summaryrefslogtreecommitdiffstats
path: root/src/sss_client
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2012-11-13 15:42:48 +0100
committerJakub Hrozek <jhrozek@redhat.com>2012-11-14 17:11:15 +0100
commit7379170a0860790f2739e07fffe3d6ec85264566 (patch)
treecf14c7a9939ad4ad856d604b6855ebf0d3c545bd /src/sss_client
parentd38ffc9c92daeb62de7d28c409bdaeff98f82775 (diff)
downloadsssd-7379170a0860790f2739e07fffe3d6ec85264566.tar.gz
sssd-7379170a0860790f2739e07fffe3d6ec85264566.tar.xz
sssd-7379170a0860790f2739e07fffe3d6ec85264566.zip
sudo: do not send domain name with username
This caused troubles with subdomain users and it is not really necessary. This patch does not change the protocol itself, that should be done on the earliest possible occasion. Part of https://fedorahosted.org/sssd/ticket/1616
Diffstat (limited to 'src/sss_client')
-rw-r--r--src/sss_client/sudo/sss_sudo.c15
-rw-r--r--src/sss_client/sudo/sss_sudo_response.c7
2 files changed, 6 insertions, 16 deletions
diff --git a/src/sss_client/sudo/sss_sudo.c b/src/sss_client/sudo/sss_sudo.c
index e2bb3e00d..92f575411 100644
--- a/src/sss_client/sudo/sss_sudo.c
+++ b/src/sss_client/sudo/sss_sudo.c
@@ -100,23 +100,10 @@ int sss_sudo_send_recv(uid_t uid,
return EINVAL;
}
- if (domainname != NULL) {
- ret = asprintf(&fullname, "%s@%s", username, domainname);
- if (ret == -1) {
- return ENOMEM;
- }
- } else {
- fullname = strdup(username);
- if (fullname == NULL) {
- return ENOMEM;
- }
- }
-
/* send query and receive response */
- ret = sss_sudo_send_recv_generic(SSS_SUDO_GET_SUDORULES, uid, fullname,
+ ret = sss_sudo_send_recv_generic(SSS_SUDO_GET_SUDORULES, uid, username,
_error, NULL, _result);
- free(fullname);
return ret;
}
diff --git a/src/sss_client/sudo/sss_sudo_response.c b/src/sss_client/sudo/sss_sudo_response.c
index 471d42ed4..7d4bcc5d2 100644
--- a/src/sss_client/sudo/sss_sudo_response.c
+++ b/src/sss_client/sudo/sss_sudo_response.c
@@ -67,14 +67,17 @@ int sss_sudo_parse_response(const char *message,
return ret;
}
- /* domain name */
+ /* domain name - deprecated
+ * it won't be used, but we will read it anyway to ease parsing
+ * TODO: when possible change the protocol */
ret = sss_sudo_parse_string(message, message_len, &cursor, &domainname);
if (ret != EOK) {
return ret;
}
+ free(domainname);
if (_domainname != NULL) {
- *_domainname = domainname;
+ *_domainname = NULL;
}
/* result */