summaryrefslogtreecommitdiffstats
path: root/src/tools/sss_cache.c
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2013-11-26 10:27:50 +0100
committerJakub Hrozek <jhrozek@redhat.com>2013-12-19 10:24:16 +0100
commitc246e2315cb8df1e347bec3b728f91b0c1264f93 (patch)
treeb935fded5b7a7cebd3bce3befc41547edca80766 /src/tools/sss_cache.c
parentd2791a492d8f0a9df73fc7a683b3f712abf80f3f (diff)
downloadsssd-c246e2315cb8df1e347bec3b728f91b0c1264f93.tar.gz
sssd-c246e2315cb8df1e347bec3b728f91b0c1264f93.tar.xz
sssd-c246e2315cb8df1e347bec3b728f91b0c1264f93.zip
sss_cache: fix case-sensitivity issue
For case-insensitive domains the lower-case name for case-insensitive searches is stored in SYSDB_NAME_ALIAS. Related to https://fedorahosted.org/sssd/ticket/1741
Diffstat (limited to 'src/tools/sss_cache.c')
-rw-r--r--src/tools/sss_cache.c63
1 files changed, 36 insertions, 27 deletions
diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c
index 6412d71bb..9f22862e9 100644
--- a/src/tools/sss_cache.c
+++ b/src/tools/sss_cache.c
@@ -195,6 +195,8 @@ static errno_t update_filter(struct cache_tool_ctx *tctx,
TALLOC_CTX *tmp_ctx = NULL;
char *use_name = NULL;
char *filter;
+ char *sanitized;
+ char *lc_sanitized;
if (!name || !update) {
/* Nothing to do */
@@ -214,6 +216,14 @@ static errno_t update_filter(struct cache_tool_ctx *tctx,
goto done;
}
+ if (parsed_domain != NULL && strcasecmp(dinfo->name, parsed_domain) != 0) {
+ /* We were able to parse the domain from given fqdn, but it
+ * does not match with currently processed domain. */
+ filter = NULL;
+ ret = EOK;
+ goto done;
+ }
+
if (!dinfo->case_sensitive && !force_case_sensitivity) {
use_name = sss_tc_utf8_str_tolower(tmp_ctx, parsed_name);
if (!use_name) {
@@ -231,41 +241,40 @@ static errno_t update_filter(struct cache_tool_ctx *tctx,
ret = ENOMEM;
goto done;
}
+ }
- if (!strcasecmp(dinfo->name, parsed_domain)) {
- if (fmt) {
- filter = talloc_asprintf(tmp_ctx, fmt,
- SYSDB_NAME, use_name);
- } else {
- filter = talloc_strdup(tmp_ctx, use_name);
- }
- if (filter == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory\n"));
- ret = ENOMEM;
- goto done;
- }
+ ret = sss_filter_sanitize_for_dom(tmp_ctx, use_name, dinfo,
+ &sanitized, &lc_sanitized);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to sanitize the given name.\n"));
+ goto done;
+ }
+
+ if (fmt) {
+ if (!dinfo->case_sensitive && !force_case_sensitivity) {
+ filter = talloc_asprintf(tmp_ctx, "(|(%s=%s)(%s=%s))",
+ SYSDB_NAME_ALIAS, lc_sanitized,
+ SYSDB_NAME_ALIAS, sanitized);
} else {
- /* We were able to parse the domain from given fqdn, but it
- * does not match with currently processed domain. */
- filter = NULL;
+ filter = talloc_asprintf(tmp_ctx, fmt, SYSDB_NAME, sanitized);
}
} else {
- if (fmt) {
- filter = talloc_asprintf(tmp_ctx, fmt, SYSDB_NAME, name);
- } else {
- filter = talloc_strdup(tmp_ctx, name);
- }
- if (filter == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory\n"));
- ret = ENOMEM;
- goto done;
- }
+ filter = talloc_strdup(tmp_ctx, sanitized);
+ }
+ if (filter == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory\n"));
+ ret = ENOMEM;
+ goto done;
}
- talloc_free(*_filter);
- *_filter = talloc_steal(tctx, filter);
ret = EOK;
+
done:
+ if (ret == EOK) {
+ talloc_free(*_filter);
+ *_filter = talloc_steal(tctx, filter);
+ }
+
talloc_free(tmp_ctx);
return ret;