Re: [SSSD] [PATCHES] sss_case = preserving
On Tue, Jul 22, 2014 at 09:34:25AM -0400, Stephen Gallagher wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/22/2014 09:32 AM, Michal Židek wrote: On 07/22/2014 02:49 PM, Pavel Reichl wrote: On 07/22/2014 02:03 PM, Pavel Reichl wrote: I finally tested the patches and it seems to me to be working with AD and LDAP provider, but does not seem to work with IPA provider. I was not able to create an user in IPA with some upper case so I had to change it directly in LDAP. This is what I see when using ipa: ipa user-find max -- 1 user matched -- User login: MaX First name: xx Last name: AAA Home directory: /home/max Login shell: /bin/sh Email address: m...@ipa.work UID: 199438 GID: 199438 Account disabled: False Password: False Kerberos keys available: False Number of entries returned 1 This is what I see when using sssd as ipa client: case_sensitive = preserving: getent group m...@ipa.work m...@ipa.work:*:199438: case_sensitive = false: getent group m...@ipa.work m...@ipa.work:*:199438: case_sensitive = true: does not return anything Was the patch working with IPA provider to you? Thanks! Michal this seems irrelevant now, I can't replicate it anymore. It must have been some quirk on my side. Sorry for that. ACK to all patches except the 3rd (the man page update) which I can't ack. Thanks! Pushed to master: 2b94ab415b30861f42b68725d9231905baf8c3bd abbf4f494f57c2b0a7ad0ac758db24a1c05df9be ff22e829fd73fc53027d1e6ca005a9ac334086dd 5328aaeea84268b6d4e26cd33a2b3e8ea89bc349 ___ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Re: [SSSD] [PATCHES] sss_case = preserving
On 07/22/2014 02:03 PM, Pavel Reichl wrote: I finally tested the patches and it seems to me to be working with AD and LDAP provider, but does not seem to work with IPA provider. I was not able to create an user in IPA with some upper case so I had to change it directly in LDAP. This is what I see when using ipa: ipa user-find max -- 1 user matched -- User login: MaX First name: xx Last name: AAA Home directory: /home/max Login shell: /bin/sh Email address: m...@ipa.work UID: 199438 GID: 199438 Account disabled: False Password: False Kerberos keys available: False Number of entries returned 1 This is what I see when using sssd as ipa client: case_sensitive = preserving: getent group m...@ipa.work m...@ipa.work:*:199438: case_sensitive = false: getent group m...@ipa.work m...@ipa.work:*:199438: case_sensitive = true: does not return anything Was the patch working with IPA provider to you? Thanks! Michal this seems irrelevant now, I can't replicate it anymore. It must have been some quirk on my side. Sorry for that. ACK to all patches except the 3rd (the man page update) which I can't ack. Thanks! ___ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Re: [SSSD] [PATCHES] sss_case = preserving
On 07/22/2014 02:49 PM, Pavel Reichl wrote:
On 07/22/2014 02:03 PM, Pavel Reichl wrote:
I finally tested the patches and it seems to me to be working with AD
and LDAP provider, but does not seem to work with IPA provider.
I was not able to create an user in IPA with some upper case so I had
to change it directly in LDAP.
This is what I see when using ipa:
ipa user-find max
--
1 user matched
--
User login: MaX
First name: xx
Last name: AAA
Home directory: /home/max
Login shell: /bin/sh
Email address: m...@ipa.work
UID: 199438
GID: 199438
Account disabled: False
Password: False
Kerberos keys available: False
Number of entries returned 1
This is what I see when using sssd as ipa client:
case_sensitive = preserving:
getent group m...@ipa.work
m...@ipa.work:*:199438:
case_sensitive = false:
getent group m...@ipa.work
m...@ipa.work:*:199438:
case_sensitive = true:
does not return anything
Was the patch working with IPA provider to you?
Thanks!
Michal this seems irrelevant now, I can't replicate it anymore. It must
have been some quirk on my side. Sorry for that.
ACK to all patches except the 3rd (the man page update) which I can't ack.
