From 6d0545eedfcf471bb0198aaa94764d89e1791a6e Mon Sep 17 00:00:00 2001 From: Jan Zeleny Date: Wed, 16 Nov 2011 04:24:53 -0500 Subject: [PATCH 1/3] Multiple search bases helper function --- src/util/sss_ldap.c | 112 +++++++++++++++++++++++++++++++++++++++++++++++++++ src/util/sss_ldap.h | 8 ++++ 2 files changed, 120 insertions(+), 0 deletions(-) diff --git a/src/util/sss_ldap.c b/src/util/sss_ldap.c index afff22f..118190a 100644 --- a/src/util/sss_ldap.c +++ b/src/util/sss_ldap.c @@ -26,6 +26,7 @@ #include "config.h" +#include "providers/ldap/sdap.h" #include "util/sss_ldap.h" #include "util/util.h" @@ -477,3 +478,114 @@ int sss_ldap_init_recv(struct tevent_req *req, LDAP **ldap, int *sd) return EOK; } + +bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx, + const char *dn, + struct sdap_search_base **search_bases, + char **_filter) +{ + struct sdap_search_base *base; + int basedn_len, dn_len; + int len_diff; + int i, j; + bool base_confirmed; + bool comma_found; + bool backslash_found; + char *filter = NULL; + bool ret = false; + + if (dn == NULL) { + DEBUG(SSSDBG_FUNC_DATA, ("dn is NULL")); + return false; + } + + if (search_bases == NULL) { + DEBUG(SSSDBG_FUNC_DATA, ("search_bases is NULL")); + return false; + } + + if (_filter != NULL) { + filter = talloc_strdup(mem_ctx, "(|"); + if (filter == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strdup() failed\n")); + return false; + } + } + + dn_len = strlen(dn); + for (i = 0; search_bases[i]; i++) { + base = search_bases[i]; + basedn_len = strlen(base->basedn); + + if (basedn_len > dn_len) { + continue; + } + + len_diff = dn_len - basedn_len; + base_confirmed = (strcasecmp(&dn[len_diff], base->basedn) == 0); + if (!base_confirmed) { + continue; + } + + if (base->scope == LDAP_SCOPE_BASE && len_diff == 0) { + if (filter && base->filter) { + filter = talloc_asprintf_append(filter, "%s", base->filter); + if (filter == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_asprintf_append() failed\n")); + return false; + } + } + ret = true; + } else if (base->scope == LDAP_SCOPE_ONELEVEL) { + if (len_diff == 0) { + /* Base object doesn't belong to scope=one + * search */ + continue; + } + + comma_found = false; + for (j = 0; j < len_diff; j++) { + if (dn[j] == '\\') { + backslash_found = true; + } else if (dn[j] == ',' && !backslash_found) { + comma_found = true; + break; + } else { + backslash_found = false; + } + } + + if (!comma_found) { + if (filter && base->filter) { + filter = talloc_asprintf_append(filter, "%s", base->filter); + if (filter == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_asprintf_append() failed\n")); + return false; + } + } + ret = true; + } + } else { + if (filter && base->filter) { + filter = talloc_asprintf_append(filter, "%s", base->filter); + if (filter == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_asprintf_append() failed\n")); + return false; + } + } + ret = true; + } + } + + if (filter) { + filter = talloc_asprintf_append(filter, ")"); + if (filter == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_asprintf_append() failed\n")); + return false; + } + + *_filter = filter; + } + + return ret; +} diff --git a/src/util/sss_ldap.h b/src/util/sss_ldap.h index 38785b5..8a69b83 100644 --- a/src/util/sss_ldap.h +++ b/src/util/sss_ldap.h @@ -60,4 +60,12 @@ struct tevent_req *sss_ldap_init_send(TALLOC_CTX *mem_ctx, int addr_len, int timeout); int sss_ldap_init_recv(struct tevent_req *req, LDAP **ldap, int *sd); + +struct sdap_options; +struct sdap_search_base; +bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx, + const char *dn, + struct sdap_search_base **search_bases, + char **_filter); + #endif /* __SSS_LDAP_H__ */ -- 1.7.6.4