PROXY: Use right name in ldap filter

We used internal fq name in ldap filter
with id_provider proxy to files and auth provider
ldap

[sssd[be[LDAP]]] [sdap_get_generic_ext_step]
    (0x0400): calling ldap_search_ext with
    [(&(uid=testuser1@ldap)(objectclass=posixAccount))][dc=example,dc=com].

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

1 files changed, 8 insertions, 3 deletions

diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
index 35f16b0d4..00d38284e 100644
--- a/src/providers/ldap/ldap_auth.c
+++ b/src/providers/ldap/ldap_auth.c
@@ -361,7 +361,7 @@ shadow_fail:
 
 /* ==Get-User-DN========================================================== */
 struct get_user_dn_state {
-    const char *username;
+    char *username;
 
     char *orig_dn;
 };
@@ -386,9 +386,14 @@ static struct tevent_req *get_user_dn_send(TALLOC_CTX *memctx,
     req = tevent_req_create(memctx, &state, struct get_user_dn_state);
     if (!req) return NULL;
 
-    state->username = username;
+    ret = sss_parse_internal_fqname(state, username,
+                                    &state->username, NULL);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE, "Cannot parse %s\n", username);
+        goto done;
+    }
 
-    ret = sss_filter_sanitize(state, username, &clean_name);
+    ret = sss_filter_sanitize(state, state->username, &clean_name);
     if (ret != EOK) {
         goto done;
     }