LDAP: allow multiple user principals

In general a user can have multiple principals and recent IPA version added support to defined multiple principals. With this patch SSSD does not only store the first but all principals read by LDAP from a server. Resolves https://fedorahosted.org/sssd/ticket/2958 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
author: Sumit Bose <sbose@redhat.com> 2016-07-22 12:19:26 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2016-07-29 14:44:41 +0200
commit: 0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3 (patch)
tree: 5fad247de91bf7bd10af4a81591acd2c63aaf5dd /src/providers/ldap
parent: 530458a4ef7cd8429d1db2f3dfae92d9c44e38ef (diff)
download: sssd-0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3.tar.gz
sssd-0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3.tar.xz
sssd-0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3.zip
1 files changed, 18 insertions, 14 deletions
diff --git a/src/providers/ldap/sdap_async_users.c b/src/providers/ldap/sdap_async_users.c
index e44c045b3..28101a2d8 100644
--- a/src/providers/ldap/sdap_async_users.c
+++ b/src/providers/ldap/sdap_async_users.c
@@ -142,6 +142,7 @@ int sdap_save_user(TALLOC_CTX *memctx,
     char *sid_str;
     char *dom_sid_str = NULL;
     struct sss_domain_info *subdomain;
+    size_t c;
 
     DEBUG(SSSDBG_TRACE_FUNC, "Save user\n");
 
@@ -440,20 +441,23 @@ int sdap_save_user(TALLOC_CTX *memctx,
         DEBUG(SSSDBG_TRACE_FUNC,
               "User principal is not available for [%s].\n", user_name);
     } else {
-        upn = talloc_strdup(user_attrs, (const char*) el->values[0].data);
-        if (!upn) {
-            ret = ENOMEM;
-            goto done;
-        }
-        if (dp_opt_get_bool(opts->basic, SDAP_FORCE_UPPER_CASE_REALM)) {
-            make_realm_upper_case(upn);
-        }
-        DEBUG(SSSDBG_TRACE_FUNC,
-              "Adding user principal [%s] to attributes of [%s].\n",
-               upn, user_name);
-        ret = sysdb_attrs_add_string(user_attrs, SYSDB_UPN, upn);
-        if (ret) {
-            goto done;
+        for (c = 0; c < el->num_values; c++) {
+            upn = talloc_strdup(tmpctx, (const char*) el->values[c].data);
+            if (!upn) {
+                ret = ENOMEM;
+                goto done;
+            }
+
+            if (dp_opt_get_bool(opts->basic, SDAP_FORCE_UPPER_CASE_REALM)) {
+                make_realm_upper_case(upn);
+            }
+            DEBUG(SSSDBG_TRACE_FUNC,
+                  "Adding user principal [%s] to attributes of [%s].\n",
+                   upn, user_name);
+            ret = sysdb_attrs_add_string(user_attrs, SYSDB_UPN, upn);
+            if (ret) {
+                goto done;
+            }
         }
     }
author	Sumit Bose <sbose@redhat.com>	2016-07-22 12:19:26 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2016-07-29 14:44:41 +0200
commit	0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3 (patch)
tree	5fad247de91bf7bd10af4a81591acd2c63aaf5dd /src/providers/ldap
parent	530458a4ef7cd8429d1db2f3dfae92d9c44e38ef (diff)
download	sssd-0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3.tar.gz sssd-0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3.tar.xz sssd-0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3.zip