From 15a1519ec9c23f598716ffa89e533cd9bfb2a4f3 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Fri, 13 Dec 2013 11:44:59 +0100
Subject: Use lower-case name for case-insensitive searches

The patch makes sure that a completely lower-cased version of a fully
qualified name is used for case insensitive searches. Currently there
are code paths where the domain name was used as configured and was not
lower-cased.

To make sure this patch does not break with old entries in the cache or
case sensitive domains a third template was added to the related filters
templates which is either filled with a completely lower-cased version or
with the old version. The other two template values are unchanged.
---
 src/util/sss_tc_utf8.c | 30 ++++++++++++++++++++++++++++++
 src/util/util.h        |  6 ++++++
 2 files changed, 36 insertions(+)

(limited to 'src/util')

diff --git a/src/util/sss_tc_utf8.c b/src/util/sss_tc_utf8.c
index 6a976211..e1426a44 100644
--- a/src/util/sss_tc_utf8.c
+++ b/src/util/sss_tc_utf8.c
@@ -55,3 +55,33 @@ sss_tc_utf8_tolower(TALLOC_CTX *mem_ctx, const uint8_t *s, size_t len, size_t *_
     return ret;
 }
 
+errno_t sss_filter_sanitize_for_dom(TALLOC_CTX *mem_ctx,
+                                    const char *input,
+                                    struct sss_domain_info *dom,
+                                    char **sanitized,
+                                    char **lc_sanitized)
+{
+    int ret;
+
+    ret = sss_filter_sanitize(mem_ctx, input, sanitized);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE, ("sss_filter_sanitize failed.\n"));
+        return ret;
+    }
+
+    if (dom->case_sensitive) {
+        *lc_sanitized = talloc_strdup(mem_ctx, *sanitized);
+    } else {
+        *lc_sanitized = sss_tc_utf8_str_tolower(mem_ctx, *sanitized);
+    }
+
+    if (*lc_sanitized == NULL) {
+        DEBUG(SSSDBG_OP_FAILURE, ("%s failed.\n",
+                                              dom->case_sensitive ?
+                                                    "talloc_strdup" :
+                                                    "sss_tc_utf8_str_tolower"));
+        return ENOMEM;
+    }
+
+    return EOK;
+}
diff --git a/src/util/util.h b/src/util/util.h
index c2499555..10127057 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -511,6 +511,12 @@ errno_t sss_filter_sanitize(TALLOC_CTX *mem_ctx,
                             const char *input,
                             char **sanitized);
 
+errno_t sss_filter_sanitize_for_dom(TALLOC_CTX *mem_ctx,
+                                    const char *input,
+                                    struct sss_domain_info *dom,
+                                    char **sanitized,
+                                    char **lc_sanitized);
+
 char *
 sss_escape_ip_address(TALLOC_CTX *mem_ctx, int family, const char *addr);
 
-- 
cgit