Thanks!
Thanks, I updated the man page changes (added the value word
and AD comment). CC-ing Stephen for the man page review (3rd patch).
Michal
From fdad249f822089f872377df512c1d14cd05a00d2 Mon Sep 17 00:00:00 2001
From: Michal Zidek mzi...@redhat.com
Date: Tue, 15 Jul 2014 12:00:36 -0400
Subject: [PATCH 1/4] Add function confdb_set_string.
Part of fix for:
https://fedorahosted.org/sssd/ticket/2367
---
src/confdb/confdb.c | 71 +
src/confdb/confdb.h | 22 +
2 files changed, 93 insertions(+)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index 15de961..ae7abd7 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -369,6 +369,77 @@ done:
return ret;
}
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val)
+{
+TALLOC_CTX *tmp_ctx;
+struct ldb_dn *dn;
+char *secdn;
+struct ldb_message *msg;
+int ret, lret;
+
+tmp_ctx = talloc_new(NULL);
+if (!tmp_ctx) {
+return ENOMEM;
+}
+
+ret = parse_section(tmp_ctx, section, secdn, NULL);
+if (ret != EOK) {
+goto done;
+}
+
+dn = ldb_dn_new(tmp_ctx, cdb-ldb, secdn);
+if (!dn) {
+ret = EIO;
+goto done;
+}
+
+msg = ldb_msg_new(tmp_ctx);
+if (!msg) {
+ret = ENOMEM;
+goto done;
+}
+
+msg-dn = dn;
+
+lret = ldb_msg_add_empty(msg, attribute, LDB_FLAG_MOD_REPLACE, NULL);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_msg_add_empty failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+lret = ldb_msg_add_string(msg, attribute, val);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_msg_add_string failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+lret = ldb_modify(cdb-ldb, msg);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_modify failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+ret = EOK;
+
+done:
+talloc_free(tmp_ctx);
+if (ret != EOK) {
+DEBUG(SSSDBG_CRIT_FAILURE,
+ Failed to set [%s] from [%s], error [%d] (%s)\n,
+ attribute, section, ret, strerror(ret));
+}
+return ret;
+}
+
int confdb_get_string(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
const char *section, const char *attribute,
const char *defstr, char **result)
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index ba33ea5..7c51518 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -460,6 +460,28 @@ int confdb_set_bool(struct confdb_ctx *cdb,
bool val);
/**
+ * @brief Convenience function to set a single-valued attribute as a string
+ *
+ * @param[in] cdb The connection object to the confdb
+ * @param[in] section The ConfDB section to update. This is constructed from
+ *the format of the sssd.conf file. All sections start
+ *with 'config/'. Subsections are separated by slashes.
+ *e.g. [domain/LDAP] in sssd.conf would translate to
+ *config/domain/LDAP
+ * @param[in] attribute The name of the attribute to update
+ * @param[in] val New value of the attribute.
+ *
+ * @return 0 - Successfully retrieved the entry (or used the default)
+ * @return ENOMEM - There was insufficient memory to complete the operation
+ * @return EINVAL - The section could not be parsed
+ * @return EIO -
Re: [SSSD] [PATCHES] sss_case = preserving
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/22/2014 09:32 AM, Michal Židek wrote: On 07/22/2014 02:49 PM, Pavel Reichl wrote: On 07/22/2014 02:03 PM, Pavel Reichl wrote: I finally tested the patches and it seems to me to be working with AD and LDAP provider, but does not seem to work with IPA provider. I was not able to create an user in IPA with some upper case so I had to change it directly in LDAP. This is what I see when using ipa: ipa user-find max -- 1 user matched -- User login: MaX First name: xx Last name: AAA Home directory: /home/max Login shell: /bin/sh Email address: m...@ipa.work UID: 199438 GID: 199438 Account disabled: False Password: False Kerberos keys available: False Number of entries returned 1 This is what I see when using sssd as ipa client: case_sensitive = preserving: getent group m...@ipa.work m...@ipa.work:*:199438: case_sensitive = false: getent group m...@ipa.work m...@ipa.work:*:199438: case_sensitive = true: does not return anything Was the patch working with IPA provider to you? Thanks! Michal this seems irrelevant now, I can't replicate it anymore. It must have been some quirk on my side. Sorry for that. ACK to all patches except the 3rd (the man page update) which I can't ack. Thanks! Thanks, I updated the man page changes (added the value word and AD comment). CC-ing Stephen for the man page review (3rd patch). Michal Ack to the manpage language. -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlPOaGEACgkQeiVVYja6o6NhvwCeIQ7upLLCa2PdfWha7tfssuSC hSoAn1blLO+hqsJi4vSiD7NCr692u5jo =uPQw -END PGP SIGNATURE- ___ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Re: [SSSD] [PATCHES] sss_case = preserving
On 07/18/2014 03:41 PM, Pavel Reichl wrote:
Thanks for the quick update, I have some more concerns and questions
about the patches.
