char *
sss_get_cased_name(TALLOC_CTX *mem_ctx,
const char *orig_name,
bool case_sensitive)
{
return case_sensitive ? talloc_strdup(mem_ctx, orig_name) :
sss_tc_utf8_str_tolower(mem_ctx, orig_name);
}
END_TEST
START_TEST(test_utf8_talloc_str_lowercase)
{
const uint8_t munchen_utf8_upcase[] = { 'M', 0xC3, 0x9C, 'N', 'C', 'H', 'E', 'N', 0x0 };
const uint8_t munchen_utf8_lowcase[] = { 'm', 0xC3, 0xBC, 'n', 'c', 'h', 'e', 'n', 0x0 };
char *lcase;
TALLOC_CTX *test_ctx;
test_ctx = talloc_new(NULL);
fail_if(test_ctx == NULL);
lcase = sss_tc_utf8_str_tolower(test_ctx, (const char *) munchen_utf8_upcase);
fail_if(memcmp(lcase, munchen_utf8_lowcase, strlen(lcase)));
talloc_free(test_ctx);
}
static int sss_ncache_set_ent(struct sss_nc_ctx *ctx, bool permanent,
struct sss_domain_info *dom, const char *name,
ncache_set_byname_fn_t setter)
{
char *lower;
errno_t ret;
if (dom->case_sensitive == false) {
lower = sss_tc_utf8_str_tolower(ctx, name);
if (!lower) return ENOMEM;
ret = setter(ctx, permanent, dom->name, lower);
talloc_free(lower);
} else {
ret = setter(ctx, permanent, dom->name, name);
}
return ret;
}
/* Creates internal fqname in format shortname@domname.
* The domain portion is lowercased. */
char *sss_create_internal_fqname(TALLOC_CTX *mem_ctx,
const char *shortname,
const char *dom_name)
{
char *lc_dom_name;
char *fqname = NULL;
if (shortname == NULL || dom_name == NULL) {
/* Avoid allocating null@null */
return NULL;
}
lc_dom_name = sss_tc_utf8_str_tolower(mem_ctx, dom_name);
if (lc_dom_name == NULL) {
goto done;
}
fqname = talloc_asprintf(mem_ctx, "%s@%s", shortname, lc_dom_name);
talloc_free(lc_dom_name);
done:
return fqname;
}
static errno_t update_filter(struct cache_tool_ctx *tctx,
struct sss_domain_info *dinfo,
char *name, bool update, const char *fmt,
bool force_case_sensitivity,
char **_filter)
{
errno_t ret;
char *parsed_domain = NULL;
char *parsed_name = NULL;
TALLOC_CTX *tmp_ctx = NULL;
char *use_name = NULL;
char *filter;
char *sanitized;
char *lc_sanitized;
if (!name || !update) {
/* Nothing to do */
return EOK;
}
tmp_ctx = talloc_new(NULL);
if (tmp_ctx == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory.\n");
return ENOMEM;
}
ret = sss_parse_name(tmp_ctx, dinfo->names, name,
&parsed_domain, &parsed_name);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "sss_parse_name failed\n");
goto done;
}
if (parsed_domain != NULL && strcasecmp(dinfo->name, parsed_domain) != 0) {
/* We were able to parse the domain from given fqdn, but it
* does not match with currently processed domain. */
filter = NULL;
ret = EOK;
goto done;
}
if (!dinfo->case_sensitive && !force_case_sensitivity) {
use_name = sss_tc_utf8_str_tolower(tmp_ctx, parsed_name);
if (!use_name) {
DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory\n");
ret = ENOMEM;
goto done;
}
} else {
use_name = parsed_name;
}
if (parsed_domain) {
use_name = sss_get_domain_name(tmp_ctx, use_name, dinfo);
if (!use_name) {
ret = ENOMEM;
goto done;
}
}
ret = sss_filter_sanitize_for_dom(tmp_ctx, use_name, dinfo,
&sanitized, &lc_sanitized);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "Failed to sanitize the given name.\n");
goto done;
}
if (fmt) {
if (!dinfo->case_sensitive && !force_case_sensitivity) {
filter = talloc_asprintf(tmp_ctx, "(|(%s=%s)(%s=%s))",
SYSDB_NAME_ALIAS, lc_sanitized,
SYSDB_NAME_ALIAS, sanitized);
} else {
filter = talloc_asprintf(tmp_ctx, fmt, SYSDB_NAME, sanitized);
}
} else {
filter = talloc_strdup(tmp_ctx, sanitized);
}
if (filter == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory\n");
ret = ENOMEM;
goto done;
}
ret = EOK;
done:
