[Freeipa-devel] [PATCH] 1022 normalize uid when in winsync

Thu, 24 May 2012 10:56:20 -0700

In case the uid that comes from AD is mixed-case we need to normalize it to all lower. It should be safe using tolower() because we only allow ASCII characters in uid. 

rob

>From dd4dc674921ef48a3cb49a0cfb1c2b6308749eb3 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <[email protected]>
Date: Thu, 24 May 2012 13:52:07 -0400
Subject: [PATCH] Normalize uid to lower case in winsync.

This in effect fixes uid, krbPrincipalName and homeDir.

https://fedorahosted.org/freeipa/ticket/2756
---
 .../ipa-slapi-plugins/ipa-winsync/ipa-winsync.c    |   33 +++++++++++++++++++-
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git a/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c b/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c
index ef237e93ae00cc377b1dfbab567320c3942a328c..5d9e3cf948a621a91b7e9d89c41a92bfcedad5fe 100644
--- a/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c
+++ b/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c
@@ -61,6 +61,7 @@
 
 #include <string.h>
 #include <stdlib.h>
+#include <ctype.h>
 #include "plstr.h"
 
 static void
@@ -82,6 +83,25 @@ do_force_sync(
     int *do_modify /* set to true if mods were applied */
 );
 
+static char *
+str_tolower(char *str)
+{
+    char *lstr, *t;
+
+    lstr = strdup(str);
+    if (!lstr) {
+        /* the caller should log OOM if this returns NULL */
+        return NULL;
+    }
+
+    for (t = lstr; *t; t++)
+        if (isalpha(*t))
+            *t = tolower(*t);
+
+    return lstr;
+}
+
+
 /* This is called when a new agreement is created or loaded
    at startup.
 */
@@ -278,11 +298,22 @@ ipa_winsync_pre_ds_add_user_cb(void *cbdata, const Slapi_Entry *rawentry,
     if (slapi_entry_attr_find(ds_entry, type, &e_attr) || !e_attr) {
         char *upn = NULL;
         char *uid = NULL;
+        char *lower = NULL;
         char *samAccountName = NULL;
         /* if the ds_entry already has a uid, use that */
         if ((uid = slapi_entry_attr_get_charptr(ds_entry, "uid"))) {
-            upn = slapi_ch_smprintf("%s@%s", uid, ipaconfig->realm_name);
+            lower = str_tolower(uid);
+            if (!lower) {
+                LOG_OOM();
+                return;
+            }
+            /* Now reset UID to be lower-case */
             slapi_ch_free_string(&uid);
+            slapi_entry_attr_delete(ds_entry, "uid");
+            slapi_entry_attr_set_charptr(ds_entry, "uid", lower);
+            /* And create a normalized principal */
+            upn = slapi_ch_smprintf("%s@%s", lower, ipaconfig->realm_name);
+            free(lower);
         /* otherwise, use the samAccountName from the ad_entry */
         } else if ((samAccountName =
                     slapi_entry_attr_get_charptr(ad_entry, "samAccountName"))) {
-- 
1.7.10.2


_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to