1st patch:
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val)
+{
[snip]
+lret = ldb_msg_add_string(msg, attribute, val);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_msg_add_string failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+
Two empty lines.
Fixed.
+lret = ldb_modify(cdb-ldb, msg);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_modify failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+ret = EOK;
+
+done:
+talloc_free(tmp_ctx);
+if (ret != EOK) {
+DEBUG(SSSDBG_CRIT_FAILURE,
+ Failed to set [%s] from [%s], error [%d] (%s)\n,
+ attribute, section, ret, strerror(ret));
+}
+return ret;
+}
missing new line here
Fixed.
int confdb_get_string(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
const char *section, const char *attribute,
const char *defstr, char **result)
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index ba33ea5..f81c6d4 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -216,7 +216,7 @@ struct sss_domain_info {
bool cache_credentials;
bool legacy_passwords;
-bool case_sensitive;
Why do you remove case_sensitive here and add it back in second patch? I
think this 'ping-pong' is confusing and needless, could you fix it, please?
Sorry, bad rebasing. Fixed.
+bool case_preserve;
gid_t override_gid;
const char *override_homedir;
@@ -459,6 +459,11 @@ int confdb_set_bool(struct confdb_ctx *cdb,
const char *attribute,
bool val);
Would you consider adding doxygen comment here? All functions with
exception of confdb_set_bool() have one.
But maybe it's not worth it, what do you think?
I do not think it is necessary in this case, but I added it
anyway.
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val);
+
/**
* @brief Convenience function to retrieve a single-valued attribute
as a
* null-terminated array of strings
--
1.9.3
Generally, I think there's custom do remove any unused function from
code-base when they aren't called. So I think you should remove
confdb_set_string(). I guess you will need a new patch for that to keep
every commit compilable.
You mean confdb_set_bool? I added new patch to remove
that function.
2nd patch:
@@ -1218,12 +1218,27 @@ static int confdb_get_domain_internal(struct
confdb_ctx *cdb,
}
}
-ret = get_entry_as_bool(res-msgs[0], domain-case_sensitive,
-CONFDB_DOMAIN_CASE_SENSITIVE, true);
-if(ret != EOK) {
-DEBUG(SSSDBG_FATAL_FAILURE,
- Invalid value for %s\n, CONFDB_DOMAIN_CASE_SENSITIVE);
-goto done;
+tmp = ldb_msg_find_attr_as_string(res-msgs[0],
+ CONFDB_DOMAIN_CASE_SENSITIVE, true);
+if (tmp != NULL) {
+if (strcasecmp(tmp, true) == 0) {
+domain-case_sensitive = true;
+domain-case_preserve = true;
+} else if (strcasecmp(tmp, false) == 0) {
+domain-case_sensitive = false;
+domain-case_preserve = false;
+} else if (strcasecmp(tmp, preserving) == 0) {
+domain-case_sensitive = false;
+domain-case_preserve = true;
+} else {
+DEBUG(SSSDBG_FATAL_FAILURE,
+ Invalid value for %s\n,
CONFDB_DOMAIN_CASE_SENSITIVE);
+goto done;
+}
+} else {
+/* default */
+domain-case_sensitive = true;
+domain-case_preserve = true;
}
if (domain-case_sensitive == false
strcasecmp(domain-provider, local) == 0) {
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index f81c6d4..8a642b3 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -216,6 +216,7 @@ struct sss_domain_info {
bool cache_credentials;
bool legacy_passwords;
+bool case_sensitive;
bool case_preserve;
gid_t override_gid;
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
index 67ded36..672a1e1 100644
--- a/src/providers/ad/ad_common.c
+++ b/src/providers/ad/ad_common.c
@@ -263,6 +263,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
char *realm;
char *ad_hostname;
char hostname[HOST_NAME_MAX + 1];
+char *tmp;
I personally dislike general variable names, it's my opinion that if you
are creating variable for specific use then you should name it accordingly.
