diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2011-08-04 16:55:36 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-04 14:56:58 -0400 |
commit | b0c10eb7a9aff9063af106cc704ca1260f4024ac (patch) | |
tree | 1676012e8b2dc2dfdfd8dc3bafef8da801e89199 /src | |
parent | 69f76cb34622f6eb7f3d56d44d583e910a7f9f51 (diff) | |
download | sssd_unused-b0c10eb7a9aff9063af106cc704ca1260f4024ac.tar.gz sssd_unused-b0c10eb7a9aff9063af106cc704ca1260f4024ac.tar.xz sssd_unused-b0c10eb7a9aff9063af106cc704ca1260f4024ac.zip |
Fix returning groups when gidNumber attribute is not ordered
https://fedorahosted.org/sssd/ticket/951
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ldap/ldap_id.c | 4 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id_enum.c | 6 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_accounts.c | 4 |
3 files changed, 10 insertions, 4 deletions
diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index f58af617..c6a11f48 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -336,10 +336,12 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx, } state->filter = - talloc_asprintf(state, "(&(%s=%s)(objectclass=%s)(%s=*)(%s>=1))", + talloc_asprintf(state, + "(&(%s=%s)(objectclass=%s)(%s=*)(&(%s=*)(!(%s=0))))", attr_name, clean_name, ctx->opts->group_map[SDAP_OC_GROUP].name, ctx->opts->group_map[SDAP_AT_GROUP_NAME].name, + ctx->opts->group_map[SDAP_AT_GROUP_GID].name, ctx->opts->group_map[SDAP_AT_GROUP_GID].name); if (!state->filter) { DEBUG(2, ("Failed to build filter\n")); diff --git a/src/providers/ldap/ldap_id_enum.c b/src/providers/ldap/ldap_id_enum.c index 6899b87c..2e47722a 100644 --- a/src/providers/ldap/ldap_id_enum.c +++ b/src/providers/ldap/ldap_id_enum.c @@ -554,10 +554,11 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, if (ctx->srv_opts && ctx->srv_opts->max_group_value && !purge) { state->filter = talloc_asprintf( state, - "(&(objectclass=%s)(%s=*)(%s=*)(%s>=%s)(!(%s=%s)))", + "(&(objectclass=%s)(%s=*)(&(%s=*)(!(%s=0)))(%s>=%s)(!(%s=%s)))", ctx->opts->group_map[SDAP_OC_GROUP].name, ctx->opts->group_map[SDAP_AT_GROUP_NAME].name, ctx->opts->group_map[SDAP_AT_GROUP_GID].name, + ctx->opts->group_map[SDAP_AT_GROUP_GID].name, ctx->opts->group_map[SDAP_AT_GROUP_USN].name, ctx->srv_opts->max_group_value, ctx->opts->group_map[SDAP_AT_GROUP_USN].name, @@ -565,9 +566,10 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, } else { state->filter = talloc_asprintf( state, - "(&(objectclass=%s)(%s=*)(%s=*))", + "(&(objectclass=%s)(%s=*)(&(%s=*)(!(%s=0))))", ctx->opts->group_map[SDAP_OC_GROUP].name, ctx->opts->group_map[SDAP_AT_GROUP_NAME].name, + ctx->opts->group_map[SDAP_AT_GROUP_GID].name, ctx->opts->group_map[SDAP_AT_GROUP_GID].name); } if (!state->filter) { diff --git a/src/providers/ldap/sdap_async_accounts.c b/src/providers/ldap/sdap_async_accounts.c index 67e8629d..79904e5d 100644 --- a/src/providers/ldap/sdap_async_accounts.c +++ b/src/providers/ldap/sdap_async_accounts.c @@ -2220,11 +2220,13 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx, return NULL; } - filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s)(%s=*)(%s>=1))", + filter = talloc_asprintf(state, + "(&(%s=%s)(objectclass=%s)(%s=*)(&(%s=*)(!(%s=0))))", opts->group_map[SDAP_AT_GROUP_MEMBER].name, clean_name, opts->group_map[SDAP_OC_GROUP].name, opts->group_map[SDAP_AT_GROUP_NAME].name, + opts->group_map[SDAP_AT_GROUP_GID].name, opts->group_map[SDAP_AT_GROUP_GID].name); if (!filter) { talloc_zfree(req); |