|
 |
45d81b |
From 362911a85e3aa244cdbdf75b8b4131bb26396d19 Mon Sep 17 00:00:00 2001
|
|
|
45d81b |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
45d81b |
Date: Wed, 9 Nov 2016 11:59:10 +0100
|
|
|
45d81b |
Subject: [PATCH 149/149] Qualify ghost user attribute in case
|
|
|
45d81b |
ldap_group_nesting_level is set to 0
|
|
|
45d81b |
MIME-Version: 1.0
|
|
|
45d81b |
Content-Type: text/plain; charset=UTF-8
|
|
|
45d81b |
Content-Transfer-Encoding: 8bit
|
|
|
45d81b |
|
|
|
45d81b |
When the sssd is set to not resolve nested groups with RFC2307bis, then
|
|
|
45d81b |
the LDAP provider takes a different path. We didn't qualify the ghost
|
|
|
45d81b |
users in this case.
|
|
|
45d81b |
|
|
|
45d81b |
Resolves:
|
|
|
45d81b |
https://fedorahosted.org/sssd/ticket/3236
|
|
|
45d81b |
|
|
|
45d81b |
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
|
|
45d81b |
(cherry picked from commit 538a7f1dd8339b90e0cfc64e7919a34d1d5c10d3)
|
|
|
45d81b |
---
|
|
|
45d81b |
src/providers/ldap/sdap_async_groups.c | 15 +++++++++++----
|
|
|
45d81b |
1 file changed, 11 insertions(+), 4 deletions(-)
|
|
|
45d81b |
|
|
|
45d81b |
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
|
|
|
45d81b |
index 72760b75acae4cb6ce15c72f16dae8e859d89847..49a1934b2604e6a6af8ee8e8b3d1f88d2029658d 100644
|
|
|
45d81b |
--- a/src/providers/ldap/sdap_async_groups.c
|
|
|
45d81b |
+++ b/src/providers/ldap/sdap_async_groups.c
|
|
|
45d81b |
@@ -1659,7 +1659,7 @@ static void sdap_process_group_members(struct tevent_req *subreq)
|
|
|
45d81b |
struct sdap_process_group_state *state =
|
|
|
45d81b |
tevent_req_data(req, struct sdap_process_group_state);
|
|
|
45d81b |
struct ldb_message_element *el;
|
|
|
45d81b |
- uint8_t* name_string;
|
|
|
45d81b |
+ char *name_string;
|
|
|
45d81b |
|
|
|
45d81b |
state->check_count--;
|
|
|
45d81b |
DEBUG(SSSDBG_TRACE_ALL, "Members remaining: %zu\n", state->check_count);
|
|
|
45d81b |
@@ -1685,11 +1685,18 @@ static void sdap_process_group_members(struct tevent_req *subreq)
|
|
|
45d81b |
goto next;
|
|
|
45d81b |
}
|
|
|
45d81b |
|
|
|
45d81b |
- name_string = el[0].values[0].data;
|
|
|
45d81b |
+ name_string = sss_create_internal_fqname(state,
|
|
|
45d81b |
+ (const char *) el[0].values[0].data,
|
|
|
45d81b |
+ state->dom->name);
|
|
|
45d81b |
+ if (name_string == NULL) {
|
|
|
45d81b |
+ ret = ENOMEM;
|
|
|
45d81b |
+ goto next;
|
|
|
45d81b |
+ }
|
|
|
45d81b |
+
|
|
|
45d81b |
state->ghost_dns->values[state->ghost_dns->num_values].data =
|
|
|
45d81b |
- talloc_steal(state->ghost_dns->values, name_string);
|
|
|
45d81b |
+ talloc_steal(state->ghost_dns->values, (uint8_t *) name_string);
|
|
|
45d81b |
state->ghost_dns->values[state->ghost_dns->num_values].length =
|
|
|
45d81b |
- strlen((char *)name_string);
|
|
|
45d81b |
+ strlen(name_string);
|
|
|
45d81b |
state->ghost_dns->num_values++;
|
|
|
45d81b |
|
|
|
45d81b |
next:
|
|
|
45d81b |
--
|
|
|
45d81b |
2.7.4
|
|
|
45d81b |
|