Of course there are exceptions from this rule, do you see any not to
Re: [SSSD] [PATCHES] sss_case = preserving
On 07/21/2014 05:54 PM, Michal Židek wrote:
On 07/18/2014 03:41 PM, Pavel Reichl wrote:
Thanks for the quick update, I have some more concerns and questions
about the patches.
1st patch:
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val)
+{
[snip]
+lret = ldb_msg_add_string(msg, attribute, val);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_msg_add_string failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+
Two empty lines.
Fixed.
+lret = ldb_modify(cdb-ldb, msg);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_modify failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+ret = EOK;
+
+done:
+talloc_free(tmp_ctx);
+if (ret != EOK) {
+DEBUG(SSSDBG_CRIT_FAILURE,
+ Failed to set [%s] from [%s], error [%d] (%s)\n,
+ attribute, section, ret, strerror(ret));
+}
+return ret;
+}
missing new line here
Fixed.
int confdb_get_string(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
const char *section, const char *attribute,
const char *defstr, char **result)
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index ba33ea5..f81c6d4 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -216,7 +216,7 @@ struct sss_domain_info {
bool cache_credentials;
bool legacy_passwords;
-bool case_sensitive;
Why do you remove case_sensitive here and add it back in second patch? I
think this 'ping-pong' is confusing and needless, could you fix it,
please?
Sorry, bad rebasing. Fixed.
+bool case_preserve;
gid_t override_gid;
const char *override_homedir;
@@ -459,6 +459,11 @@ int confdb_set_bool(struct confdb_ctx *cdb,
const char *attribute,
bool val);
Would you consider adding doxygen comment here? All functions with
exception of confdb_set_bool() have one.
But maybe it's not worth it, what do you think?
I do not think it is necessary in this case, but I added it
anyway.
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val);
+
/**
* @brief Convenience function to retrieve a single-valued attribute
as a
* null-terminated array of strings
--
1.9.3
Generally, I think there's custom do remove any unused function from
code-base when they aren't called. So I think you should remove
confdb_set_string(). I guess you will need a new patch for that to keep
every commit compilable.
You mean confdb_set_bool? I added new patch to remove
that function.
