diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-04-23 08:05:07 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-05-03 14:09:14 -0400 |
commit | 8be5e4497e5008f7807178acdfcbf97365ec4e73 (patch) | |
tree | afa0e26dab895b020e7fac5e3a4f0e7979d7dcb1 /src/providers/ldap/sdap_idmap.c | |
parent | 3f2fa4c9290afdb393c760419a0ff686045a1ab3 (diff) | |
download | sssd-8be5e4497e5008f7807178acdfcbf97365ec4e73.tar.gz sssd-8be5e4497e5008f7807178acdfcbf97365ec4e73.tar.xz sssd-8be5e4497e5008f7807178acdfcbf97365ec4e73.zip |
LDAP: Add helper function to map IDs
This function will also auto-create a new ID map if the domain has
not been seen previously.
Diffstat (limited to 'src/providers/ldap/sdap_idmap.c')
-rw-r--r-- | src/providers/ldap/sdap_idmap.c | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_idmap.c b/src/providers/ldap/sdap_idmap.c index 96ad65b1..b41958bb 100644 --- a/src/providers/ldap/sdap_idmap.c +++ b/src/providers/ldap/sdap_idmap.c @@ -366,3 +366,65 @@ sdap_idmap_get_dom_sid_from_object(TALLOC_CTX *mem_ctx, return EOK; } + +errno_t +sdap_idmap_sid_to_unix(struct sdap_idmap_ctx *idmap_ctx, + const char *sid_str, + id_t *id) +{ + errno_t ret; + enum idmap_error_code err; + char *dom_sid_str = NULL; + + /* Convert the SID into a UNIX ID */ + err = sss_idmap_sid_to_unix(idmap_ctx->map, + sid_str, + (uint32_t *)id); + if (err != IDMAP_SUCCESS && err != IDMAP_NO_DOMAIN) { + DEBUG(SSSDBG_MINOR_FAILURE, + ("Could not convert objectSID [%s] to a UNIX ID\n", + sid_str)); + ret = EIO; + goto done; + } else if (err == IDMAP_NO_DOMAIN) { + /* This is the first time we've seen this domain + * Create a new domain for it. We'll use the dom-sid + * as the domain name for now, since we don't have + * any way to get the real name. + */ + ret = sdap_idmap_get_dom_sid_from_object(NULL, sid_str, + &dom_sid_str); + if (ret != EOK) { + DEBUG(SSSDBG_MINOR_FAILURE, + ("Could not parse domain SID from [%s]\n", sid_str)); + goto done; + } + + ret = sdap_idmap_add_domain(idmap_ctx, + dom_sid_str, dom_sid_str, + -1); + if (ret != EOK) { + DEBUG(SSSDBG_MINOR_FAILURE, + ("Could not add new domain for sid [%s]\n", sid_str)); + goto done; + } + + /* Now try converting to a UNIX ID again */ + err = sss_idmap_sid_to_unix(idmap_ctx->map, + sid_str, + (uint32_t *)id); + if (err != IDMAP_SUCCESS) { + DEBUG(SSSDBG_MINOR_FAILURE, + ("Could not convert objectSID [%s] to a UNIX ID\n", + sid_str)); + ret = EIO; + goto done; + } + } + + ret = EOK; + +done: + talloc_free(dom_sid_str); + return ret; +} |