diff options
Diffstat (limited to 'src/providers/ldap/sdap_async_initgroups.c')
| -rw-r--r-- | src/providers/ldap/sdap_async_initgroups.c | 50 |
1 files changed, 39 insertions, 11 deletions
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c index 7db280435..4b71d4d47 100644 --- a/src/providers/ldap/sdap_async_initgroups.c +++ b/src/providers/ldap/sdap_async_initgroups.c @@ -368,6 +368,7 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx, const char **attr_filter; char *clean_name; errno_t ret; + char *oc_list; req = tevent_req_create(memctx, &state, struct sdap_initgr_rfc2307_state); if (!req) return NULL; @@ -419,11 +420,17 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx, return NULL; } + oc_list = sdap_make_oc_list(state, opts->group_map); + if (oc_list == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to create objectClass list.\n"); + ret = ENOMEM; + goto done; + } + state->base_filter = talloc_asprintf(state, - "(&(%s=%s)(objectclass=%s)(%s=*)(&(%s=*)(!(%s=0))))", + "(&(%s=%s)(%s)(%s=*)(&(%s=*)(!(%s=0))))", opts->group_map[SDAP_AT_GROUP_MEMBER].name, - clean_name, - opts->group_map[SDAP_OC_GROUP].name, + clean_name, oc_list, opts->group_map[SDAP_AT_GROUP_NAME].name, opts->group_map[SDAP_AT_GROUP_GID].name, opts->group_map[SDAP_AT_GROUP_GID].name); @@ -805,6 +812,7 @@ static errno_t sdap_initgr_nested_noderef_search(struct tevent_req *req) int i; struct tevent_req *subreq; struct sdap_initgr_nested_state *state; + char *oc_list; state = tevent_req_data(req, struct sdap_initgr_nested_state); @@ -823,8 +831,13 @@ static errno_t sdap_initgr_nested_noderef_search(struct tevent_req *req) state->group_dns[i] = NULL; /* terminate */ state->cur = 0; - state->filter = talloc_asprintf(state, "(&(objectclass=%s)(%s=*))", - state->opts->group_map[SDAP_OC_GROUP].name, + oc_list = sdap_make_oc_list(state, state->opts->group_map); + if (oc_list == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to create objectClass list.\n"); + return ENOMEM; + } + + state->filter = talloc_asprintf(state, "(&(%s)(%s=*))", oc_list, state->opts->group_map[SDAP_AT_GROUP_NAME].name); if (!state->filter) { return ENOMEM; @@ -1515,6 +1528,7 @@ static struct tevent_req *sdap_initgr_rfc2307bis_send( const char **attr_filter; char *clean_orig_dn; bool use_id_mapping; + char *oc_list; req = tevent_req_create(memctx, &state, struct sdap_initgr_rfc2307bis_state); if (!req) return NULL; @@ -1567,11 +1581,18 @@ static struct tevent_req *sdap_initgr_rfc2307bis_send( sdom->dom->name, sdom->dom->domain_id); + oc_list = sdap_make_oc_list(state, opts->group_map); + if (oc_list == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to create objectClass list.\n"); + ret = ENOMEM; + goto done; + } + state->base_filter = - talloc_asprintf(state, "(&(%s=%s)(objectclass=%s)(%s=*)", + talloc_asprintf(state, + "(&(%s=%s)(%s)(%s=*)", opts->group_map[SDAP_AT_GROUP_MEMBER].name, - clean_orig_dn, - opts->group_map[SDAP_OC_GROUP].name, + clean_orig_dn, oc_list, opts->group_map[SDAP_AT_GROUP_NAME].name); if (!state->base_filter) { ret = ENOMEM; @@ -2266,6 +2287,7 @@ static errno_t rfc2307bis_nested_groups_step(struct tevent_req *req) hash_value_t value; struct sdap_rfc2307bis_nested_ctx *state = tevent_req_data(req, struct sdap_rfc2307bis_nested_ctx); + char *oc_list; tmp_ctx = talloc_new(state); if (!tmp_ctx) { @@ -2342,11 +2364,17 @@ static errno_t rfc2307bis_nested_groups_step(struct tevent_req *req) goto done; } + oc_list = sdap_make_oc_list(state, state->opts->group_map); + if (oc_list == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to create objectClass list.\n"); + ret = ENOMEM; + goto done; + } + state->base_filter = talloc_asprintf( - state, "(&(%s=%s)(objectclass=%s)(%s=*))", + state, "(&(%s=%s)(%s)(%s=*))", state->opts->group_map[SDAP_AT_GROUP_MEMBER].name, - clean_orig_dn, - state->opts->group_map[SDAP_OC_GROUP].name, + clean_orig_dn, oc_list, state->opts->group_map[SDAP_AT_GROUP_NAME].name); if (!state->base_filter) { ret = ENOMEM; |