2nd patch:
@@ -1218,12 +1218,27 @@ static int confdb_get_domain_internal(struct
confdb_ctx *cdb,
}
}
-ret = get_entry_as_bool(res-msgs[0], domain-case_sensitive,
-CONFDB_DOMAIN_CASE_SENSITIVE, true);
-if(ret != EOK) {
-DEBUG(SSSDBG_FATAL_FAILURE,
- Invalid value for %s\n, CONFDB_DOMAIN_CASE_SENSITIVE);
-goto done;
+tmp = ldb_msg_find_attr_as_string(res-msgs[0],
+ CONFDB_DOMAIN_CASE_SENSITIVE, true);
+if (tmp != NULL) {
+if (strcasecmp(tmp, true) == 0) {
+domain-case_sensitive = true;
+domain-case_preserve = true;
+} else if (strcasecmp(tmp, false) == 0) {
+domain-case_sensitive = false;
+domain-case_preserve = false;
+} else if (strcasecmp(tmp, preserving) == 0) {
+domain-case_sensitive = false;
+domain-case_preserve = true;
+} else {
+DEBUG(SSSDBG_FATAL_FAILURE,
+ Invalid value for %s\n,
CONFDB_DOMAIN_CASE_SENSITIVE);
+goto done;
+}
+} else {
+/* default */
+domain-case_sensitive = true;
+domain-case_preserve = true;
}
if (domain-case_sensitive == false
strcasecmp(domain-provider, local) == 0) {
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index f81c6d4..8a642b3 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -216,6 +216,7 @@ struct sss_domain_info {
bool cache_credentials;
bool legacy_passwords;
+bool case_sensitive;
bool case_preserve;
gid_t override_gid;
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
index 67ded36..672a1e1 100644
--- a/src/providers/ad/ad_common.c
+++ b/src/providers/ad/ad_common.c
@@ -263,6 +263,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
char *realm;
char *ad_hostname;
char hostname[HOST_NAME_MAX + 1];
+char *tmp;
I personally dislike general variable names, it's my opinion that if you
are creating variable for specific use then you should name it
accordingly.
Of course there are
Re: [SSSD] [PATCHES] sss_case = preserving
Thanks for the quick update, I have some more concerns and questions
about the patches.
1st patch:
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val)
+{
[snip]
+lret = ldb_msg_add_string(msg, attribute, val);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_msg_add_string failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+
Two empty lines.
+lret = ldb_modify(cdb-ldb, msg);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_modify failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+ret = EOK;
+
+done:
+talloc_free(tmp_ctx);
+if (ret != EOK) {
+DEBUG(SSSDBG_CRIT_FAILURE,
+ Failed to set [%s] from [%s], error [%d] (%s)\n,
+ attribute, section, ret, strerror(ret));
+}
+return ret;
+}
missing new line here
int confdb_get_string(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
const char *section, const char *attribute,
const char *defstr, char **result)
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index ba33ea5..f81c6d4 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -216,7 +216,7 @@ struct sss_domain_info {
bool cache_credentials;
bool legacy_passwords;
-bool case_sensitive;
Why do you remove case_sensitive here and add it back in second patch? I
think this 'ping-pong' is confusing and needless, could you fix it, please?
+bool case_preserve;
gid_t override_gid;
const char *override_homedir;
@@ -459,6 +459,11 @@ int confdb_set_bool(struct confdb_ctx *cdb,
const char *attribute,
bool val);
Would you consider adding doxygen comment here? All functions with
exception of confdb_set_bool() have one.
But maybe it's not worth it, what do you think?
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val);
+
/**
* @brief Convenience function to retrieve a single-valued attribute as a
* null-terminated array of strings
--
1.9.3
Generally, I think there's custom do remove any unused function from
code-base when they aren't called. So I think you should remove
confdb_set_string(). I guess you will need a new patch for that to keep
every commit compilable.
2nd patch:
@@ -1218,12 +1218,27 @@ static int confdb_get_domain_internal(struct
confdb_ctx *cdb,
}
}
-ret = get_entry_as_bool(res-msgs[0], domain-case_sensitive,
-CONFDB_DOMAIN_CASE_SENSITIVE, true);
-if(ret != EOK) {
-DEBUG(SSSDBG_FATAL_FAILURE,
- Invalid value for %s\n, CONFDB_DOMAIN_CASE_SENSITIVE);
-goto done;
+tmp = ldb_msg_find_attr_as_string(res-msgs[0],
+ CONFDB_DOMAIN_CASE_SENSITIVE, true);
+if (tmp != NULL) {
+if (strcasecmp(tmp, true) == 0) {
+domain-case_sensitive = true;
+domain-case_preserve = true;
+} else if (strcasecmp(tmp, false) == 0) {
+domain-case_sensitive = false;
+domain-case_preserve = false;
+} else if (strcasecmp(tmp, preserving) == 0) {
+domain-case_sensitive = false;
+domain-case_preserve = true;
+} else {
+DEBUG(SSSDBG_FATAL_FAILURE,
+ Invalid value for %s\n,
CONFDB_DOMAIN_CASE_SENSITIVE);
+goto done;
+}
+} else {
+/* default */
+domain-case_sensitive = true;
+domain-case_preserve = true;
}
if (domain-case_sensitive == false
strcasecmp(domain-provider, local) == 0) {
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index f81c6d4..8a642b3 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -216,6 +216,7 @@ struct sss_domain_info {
bool cache_credentials;
bool legacy_passwords;
+bool case_sensitive;
bool case_preserve;
gid_t override_gid;
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
index 67ded36..672a1e1 100644
--- a/src/providers/ad/ad_common.c
+++ b/src/providers/ad/ad_common.c
@@ -263,6 +263,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
char *realm;
char *ad_hostname;
char hostname[HOST_NAME_MAX + 1];
+char *tmp;
I personally dislike general variable names, it's my opinion that if you
are creating variable for specific use then you should name it accordingly.
