diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2016-08-26 14:57:22 +0200 |
---|---|---|
committer | Lukas Slebodnik <lslebodn@redhat.com> | 2016-08-30 10:44:52 +0200 |
commit | b4c6060b10b14257e6f01038ae44e46c5a429f33 (patch) | |
tree | 0b084ca33a3a09cd576056bb76c9e309119b6472 | |
parent | d7075a255a1f28e890539072e06d0140ffe0927c (diff) | |
download | sssd-b4c6060b10b14257e6f01038ae44e46c5a429f33.tar.gz sssd-b4c6060b10b14257e6f01038ae44e46c5a429f33.tar.xz sssd-b4c6060b10b14257e6f01038ae44e46c5a429f33.zip |
PROXY: Use right name in ldap filter
We used internal fq name in ldap filter
with id_provider proxy to files and auth provider
ldap
[sssd[be[LDAP]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(&(uid=testuser1@ldap)(objectclass=posixAccount))][dc=example,dc=com].
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-rw-r--r-- | src/providers/ldap/ldap_auth.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index 35f16b0d4..00d38284e 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -361,7 +361,7 @@ shadow_fail: /* ==Get-User-DN========================================================== */ struct get_user_dn_state { - const char *username; + char *username; char *orig_dn; }; @@ -386,9 +386,14 @@ static struct tevent_req *get_user_dn_send(TALLOC_CTX *memctx, req = tevent_req_create(memctx, &state, struct get_user_dn_state); if (!req) return NULL; - state->username = username; + ret = sss_parse_internal_fqname(state, username, + &state->username, NULL); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, "Cannot parse %s\n", username); + goto done; + } - ret = sss_filter_sanitize(state, username, &clean_name); + ret = sss_filter_sanitize(state, state->username, &clean_name); if (ret != EOK) { goto done; } |