diff options
author | Sumit Bose <sbose@redhat.com> | 2016-07-22 12:19:26 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-07-29 14:44:41 +0200 |
commit | 0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3 (patch) | |
tree | 5fad247de91bf7bd10af4a81591acd2c63aaf5dd /src/providers | |
parent | 530458a4ef7cd8429d1db2f3dfae92d9c44e38ef (diff) | |
download | sssd-0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3.tar.gz sssd-0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3.tar.xz sssd-0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3.zip |
LDAP: allow multiple user principals
In general a user can have multiple principals and recent IPA version
added support to defined multiple principals. With this patch SSSD does
not only store the first but all principals read by LDAP from a server.
Resolves https://fedorahosted.org/sssd/ticket/2958
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers')
-rw-r--r-- | src/providers/ldap/sdap_async_users.c | 32 |
1 files changed, 18 insertions, 14 deletions
diff --git a/src/providers/ldap/sdap_async_users.c b/src/providers/ldap/sdap_async_users.c index e44c045b3..28101a2d8 100644 --- a/src/providers/ldap/sdap_async_users.c +++ b/src/providers/ldap/sdap_async_users.c @@ -142,6 +142,7 @@ int sdap_save_user(TALLOC_CTX *memctx, char *sid_str; char *dom_sid_str = NULL; struct sss_domain_info *subdomain; + size_t c; DEBUG(SSSDBG_TRACE_FUNC, "Save user\n"); @@ -440,20 +441,23 @@ int sdap_save_user(TALLOC_CTX *memctx, DEBUG(SSSDBG_TRACE_FUNC, "User principal is not available for [%s].\n", user_name); } else { - upn = talloc_strdup(user_attrs, (const char*) el->values[0].data); - if (!upn) { - ret = ENOMEM; - goto done; - } - if (dp_opt_get_bool(opts->basic, SDAP_FORCE_UPPER_CASE_REALM)) { - make_realm_upper_case(upn); - } - DEBUG(SSSDBG_TRACE_FUNC, - "Adding user principal [%s] to attributes of [%s].\n", - upn, user_name); - ret = sysdb_attrs_add_string(user_attrs, SYSDB_UPN, upn); - if (ret) { - goto done; + for (c = 0; c < el->num_values; c++) { + upn = talloc_strdup(tmpctx, (const char*) el->values[c].data); + if (!upn) { + ret = ENOMEM; + goto done; + } + + if (dp_opt_get_bool(opts->basic, SDAP_FORCE_UPPER_CASE_REALM)) { + make_realm_upper_case(upn); + } + DEBUG(SSSDBG_TRACE_FUNC, + "Adding user principal [%s] to attributes of [%s].\n", + upn, user_name); + ret = sysdb_attrs_add_string(user_attrs, SYSDB_UPN, upn); + if (ret) { + goto done; + } } } |