From 36ea9f2a4ff47a045625203a02c6deed9c53e169 Mon Sep 17 00:00:00 2001
From: Pavel Březina <pbrezina@redhat.com>
Date: Mon, 6 Oct 2014 13:44:37 +0200
Subject: sysdb_get_user_attr: use fqn for subdomain users
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Name of subdomain users is stored with domain part in the sysdb.
We need to use fully qualified names for those user so we can
look them up.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
---
 src/db/sysdb_search.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c
index 2ae21505..d51d2134 100644
--- a/src/db/sysdb_search.c
+++ b/src/db/sysdb_search.c
@@ -478,6 +478,7 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
     TALLOC_CTX *tmp_ctx;
     struct ldb_dn *base_dn;
     struct ldb_result *res;
+    const char *src_name;
     char *sanitized_name;
     char *lc_sanitized_name;
     int ret;
@@ -494,8 +495,16 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
         goto done;
     }
 
-    ret = sss_filter_sanitize_for_dom(tmp_ctx, name, domain, &sanitized_name,
-                                      &lc_sanitized_name);
+    /* If this is a subdomain we need to use fully qualified names for the
+     * search as well by default */
+    src_name = sss_get_domain_name(tmp_ctx, name, domain);
+    if (!src_name) {
+        ret = ENOMEM;
+        goto done;
+    }
+
+    ret = sss_filter_sanitize_for_dom(tmp_ctx, src_name, domain,
+                                      &sanitized_name, &lc_sanitized_name);
     if (ret != EOK) {
         goto done;
     }
-- 
cgit