From ac9d460c61bf3bdb3aed5d96541d7e5baf8d9648 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Tue, 20 Jan 2015 12:51:57 +0100 Subject: nss: Add original DN and memberOf to origbyname request IPA HBAC evaluation relies on the original values for DN and memberOf attributes. Resolves https://fedorahosted.org/sssd/ticket/2560 Reviewed-by: Jakub Hrozek (cherry picked from commit 7543052f562f157f7b17fdc46a6777d80c0cb3bd) --- src/responder/nss/nsssrv_cmd.c | 4 ++++ src/tests/cmocka/test_nss_srv.c | 3 +-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 6b9988548..324688eee 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -4160,6 +4160,8 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) SYSDB_AD_ACCOUNT_EXPIRES, SYSDB_AD_USER_ACCOUNT_CONTROL, SYSDB_SSH_PUBKEY, + SYSDB_ORIG_DN, + SYSDB_ORIG_MEMBEROF, SYSDB_DEFAULT_ATTRS, NULL}; const char **attrs; bool user_found = false; @@ -4688,6 +4690,8 @@ static errno_t fill_orig(struct sss_packet *packet, SYSDB_AD_ACCOUNT_EXPIRES, SYSDB_AD_USER_ACCOUNT_CONTROL, SYSDB_SSH_PUBKEY, + SYSDB_ORIG_DN, + SYSDB_ORIG_MEMBEROF, NULL}; struct sized_string *keys; struct sized_string *vals; diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c index d7825e438..ba84fccf7 100644 --- a/src/tests/cmocka/test_nss_srv.c +++ b/src/tests/cmocka/test_nss_srv.c @@ -52,8 +52,7 @@ struct nss_test_ctx { bool ncache_hit; }; -const char *global_extra_attrs[] = {"phone", "mobile", SYSDB_ORIG_MEMBEROF, - NULL}; +const char *global_extra_attrs[] = {"phone", "mobile", NULL}; struct nss_test_ctx *nss_test_ctx; -- cgit