SSH: Use a qualified name for user searches in the SSH responder

The name is converted from whatever we receive on input to the internal format before processing the data further. Reviewed-by: Sumit Bose <sbose@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2016-06-14 12:16:24 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2016-07-07 10:26:26 +0200
commit: 8e8dda8561e89276a891495ae84eefe2b2170193 (patch)
tree: 1a6b1194d7c9b4868ed67d352ef35462727e415b /src/responder
parent: 2b62d5a414b8b7dba4f714dc5033e28dc4b1f4fe (diff)
download: sssd-8e8dda8561e89276a891495ae84eefe2b2170193.tar.gz
sssd-8e8dda8561e89276a891495ae84eefe2b2170193.tar.xz
sssd-8e8dda8561e89276a891495ae84eefe2b2170193.zip
2 files changed, 10 insertions, 2 deletions
diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index fef0ce099..72e58ea20 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -199,11 +199,18 @@ ssh_user_pubkeys_search(struct ssh_cmd_ctx *cmd_ctx)
         return ssh_user_handle_not_found(cmd_ctx->name);
     }
 
+    talloc_zfree(cmd_ctx->fqdn);
+    cmd_ctx->fqdn = sss_resp_create_fqname(cmd_ctx, cmd_ctx->cctx->rctx,
+                                           cmd_ctx->domain, false, cmd_ctx->name);
+    if (cmd_ctx->fqdn == NULL) {
+        return ENOMEM;
+    }
+
     /* refresh the user's cache entry */
     if (NEED_CHECK_PROVIDER(cmd_ctx->domain->provider)) {
         req = sss_dp_get_account_send(cmd_ctx, cmd_ctx->cctx->rctx,
                                       cmd_ctx->domain, false, SSS_DP_USER,
-                                      cmd_ctx->name, 0, NULL);
+                                      cmd_ctx->fqdn, 0, NULL);
         if (!req) {
             DEBUG(SSSDBG_CRIT_FAILURE,
                   "Out of memory sending data provider request\n");
@@ -249,7 +256,7 @@ ssh_user_pubkeys_search_next(struct ssh_cmd_ctx *cmd_ctx)
     }
 
     ret = sysdb_get_user_attr_with_views(cmd_ctx, cmd_ctx->domain,
-                                         cmd_ctx->name, attrs, &res);
+                                         cmd_ctx->fqdn, attrs, &res);
     if (ret != EOK) {
         DEBUG(SSSDBG_CRIT_FAILURE,
               "Failed to make request to our cache!\n");
diff --git a/src/responder/ssh/sshsrv_private.h b/src/responder/ssh/sshsrv_private.h
index beb8e18db..9553cd794 100644
--- a/src/responder/ssh/sshsrv_private.h
+++ b/src/responder/ssh/sshsrv_private.h
@@ -44,6 +44,7 @@ struct ssh_cmd_ctx {
 
     struct sss_domain_info *domain;
     bool check_next;
+    char *fqdn;
 
     struct ldb_message *result;
 };
author	Jakub Hrozek <jhrozek@redhat.com>	2016-06-14 12:16:24 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2016-07-07 10:26:26 +0200
commit	8e8dda8561e89276a891495ae84eefe2b2170193 (patch)
tree	1a6b1194d7c9b4868ed67d352ef35462727e415b /src/responder
parent	2b62d5a414b8b7dba4f714dc5033e28dc4b1f4fe (diff)
download	sssd-8e8dda8561e89276a891495ae84eefe2b2170193.tar.gz sssd-8e8dda8561e89276a891495ae84eefe2b2170193.tar.xz sssd-8e8dda8561e89276a891495ae84eefe2b2170193.zip