extdom: do not return results from the wrong domain

Resolves: https://fedorahosted.org/freeipa/ticket/4264 Reviewed-By: Tomas Babej <tbabej@redhat.com>
author: Sumit Bose <sbose@redhat.com> 2014-03-25 11:29:58 +0100
committer: Petr Viktorin <pviktori@redhat.com> 2014-03-25 14:03:05 +0100
commit: c885bc3e49b41490668ed8b62989d71ec1cadf34 (patch)
tree: a3c5e1bc430a7c752cabb7ed4bbd7cf08ca92199 /daemons
parent: 3dcad00b946e72733cccf279ec00b426d902c867 (diff)
download: freeipa-c885bc3e49b41490668ed8b62989d71ec1cadf34.tar.gz
freeipa-c885bc3e49b41490668ed8b62989d71ec1cadf34.tar.xz
freeipa-c885bc3e49b41490668ed8b62989d71ec1cadf34.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c b/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
index 675fc3680..025d37dc5 100644
--- a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
+++ b/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
@@ -359,6 +359,9 @@ int create_response(struct extdom_req *req, struct pwd_grp *pg_data,
                         if ((locat = strchr(pg_data->data.pwd.pw_name, SSSD_DOMAIN_SEPARATOR)) != NULL) {
                             if (strcasecmp(locat+1, domain_name) == 0  ) {
                                 locat[0] = 0;
+                            } else {
+                                ret = LDAP_NO_SUCH_OBJECT;
+                                goto done;
                             }
                         }
                         res->data.name.object_name =
@@ -368,6 +371,9 @@ int create_response(struct extdom_req *req, struct pwd_grp *pg_data,
                         if ((locat = strchr(pg_data->data.grp.gr_name, SSSD_DOMAIN_SEPARATOR)) != NULL) {
                             if (strcasecmp(locat+1, domain_name) == 0) {
                                 locat[0] = 0;
+                            } else {
+                                ret = LDAP_NO_SUCH_OBJECT;
+                                goto done;
                             }
                         }
                         res->data.name.object_name =
@@ -408,6 +414,9 @@ int create_response(struct extdom_req *req, struct pwd_grp *pg_data,
                     if ((locat = strchr(pg_data->data.pwd.pw_name, SSSD_DOMAIN_SEPARATOR)) != NULL) {
                         if (strcasecmp(locat+1, domain_name) == 0) {
                             locat[0] = 0;
+                        } else {
+                            ret = LDAP_NO_SUCH_OBJECT;
+                            goto done;
                         }
                     }
                     res->data.user.user_name =
@@ -428,6 +437,9 @@ int create_response(struct extdom_req *req, struct pwd_grp *pg_data,
                     if ((locat = strchr(pg_data->data.grp.gr_name, SSSD_DOMAIN_SEPARATOR)) != NULL) {
                         if (strcasecmp(locat+1, domain_name) == 0) {
                             locat[0] = 0;
+                        } else {
+                            ret = LDAP_NO_SUCH_OBJECT;
+                            goto done;
                         }
                     }
                     res->data.group.group_name =
author	Sumit Bose <sbose@redhat.com>	2014-03-25 11:29:58 +0100
committer	Petr Viktorin <pviktori@redhat.com>	2014-03-25 14:03:05 +0100
commit	c885bc3e49b41490668ed8b62989d71ec1cadf34 (patch)
tree	a3c5e1bc430a7c752cabb7ed4bbd7cf08ca92199 /daemons
parent	3dcad00b946e72733cccf279ec00b426d902c867 (diff)
download	freeipa-c885bc3e49b41490668ed8b62989d71ec1cadf34.tar.gz freeipa-c885bc3e49b41490668ed8b62989d71ec1cadf34.tar.xz freeipa-c885bc3e49b41490668ed8b62989d71ec1cadf34.zip