https://fedorahosted.org/sssd/ticket/951
From 101932b4d7310364f707233c52851d9b412e0d64 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <[email protected]> Date: Thu, 4 Aug 2011 16:55:36 +0200 Subject: [PATCH] Fix returning groups when gidNumber attribute is not ordered
https://fedorahosted.org/sssd/ticket/951 --- src/providers/ldap/ldap_id.c | 4 +++- src/providers/ldap/ldap_id_enum.c | 6 ++++-- src/providers/ldap/sdap_async_accounts.c | 4 +++- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index 85d4aa0..be347e1 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -346,10 +346,12 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx, goto fail; } - base_filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s)(%s=*)(%s>=1))", + base_filter = talloc_asprintf(state, + "(&(%s=%s)(objectclass=%s)(%s=*)(&(%s=*)(!(%s=0))))", attr_name, clean_name, ctx->opts->group_map[SDAP_OC_GROUP].name, ctx->opts->group_map[SDAP_AT_GROUP_NAME].name, + ctx->opts->group_map[SDAP_AT_GROUP_GID].name, ctx->opts->group_map[SDAP_AT_GROUP_GID].name); talloc_zfree(clean_name); if (!base_filter) { diff --git a/src/providers/ldap/ldap_id_enum.c b/src/providers/ldap/ldap_id_enum.c index 68d113b..40f3a2b 100644 --- a/src/providers/ldap/ldap_id_enum.c +++ b/src/providers/ldap/ldap_id_enum.c @@ -573,10 +573,11 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, if (ctx->srv_opts && ctx->srv_opts->max_group_value && !purge) { base_filter = talloc_asprintf( state, - "(&(objectclass=%s)(%s=*)(%s=*)(%s>=%s)(!(%s=%s)))", + "(&(objectclass=%s)(%s=*)(&(%s=*)(!(%s=0)))(%s>=%s)(!(%s=%s)))", ctx->opts->group_map[SDAP_OC_GROUP].name, ctx->opts->group_map[SDAP_AT_GROUP_NAME].name, ctx->opts->group_map[SDAP_AT_GROUP_GID].name, + ctx->opts->group_map[SDAP_AT_GROUP_GID].name, ctx->opts->group_map[SDAP_AT_GROUP_USN].name, ctx->srv_opts->max_group_value, ctx->opts->group_map[SDAP_AT_GROUP_USN].name, @@ -584,9 +585,10 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, } else { base_filter = talloc_asprintf( state, - "(&(objectclass=%s)(%s=*)(%s=*))", + "(&(objectclass=%s)(%s=*)(&(%s=*)(!(%s=0))))", ctx->opts->group_map[SDAP_OC_GROUP].name, ctx->opts->group_map[SDAP_AT_GROUP_NAME].name, + ctx->opts->group_map[SDAP_AT_GROUP_GID].name, ctx->opts->group_map[SDAP_AT_GROUP_GID].name); } if (!base_filter) { diff --git a/src/providers/ldap/sdap_async_accounts.c b/src/providers/ldap/sdap_async_accounts.c index 40e1215..0950132 100644 --- a/src/providers/ldap/sdap_async_accounts.c +++ b/src/providers/ldap/sdap_async_accounts.c @@ -2357,11 +2357,13 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx, return NULL; } - filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s)(%s=*)(%s>=1))", + filter = talloc_asprintf(state, + "(&(%s=%s)(objectclass=%s)(%s=*)(&(%s=*)(!(%s=0))))", opts->group_map[SDAP_AT_GROUP_MEMBER].name, clean_name, opts->group_map[SDAP_OC_GROUP].name, opts->group_map[SDAP_AT_GROUP_NAME].name, + opts->group_map[SDAP_AT_GROUP_GID].name, opts->group_map[SDAP_AT_GROUP_GID].name); if (!filter) { talloc_zfree(req); -- 1.7.6
signature.asc
Description: OpenPGP digital signature
_______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
