From 73ead5bb50130663668ded57822d9850b2dc2fff Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Fri, 8 Apr 2016 16:38:47 +0200 Subject: LDAP: Use fqdns during nested RFC2307 initgroups All user and group names are already qualified at this point, so let's remove the special case that stored users from trusted domains qualified. Reviewed-by: Sumit Bose --- src/providers/ldap/sdap_async_initgroups.c | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-) diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c index b4000f3b4..39399fa14 100644 --- a/src/providers/ldap/sdap_async_initgroups.c +++ b/src/providers/ldap/sdap_async_initgroups.c @@ -636,7 +636,7 @@ sdap_nested_groups_store(struct sysdb_ctx *sysdb, if (!tmp_ctx) return ENOMEM; if (count > 0) { - ret = sysdb_attrs_primary_name_list(sysdb, tmp_ctx, + ret = sysdb_attrs_primary_fqdn_list(domain, tmp_ctx, groups, count, opts->group_map[SDAP_AT_GROUP_NAME].name, &groupnamelist); @@ -2112,8 +2112,6 @@ errno_t save_rfc2307bis_user_memberships( char **add_groups; char **del_groups; bool in_transaction = false; - size_t c; - char *tmp_str; TALLOC_CTX *tmp_ctx = talloc_new(NULL); if(!tmp_ctx) { @@ -2141,28 +2139,14 @@ errno_t save_rfc2307bis_user_memberships( ldap_grouplist = NULL; } else { - ret = sysdb_attrs_primary_name_list( - state->sysdb, tmp_ctx, + ret = sysdb_attrs_primary_fqdn_list( + state->dom, tmp_ctx, state->direct_groups, state->num_direct_parents, state->opts->group_map[SDAP_AT_GROUP_NAME].name, &ldap_grouplist); if (ret != EOK) { goto error; } - - if (IS_SUBDOMAIN(state->dom)) { - for (c = 0; ldap_grouplist[c] != NULL; c++) { - tmp_str = sss_tc_fqname(ldap_grouplist, state->dom->names, - state->dom, ldap_grouplist[c]); - if (tmp_str == NULL) { - DEBUG(SSSDBG_OP_FAILURE, "sss_tc_fqname failed.\n"); - ret = ENOMEM; - goto error; - } - talloc_free(ldap_grouplist[c]); - ldap_grouplist[c] = tmp_str; - } - } } /* Find the differences between the sysdb and ldap lists -- cgit