Of course there are exceptions from this rule, do you see any not to
name it 'case_sensitive_str' or something like this?
opts = talloc_zero(mem_ctx, struct ad_options);
if (!opts) return ENOMEM;
@@ -333,13 +334,36 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
}
/*
Re: [SSSD] [PATCHES] sss_case = preserving
On Wed, 2014-07-16 at 15:40 +0200, Michal Židek wrote:
Hi,
patches for ticket
https://fedorahosted.org/sssd/ticket/2367
are in attachment.
Michal
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Hi Michal,
I haven't tested the patches yet. I just wanted to share some nitpicks
with you:
From 071b3ca8cd9a194c8cb287f9abca2fe7c58323a2 Mon Sep 17 00:00:00 2001
From: Michal Zidek mzi...@redhat.com
Date: Tue, 15 Jul 2014 12:00:36 -0400
Subject: [PATCH 1/3] Add function confdb_set_string.
---
src/confdb/confdb.c | 70
+
src/confdb/confdb.h | 6 +
2 files changed, 76 insertions(+)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index 15de961..79c89b7 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -369,6 +369,76 @@ done:
return ret;
}
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val)
+{
+TALLOC_CTX *tmp_ctx;
+struct ldb_dn *dn;
+char *secdn;
+struct ldb_message *msg;
+int ret, lret;
+
+tmp_ctx = talloc_new(NULL);
+if (!tmp_ctx)
+return ENOMEM;
Although there's not a consensus about the form of checking allocated
pointers ( !tmp_ctx vs. tmp_ctx != NULL ) among SSSD developers, still I
think there is an agreement that 'if' should be followed by block or
condition and action should be one-liner.
Could you change the code to something like?
if (!tmp_ctx) return ENOMEM;
or
if (!tmp_ctx) {
return ENOMEM;
}
In the second patch you use 2 forms of testing result of strcasecmp
!strcasecmp(tmp, true)
strcasecmp(domain-provider, local) == 0
Could you please just use one of them? From my POV the second is
preferred.
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Re: [SSSD] [PATCHES] sss_case = preserving
On 07/17/2014 06:12 PM, Pavel Reichl wrote:
On Wed, 2014-07-16 at 15:40 +0200, Michal Židek wrote:
Hi,
patches for ticket
https://fedorahosted.org/sssd/ticket/2367
are in attachment.
Michal
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Hi Michal,
I haven't tested the patches yet. I just wanted to share some nitpicks
with you:
From 071b3ca8cd9a194c8cb287f9abca2fe7c58323a2 Mon Sep 17 00:00:00 2001
From: Michal Zidek mzi...@redhat.com
Date: Tue, 15 Jul 2014 12:00:36 -0400
Subject: [PATCH 1/3] Add function confdb_set_string.