if (ret == EOK) {
talloc_free(*_filter);
*_filter = talloc_steal(tctx, filter);
}
talloc_free(tmp_ctx);
return ret;
}
static int save_group(struct sysdb_ctx *sysdb, struct sss_domain_info *dom,
struct group *grp, const char *real_name,
const char *alias, uint64_t cache_timeout)
{
errno_t ret, sret;
struct sysdb_attrs *attrs = NULL;
const char *cased_alias;
const char *lc_gr_name = NULL;
TALLOC_CTX *tmp_ctx;
time_t now = time(NULL);
bool in_transaction = false;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
return ENOMEM;
}
DEBUG_GR_MEM(SSSDBG_TRACE_LIBS, grp);
ret = sysdb_transaction_start(sysdb);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "Failed to start transaction\n");
goto done;
}
in_transaction = true;
if (grp->gr_mem && grp->gr_mem[0]) {
attrs = sysdb_new_attrs(tmp_ctx);
if (!attrs) {
DEBUG(SSSDBG_CRIT_FAILURE, "Allocation error ?!\n");
ret = ENOMEM;
goto done;
}
ret = sysdb_attrs_users_from_str_list(
attrs, SYSDB_MEMBER, dom->name,
(const char *const *)grp->gr_mem);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add group members\n");
goto done;
}
/* Create ghost users */
ret = proxy_process_missing_users(sysdb, dom, attrs, grp, now);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add missing members\n");
goto done;
}
}
if (dom->case_sensitive == false || alias) {
if (!attrs) {
attrs = sysdb_new_attrs(tmp_ctx);
if (!attrs) {
DEBUG(SSSDBG_CRIT_FAILURE, "Allocation error ?!\n");
ret = ENOMEM;
goto done;
}
}
}
if (dom->case_sensitive == false) {
lc_gr_name = sss_tc_utf8_str_tolower(attrs, grp->gr_name);
if (lc_gr_name == NULL) {
DEBUG(SSSDBG_OP_FAILURE, "Cannot convert name to lowercase.\n");
ret = ENOMEM;
goto done;
}
ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, lc_gr_name);
if (ret != EOK) {
goto done;
}
}
if (alias) {
cased_alias = sss_get_cased_name(attrs, alias, dom->case_sensitive);
if (!cased_alias) {
ret = ENOMEM;
DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
goto done;
}
if (lc_gr_name == NULL || strcmp(cased_alias, lc_gr_name)) {
ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, cased_alias);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
goto done;
}
}
}
ret = sysdb_store_group(dom,
real_name,
grp->gr_gid,
attrs,
cache_timeout,
now);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add group to cache\n");
goto done;
}
ret = sysdb_transaction_commit(sysdb);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Could not commit transaction: [%s]\n",
strerror(ret));
goto done;
}
in_transaction = false;
done:
if (in_transaction) {
sret = sysdb_transaction_cancel(sysdb);
if (sret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "Could not cancel transaction\n");
}
}
talloc_free(tmp_ctx);
return ret;
}
static int save_user(struct sss_domain_info *domain,
bool lowercase, struct passwd *pwd, const char *real_name,
const char *alias, uint64_t cache_timeout)
{
const char *shell;
const char *gecos;
struct sysdb_attrs *attrs = NULL;
errno_t ret;
const char *cased_alias;
const char *lc_pw_name = NULL;
if (pwd->pw_shell && pwd->pw_shell[0] != '\0') {
shell = pwd->pw_shell;
} else {
shell = NULL;
}
if (pwd->pw_gecos && pwd->pw_gecos[0] != '\0') {
gecos = pwd->pw_gecos;
} else {
gecos = NULL;
}
if (lowercase || alias) {
attrs = sysdb_new_attrs(NULL);
if (!attrs) {
DEBUG(SSSDBG_CRIT_FAILURE, "Allocation error ?!\n");
ret = ENOMEM;
goto done;
}
}
if (lowercase) {
lc_pw_name = sss_tc_utf8_str_tolower(attrs, pwd->pw_name);
if (lc_pw_name == NULL) {
DEBUG(SSSDBG_OP_FAILURE, "Cannot convert name to lowercase.\n");
ret = ENOMEM;
goto done;
}
ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, lc_pw_name);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
ret = ENOMEM;
goto done;
}
}
if (alias) {
cased_alias = sss_get_cased_name(attrs, alias, !lowercase);
if (!cased_alias) {
ret = ENOMEM;
goto done;
}
/* Add the alias only if it differs from lowercased pw_name */
if (lc_pw_name == NULL || strcmp(cased_alias, lc_pw_name) != 0) {
ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, cased_alias);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
goto done;
}
}
}
ret = sysdb_store_user(domain,
real_name,
pwd->pw_passwd,
pwd->pw_uid,
pwd->pw_gid,
gecos,
pwd->pw_dir,
shell,
NULL,
attrs,
NULL,
cache_timeout,
0);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add user to cache\n");
goto done;
}
done:
talloc_zfree(attrs);
return ret;
}
static int
prepare_attrs_for_saving_ops(TALLOC_CTX *mem_ctx,
bool case_sensitive,
const char *real_name, /* already_qualified */
const char *alias, /* already qualified */
struct sysdb_attrs **attrs)
{
const char *lc_name = NULL;
const char *cased_alias = NULL;
errno_t ret;
if (!case_sensitive || alias != NULL) {
if (*attrs == NULL) {
*attrs = sysdb_new_attrs(mem_ctx);
if (*attrs == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Allocation error ?!\n");
ret = ENOMEM;
goto done;
}
}
}
if (!case_sensitive) {
lc_name = sss_tc_utf8_str_tolower(*attrs, real_name);
if (lc_name == NULL) {
DEBUG(SSSDBG_OP_FAILURE, "Cannot convert name to lowercase.\n");
ret = ENOMEM;
goto done;
}
ret = sysdb_attrs_add_string(*attrs, SYSDB_NAME_ALIAS, lc_name);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
ret = ENOMEM;
goto done;
}
}
if (alias != NULL) {
cased_alias = sss_get_cased_name(*attrs, alias, case_sensitive);
if (cased_alias == NULL) {
ret = ENOMEM;
goto done;
}
/* Add the alias only if it differs from lowercased pw_name */
if (lc_name == NULL || strcmp(cased_alias, lc_name) != 0) {
ret = sysdb_attrs_add_string(*attrs, SYSDB_NAME_ALIAS,
cased_alias);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, "Could not add name alias\n");
goto done;
}
}
}
ret = EOK;
done:
return ret;
}
static int save_user(struct sysdb_ctx *sysdb, struct sss_domain_info *domain,
bool lowercase, struct passwd *pwd, const char *real_name,
const char *alias, uint64_t cache_timeout)
{
const char *shell;
char *lower;
struct sysdb_attrs *attrs = NULL;
errno_t ret;
const char *cased_alias;
if (pwd->pw_shell && pwd->pw_shell[0] != '\0') {
shell = pwd->pw_shell;
} else {
shell = NULL;
}
if (lowercase || alias) {
attrs = sysdb_new_attrs(NULL);
if (!attrs) {
DEBUG(SSSDBG_CRIT_FAILURE, ("Allocation error ?!\n"));
return ENOMEM;
}
}
if (lowercase) {
lower = sss_tc_utf8_str_tolower(attrs, pwd->pw_name);
if (!lower) {
DEBUG(SSSDBG_CRIT_FAILURE, ("Cannot convert name to lowercase\n"));
talloc_zfree(attrs);
return ENOMEM;
}
ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, lower);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, ("Could not add name alias\n"));
talloc_zfree(attrs);
return ret;
}
}
if (alias) {
cased_alias = sss_get_cased_name(attrs, alias, !lowercase);
if (!cased_alias) {
talloc_zfree(attrs);
return ENOMEM;
}
ret = sysdb_attrs_add_string(attrs, SYSDB_NAME_ALIAS, cased_alias);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, ("Could not add name alias\n"));
talloc_zfree(attrs);
return ret;
}
}
ret = sysdb_store_user(sysdb, domain,
real_name,
pwd->pw_passwd,
pwd->pw_uid,
pwd->pw_gid,
pwd->pw_gecos,
pwd->pw_dir,
shell,
NULL,
attrs,
NULL,
cache_timeout,
0);
talloc_zfree(attrs);
if (ret) {
DEBUG(SSSDBG_OP_FAILURE, ("Could not add user to cache\n"));
return ret;
}
return EOK;
}