summaryrefslogtreecommitdiffstats
path: root/src/providers/ldap/sdap_async.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/providers/ldap/sdap_async.c')
-rw-r--r--src/providers/ldap/sdap_async.c108
1 files changed, 0 insertions, 108 deletions
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
index 14a27bcba..46f0215a8 100644
--- a/src/providers/ldap/sdap_async.c
+++ b/src/providers/ldap/sdap_async.c
@@ -2100,114 +2100,6 @@ bool sdap_has_deref_support(struct sdap_handle *sh, struct sdap_options *opts)
return false;
}
-errno_t sdap_check_aliases(struct sysdb_ctx *sysdb,
- struct sysdb_attrs *user_attrs,
- struct sss_domain_info *dom,
- struct sdap_options *opts,
- bool steal_memberships)
-{
- errno_t ret;
- const char **aliases = NULL;
- const char *name = NULL;
- struct ldb_message *msg;
- TALLOC_CTX *tmp_ctx = NULL;
- char **parents;
- uid_t alias_uid, uid;
- int i;
-
- tmp_ctx = talloc_new(NULL);
- if (!tmp_ctx) return ENOMEM;
-
- ret = sysdb_attrs_primary_name(sysdb, user_attrs,
- opts->user_map[SDAP_AT_USER_NAME].sys_name,
- &name);
- if (ret != EOK) {
- DEBUG(SSSDBG_TRACE_INTERNAL, ("Could not get the primary name\n"));
- goto done;
- }
-
- ret = sysdb_attrs_get_uint32_t(user_attrs,
- opts->user_map[SDAP_AT_USER_UID].sys_name,
- &uid);
- if (ret != EOK) {
- DEBUG(SSSDBG_TRACE_INTERNAL, ("Could not get UID\n"));
- goto done;
- }
-
- ret = sysdb_attrs_get_aliases(tmp_ctx, user_attrs, name,
- !dom->case_sensitive, &aliases);
- if (ret != EOK) {
- DEBUG(SSSDBG_TRACE_INTERNAL, ("Failed to get the alias list\n"));
- goto done;
- }
-
- for (i = 0; aliases[i]; i++) {
- /* In RFC2307 schema, another group might be referencing user
- * using secondary name, so there might be fake users in the cache
- * from a previous getgr call */
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb,
- aliases[i], NULL, &msg);
- if (ret && ret != ENOENT) {
- DEBUG(SSSDBG_TRACE_INTERNAL, ("Error searching the cache\n"));
- goto done;
- } else if (ret == ENOENT) {
- DEBUG(SSSDBG_TRACE_INTERNAL,
- ("No user with primary name same as alias %s\n", aliases[i]));
- continue;
- }
-
- alias_uid = ldb_msg_find_attr_as_uint64(msg, SYSDB_UIDNUM, 0);
- if (alias_uid) {
- if (alias_uid == uid) {
- DEBUG(SSSDBG_TRACE_INTERNAL,
- ("User already cached, skipping\n"));
- continue;
- }
- DEBUG(SSSDBG_FATAL_FAILURE,
- ("Cache contains non-fake user with same name "
- "as alias %s\n", aliases[i]));
- ret = EIO;
- goto done;
- }
- DEBUG(SSSDBG_TRACE_FUNC, ("%s is a fake user\n", aliases[i]));
-
- if (steal_memberships) {
- /* Get direct sysdb parents */
- ret = sysdb_get_direct_parents(tmp_ctx, sysdb, dom,
- SYSDB_MEMBER_USER,
- aliases[i], &parents);
- if (ret) {
- DEBUG(SSSDBG_FATAL_FAILURE,
- ("Could not get direct parents for %s: %d [%s]\n",
- aliases[i], ret, strerror(ret)));
- goto done;
- }
-
- ret = sysdb_update_members(sysdb, name, SYSDB_MEMBER_USER,
- (const char *const *) parents,
- NULL);
- if (ret != EOK) {
- DEBUG(SSSDBG_FATAL_FAILURE,
- ("Membership update failed [%d]: %s\n",
- ret, strerror(ret)));
- goto done;
- }
- }
-
- ret = sysdb_delete_user(sysdb, aliases[i], alias_uid);
- if (ret) {
- DEBUG(SSSDBG_FATAL_FAILURE,
- ("Error deleting fake user %s\n", aliases[i]));
- goto done;
- }
- }
-
- ret = EOK;
-done:
- talloc_free(tmp_ctx);
- return ret;
-}
-
errno_t
sdap_attrs_add_ldap_attr(struct sysdb_attrs *ldap_attrs,
const char *attr_name,
generated by cgit (git 2.34.1) at 2024-05-08 15:51:39 +0000