---
src/confdb/confdb.c | 70 +
src/confdb/confdb.h | 6 +
2 files changed, 76 insertions(+)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index 15de961..79c89b7 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -369,6 +369,76 @@ done:
return ret;
}
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val)
+{
+TALLOC_CTX *tmp_ctx;
+struct ldb_dn *dn;
+char *secdn;
+struct ldb_message *msg;
+int ret, lret;
+
+tmp_ctx = talloc_new(NULL);
+if (!tmp_ctx)
+return ENOMEM;
Although there's not a consensus about the form of checking allocated
pointers ( !tmp_ctx vs. tmp_ctx != NULL ) among SSSD developers, still I
think there is an agreement that 'if' should be followed by block or
condition and action should be one-liner.
Could you change the code to something like?
if (!tmp_ctx) return ENOMEM;
or
if (!tmp_ctx) {
return ENOMEM;
}
Fixed.
In the second patch you use 2 forms of testing result of strcasecmp
!strcasecmp(tmp, true)
strcasecmp(domain-provider, local) == 0
Could you please just use one of them? From my POV the second is
preferred.
Fixed.
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Thank you Pavel!
New version is attached.
Michal
From bb62af3c02a539930352a2d9d0e350d217fc443d Mon Sep 17 00:00:00 2001
From: Michal Zidek mzi...@redhat.com
Date: Tue, 15 Jul 2014 12:00:36 -0400
Subject: [PATCH 1/3] Add function confdb_set_string.
Part of fix for:
https://fedorahosted.org/sssd/ticket/2367
---
src/confdb/confdb.c | 71 +
src/confdb/confdb.h | 7 +-
2 files changed, 77 insertions(+), 1 deletion(-)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index 15de961..b97e0bf 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -369,6 +369,77 @@ done:
return ret;
}
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val)
+{
+TALLOC_CTX *tmp_ctx;
+struct ldb_dn *dn;
+char *secdn;
+struct ldb_message *msg;
+int ret, lret;
+
+tmp_ctx = talloc_new(NULL);
+if (!tmp_ctx) {
+return ENOMEM;
+}
+
+ret = parse_section(tmp_ctx, section, secdn, NULL);
+if (ret != EOK) {
+goto done;
+}
+
+dn = ldb_dn_new(tmp_ctx, cdb-ldb, secdn);
+if (!dn) {
+ret = EIO;
+goto done;
+}
+
+msg = ldb_msg_new(tmp_ctx);
+if (!msg) {
+ret = ENOMEM;
+goto done;
+}
+
+msg-dn = dn;
+
+lret = ldb_msg_add_empty(msg, attribute, LDB_FLAG_MOD_REPLACE, NULL);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_msg_add_empty failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+lret = ldb_msg_add_string(msg, attribute, val);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_msg_add_string failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+
+lret = ldb_modify(cdb-ldb, msg);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_modify failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+ret = EOK;
+
+done:
+talloc_free(tmp_ctx);
+if (ret != EOK) {
+DEBUG(SSSDBG_CRIT_FAILURE,
+ Failed to set [%s] from [%s], error [%d] (%s)\n,
+ attribute, section, ret, strerror(ret));
+}
+return ret;
+}
int confdb_get_string(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
const char *section, const char *attribute,
const char *defstr, char **result)
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index ba33ea5..f81c6d4 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -216,7 +216,7 @@ struct sss_domain_info {
bool cache_credentials;
bool legacy_passwords;
-bool case_sensitive;
+bool
Re: [SSSD] [PATCHES] sss_case = preserving
On 07/16/2014 03:40 PM, Michal Židek wrote:
Hi,
patches for ticket
https://fedorahosted.org/sssd/ticket/2367
are in attachment.
Michal
I forgot to add reference to the ticket in the
patch description. New patches are attached.
Michal
From 5f7094e93988d6aa475ea33ceb87d380737b4795 Mon Sep 17 00:00:00 2001
From: Michal Zidek mzi...@redhat.com
Date: Tue, 15 Jul 2014 12:00:36 -0400
Subject: [PATCH 1/3] Add function confdb_set_string.
