errno_t
sdap_save_all_names(const char *name,
struct sysdb_attrs *ldap_attrs,
struct sss_domain_info *dom,
struct sysdb_attrs *attrs)
{
const char **aliases = NULL;
const char *domname;
errno_t ret;
TALLOC_CTX *tmp_ctx;
int i;
bool lowercase = !dom->case_sensitive;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
ret = ENOMEM;
goto done;
}
ret = sysdb_attrs_get_aliases(tmp_ctx, ldap_attrs, name,
lowercase, &aliases);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, "Failed to get the alias list");
goto done;
}
for (i = 0; aliases[i]; i++) {
domname = sss_get_domain_name(tmp_ctx, aliases[i], dom);
if (domname == NULL) {
ret = ENOMEM;
goto done;
}
if (lowercase) {
ret = sysdb_attrs_add_lc_name_alias(attrs, domname);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Failed to add lower-cased version "
"of alias [%s] into the "
"attribute list\n", aliases[i]);
goto done;
}
} else {
ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, domname);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Failed to add alias [%s] into the "
"attribute list\n", aliases[i]);
goto done;
}
}
}
ret = EOK;
done:
talloc_free(tmp_ctx);
return ret;
}
int sysdb_getpwnam(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *name,
struct ldb_result **_res)
{
TALLOC_CTX *tmp_ctx;
static const char *attrs[] = SYSDB_PW_ATTRS;
struct ldb_dn *base_dn;
struct ldb_result *res;
char *sanitized_name;
char *lc_sanitized_name;
const char *src_name;
int ret;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
return ENOMEM;
}
base_dn = sysdb_user_base_dn(tmp_ctx, domain);
if (!base_dn) {
ret = ENOMEM;
goto done;
}
/* If this is a subdomain we need to use fully qualified names for the
* search as well by default */
src_name = sss_get_domain_name(tmp_ctx, name, domain);
if (!src_name) {
ret = ENOMEM;
goto done;
}
ret = sss_filter_sanitize_for_dom(tmp_ctx, src_name, domain,
&sanitized_name, &lc_sanitized_name);
if (ret != EOK) {
goto done;
}
ret = ldb_search(domain->sysdb->ldb, tmp_ctx, &res, base_dn,
LDB_SCOPE_SUBTREE, attrs, SYSDB_PWNAM_FILTER,
lc_sanitized_name,
sanitized_name, sanitized_name);
if (ret) {
ret = sysdb_error_to_errno(ret);
goto done;
}
*_res = talloc_steal(mem_ctx, res);
done:
talloc_zfree(tmp_ctx);
return ret;
}
static errno_t update_filter(struct cache_tool_ctx *tctx,
struct sss_domain_info *dinfo,
char *name, bool update, const char *fmt,
bool force_case_sensitivity,
char **_filter)
{
errno_t ret;
char *parsed_domain = NULL;
char *parsed_name = NULL;
TALLOC_CTX *tmp_ctx = NULL;
char *use_name = NULL;
char *filter;
char *sanitized;
char *lc_sanitized;
if (!name || !update) {
/* Nothing to do */
return EOK;
}
tmp_ctx = talloc_new(NULL);
if (tmp_ctx == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory.\n");
return ENOMEM;
}
ret = sss_parse_name(tmp_ctx, dinfo->names, name,
&parsed_domain, &parsed_name);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "sss_parse_name failed\n");
goto done;
}
if (parsed_domain != NULL && strcasecmp(dinfo->name, parsed_domain) != 0) {
/* We were able to parse the domain from given fqdn, but it
* does not match with currently processed domain. */
filter = NULL;
ret = EOK;
goto done;
}
if (!dinfo->case_sensitive && !force_case_sensitivity) {
use_name = sss_tc_utf8_str_tolower(tmp_ctx, parsed_name);
if (!use_name) {
DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory\n");
ret = ENOMEM;
goto done;
}
} else {
use_name = parsed_name;
}
if (parsed_domain) {
use_name = sss_get_domain_name(tmp_ctx, use_name, dinfo);
if (!use_name) {
ret = ENOMEM;
goto done;
}
}
ret = sss_filter_sanitize_for_dom(tmp_ctx, use_name, dinfo,
&sanitized, &lc_sanitized);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "Failed to sanitize the given name.\n");
goto done;
}
if (fmt) {
if (!dinfo->case_sensitive && !force_case_sensitivity) {
filter = talloc_asprintf(tmp_ctx, "(|(%s=%s)(%s=%s))",
SYSDB_NAME_ALIAS, lc_sanitized,
SYSDB_NAME_ALIAS, sanitized);
} else {
filter = talloc_asprintf(tmp_ctx, fmt, SYSDB_NAME, sanitized);
}
} else {
filter = talloc_strdup(tmp_ctx, sanitized);
}
if (filter == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory\n");
ret = ENOMEM;
goto done;
}
ret = EOK;
done:
if (ret == EOK) {
talloc_free(*_filter);
*_filter = talloc_steal(tctx, filter);
}
talloc_free(tmp_ctx);
return ret;
}