder/common/responder.h
@@ -93,8 +93,6 @@ struct resp_ctx {
     const char *sss_pipe_name;
     const char *confdb_service_path;
 
-    struct sss_names_ctx *names;
-
     hash_table_t *dp_request_table;
 
     struct timeval get_domains_last_call;
@@ -154,6 +152,10 @@ int sss_parse_name(TALLOC_CTX *memctx,
                    struct sss_names_ctx *snctx,
                    const char *orig, char **domain, char **name);
 
+int sss_parse_name_for_domains(TALLOC_CTX *memctx,
+                               struct sss_domain_info *domains,
+                               const char *orig, char **domain, char **name);
+
 int sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain,
                            struct be_conn **_conn);
 struct sss_domain_info *
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index faff0febd..2e3e98a9c 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -581,6 +581,14 @@ int sss_process_init(TALLOC_CTX *mem_ctx,
             continue;
         }
 
+        ret = sss_names_init(rctx->cdb, rctx->cdb, dom->name, &dom->names);
+        if (ret != EOK) {
+            DEBUG(SSSDBG_FATAL_FAILURE,
+                  ("fatal error initializing regex data for domain: %s\n",
+                   dom->name));
+            return ret;
+        }
+
         ret = sss_dp_init(rctx, dp_intf, cli_name, dom);
         if (ret != EOK) {
             DEBUG(0, ("fatal error setting up backend connector\n"));
@@ -594,12 +602,6 @@ int sss_process_init(TALLOC_CTX *mem_ctx,
         return ret;
     }
 
-    ret = sss_names_init(rctx, rctx->cdb, &rctx->names);
-    if (ret != EOK) {
-        DEBUG(0, ("fatal error initializing regex data\n"));
-        return ret;
-    }
-
     /* after all initializations we are ready to listen on our socket */
     ret = set_unix_socket(rctx);
     if (ret != EOK) {