diff options
author | Sumit Bose <sbose@redhat.com> | 2014-03-25 11:29:58 +0100 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-03-25 14:03:05 +0100 |
commit | c885bc3e49b41490668ed8b62989d71ec1cadf34 (patch) | |
tree | a3c5e1bc430a7c752cabb7ed4bbd7cf08ca92199 /daemons/ipa-slapi-plugins | |
parent | 3dcad00b946e72733cccf279ec00b426d902c867 (diff) | |
download | freeipa-c885bc3e49b41490668ed8b62989d71ec1cadf34.tar.gz freeipa-c885bc3e49b41490668ed8b62989d71ec1cadf34.tar.xz freeipa-c885bc3e49b41490668ed8b62989d71ec1cadf34.zip |
extdom: do not return results from the wrong domain
Resolves: https://fedorahosted.org/freeipa/ticket/4264
Reviewed-By: Tomas Babej <tbabej@redhat.com>
Diffstat (limited to 'daemons/ipa-slapi-plugins')
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c b/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c index 675fc3680..025d37dc5 100644 --- a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c +++ b/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c @@ -359,6 +359,9 @@ int create_response(struct extdom_req *req, struct pwd_grp *pg_data, if ((locat = strchr(pg_data->data.pwd.pw_name, SSSD_DOMAIN_SEPARATOR)) != NULL) { if (strcasecmp(locat+1, domain_name) == 0 ) { locat[0] = 0; + } else { + ret = LDAP_NO_SUCH_OBJECT; + goto done; } } res->data.name.object_name = @@ -368,6 +371,9 @@ int create_response(struct extdom_req *req, struct pwd_grp *pg_data, if ((locat = strchr(pg_data->data.grp.gr_name, SSSD_DOMAIN_SEPARATOR)) != NULL) { if (strcasecmp(locat+1, domain_name) == 0) { locat[0] = 0; + } else { + ret = LDAP_NO_SUCH_OBJECT; + goto done; } } res->data.name.object_name = @@ -408,6 +414,9 @@ int create_response(struct extdom_req *req, struct pwd_grp *pg_data, if ((locat = strchr(pg_data->data.pwd.pw_name, SSSD_DOMAIN_SEPARATOR)) != NULL) { if (strcasecmp(locat+1, domain_name) == 0) { locat[0] = 0; + } else { + ret = LDAP_NO_SUCH_OBJECT; + goto done; } } res->data.user.user_name = @@ -428,6 +437,9 @@ int create_response(struct extdom_req *req, struct pwd_grp *pg_data, if ((locat = strchr(pg_data->data.grp.gr_name, SSSD_DOMAIN_SEPARATOR)) != NULL) { if (strcasecmp(locat+1, domain_name) == 0) { locat[0] = 0; + } else { + ret = LDAP_NO_SUCH_OBJECT; + goto done; } } res->data.group.group_name = |