From 7417b20fb2755c12c372e288e3c8a64113f6c9a3 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <pavel.reichl@redhat.com>
Date: Thu, 14 Nov 2013 21:34:51 +0000
Subject: SSSD: Improved domain detection

A bit more elegant way of detection of what domain the group member belongs to

Resolves:
https://fedorahosted.org/sssd/ticket/2132
---
 src/util/sss_ldap.c | 28 +++++++++++++++++++++++-----
 src/util/sss_ldap.h |  6 ++++++
 2 files changed, 29 insertions(+), 5 deletions(-)

(limited to 'src/util')

diff --git a/src/util/sss_ldap.c b/src/util/sss_ldap.c
index 6d7b0907c..e1a05e8f6 100644
--- a/src/util/sss_ldap.c
+++ b/src/util/sss_ldap.c
@@ -470,10 +470,13 @@ int sss_ldap_init_recv(struct tevent_req *req, LDAP **ldap, int *sd)
  * _filter will contain combined filters from all possible search bases
  * or NULL if it should be empty
  */
-bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx,
-                                 const char *dn,
-                                 struct sdap_search_base **search_bases,
-                                 char **_filter)
+
+
+bool sss_ldap_dn_in_search_bases_len(TALLOC_CTX *mem_ctx,
+                                     const char *dn,
+                                     struct sdap_search_base **search_bases,
+                                     char **_filter,
+                                     int *_match_len)
 {
     struct sdap_search_base *base;
     int basedn_len, dn_len;
@@ -484,6 +487,7 @@ bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx,
     bool backslash_found = false;
     char *filter = NULL;
     bool ret = false;
+    int match_len;
 
     if (dn == NULL) {
         DEBUG(SSSDBG_FUNC_DATA, ("dn is NULL\n"));
@@ -511,6 +515,7 @@ bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx,
         if (!base_confirmed) {
             continue;
         }
+        match_len = basedn_len;
 
         switch (base->scope) {
         case LDAP_SCOPE_BASE:
@@ -558,6 +563,9 @@ bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx,
          *  Append filter otherwise.
          */
         ret = true;
+        if (_match_len) {
+            *_match_len = match_len;
+        }
 
         if (base->filter == NULL || _filter == NULL) {
             goto done;
@@ -575,7 +583,8 @@ bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx,
         if (filter != NULL) {
             *_filter = talloc_asprintf(mem_ctx, "(|%s)", filter);
             if (*_filter == NULL) {
-                DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_asprintf_append() failed\n"));
+                DEBUG(SSSDBG_CRIT_FAILURE,
+                      ("talloc_asprintf_append() failed\n"));
                 ret = false;
                 goto done;
             }
@@ -589,6 +598,15 @@ done:
     return ret;
 }
 
+bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx,
+                                 const char *dn,
+                                 struct sdap_search_base **search_bases,
+                                 char **_filter)
+{
+    return sss_ldap_dn_in_search_bases_len(mem_ctx, dn, search_bases, _filter,
+                                           NULL);
+}
+
 char *sss_ldap_encode_ndr_uint32(TALLOC_CTX *mem_ctx, uint32_t flags)
 {
     char hex[9]; /* 4 bytes in hex + terminating zero */
diff --git a/src/util/sss_ldap.h b/src/util/sss_ldap.h
index e5c30eb21..f298b2fbb 100644
--- a/src/util/sss_ldap.h
+++ b/src/util/sss_ldap.h
@@ -74,6 +74,12 @@ bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx,
                                  struct sdap_search_base **search_bases,
                                  char **_filter);
 
+bool sss_ldap_dn_in_search_bases_len(TALLOC_CTX *mem_ctx,
+                                     const char *dn,
+                                     struct sdap_search_base **search_bases,
+                                     char **_filter,
+                                     int *_match_len);
+
 char *sss_ldap_encode_ndr_uint32(TALLOC_CTX *mem_ctx, uint32_t flags);
 
 #endif /* __SSS_LDAP_H__ */
-- 
cgit