Part of fix for:
https://fedorahosted.org/sssd/ticket/2367
---
src/confdb/confdb.c | 70 +
src/confdb/confdb.h | 6 +
2 files changed, 76 insertions(+)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index 15de961..79c89b7 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -369,6 +369,76 @@ done:
return ret;
}
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val)
+{
+TALLOC_CTX *tmp_ctx;
+struct ldb_dn *dn;
+char *secdn;
+struct ldb_message *msg;
+int ret, lret;
+
+tmp_ctx = talloc_new(NULL);
+if (!tmp_ctx)
+return ENOMEM;
+
+ret = parse_section(tmp_ctx, section, secdn, NULL);
+if (ret != EOK) {
+goto done;
+}
+
+dn = ldb_dn_new(tmp_ctx, cdb-ldb, secdn);
+if (!dn) {
+ret = EIO;
+goto done;
+}
+
+msg = ldb_msg_new(tmp_ctx);
+if (!msg) {
+ret = ENOMEM;
+goto done;
+}
+
+msg-dn = dn;
+
+lret = ldb_msg_add_empty(msg, attribute, LDB_FLAG_MOD_REPLACE, NULL);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_msg_add_empty failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+lret = ldb_msg_add_string(msg, attribute, val);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_msg_add_string failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+
+lret = ldb_modify(cdb-ldb, msg);
+if (lret != LDB_SUCCESS) {
+DEBUG(SSSDBG_MINOR_FAILURE,
+ ldb_modify failed: [%s]\n, ldb_strerror(lret));
+ret = EIO;
+goto done;
+}
+
+ret = EOK;
+
+done:
+talloc_free(tmp_ctx);
+if (ret != EOK) {
+DEBUG(SSSDBG_CRIT_FAILURE,
+ Failed to set [%s] from [%s], error [%d] (%s)\n,
+ attribute, section, ret, strerror(ret));
+}
+return ret;
+}
int confdb_get_string(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
const char *section, const char *attribute,
const char *defstr, char **result)
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index ba33ea5..8a642b3 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -217,6 +217,7 @@ struct sss_domain_info {
bool cache_credentials;
bool legacy_passwords;
bool case_sensitive;
+bool case_preserve;
gid_t override_gid;
const char *override_homedir;
@@ -459,6 +460,11 @@ int confdb_set_bool(struct confdb_ctx *cdb,
const char *attribute,
bool val);
+int confdb_set_string(struct confdb_ctx *cdb,
+ const char *section,
+ const char *attribute,
+ char *val);
+
/**
* @brief Convenience function to retrieve a single-valued attribute as a
* null-terminated array of strings
--
1.7.11.2
From 3ebc6f3755f8f24056ef99634cc0cab79d8b0f74 Mon Sep 17 00:00:00 2001
From: Michal Zidek mzi...@redhat.com
Date: Tue, 15 Jul 2014 12:10:34 -0400
Subject: [PATCH 2/3] case_sensitivity = preserving
If case_sensitivity is set to 'preserving', getXXnam
returns name attribute in the same format as
stored in LDAP.
Fixes:
https://fedorahosted.org/sssd/ticket/2367
---
src/confdb/confdb.c | 31 +++
src/providers/ad/ad_common.c| 30 +++---
src/providers/ipa/ipa_selinux.c | 2 +-
src/responder/nss/nsssrv_cmd.c | 4 ++--
4 files changed, 53 insertions(+), 14 deletions(-)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index 79c89b7..674a2c4 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -1217,15 +1217,30 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
}
}
-ret = get_entry_as_bool(res-msgs[0], domain-case_sensitive,
-CONFDB_DOMAIN_CASE_SENSITIVE, true);
-if(ret != EOK) {
-DEBUG(SSSDBG_FATAL_FAILURE,
- Invalid value for %s\n, CONFDB_DOMAIN_CASE_SENSITIVE);
-goto done;
+tmp = ldb_msg_find_attr_as_string(res-msgs[0],
+ CONFDB_DOMAIN_CASE_SENSITIVE, true);
+if (tmp != NULL) {
+if (!strcasecmp(tmp, true)) {
+domain-case_sensitive = true;
+domain-case_preserve = true;
+} else if
