From 24ed6bff6cf81c7ba732a5515a2194d9e32cf354 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Mon, 20 Jun 2016 16:30:03 +0200
Subject: [PATCH 56/62] LDAP/IPA: add local email address to aliases
Adding email-addresses from the local domain to the alias names is
strictly not needed by might help to speed up lookups in the NSS
responder.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 9a310913d696d190db14c625080678db853a33fd)
---
src/providers/ipa/ipa_s2n_exop.c | 49 ++++++++++++++++++++++++++++++++++++++++
src/providers/ldap/sdap_utils.c | 22 ++++++++++++++++++
2 files changed, 71 insertions(+)
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
index b28cc415b1c6dfcf06e0cb9769a36135da01b991..255dad45037a6cb8f399bf2df500215f6fb25b59 100644
--- a/src/providers/ipa/ipa_s2n_exop.c
+++ b/src/providers/ipa/ipa_s2n_exop.c
@@ -1885,6 +1885,49 @@ done:
return ret;
}
+static errno_t add_emails_to_aliases(struct sysdb_attrs *attrs,
+ struct sss_domain_info *dom)
+{
+ int ret;
+ const char **emails;
+ size_t c;
+ TALLOC_CTX *tmp_ctx;
+
+ tmp_ctx = talloc_new(NULL);
+ if (tmp_ctx == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n");
+ return ENOMEM;
+ }
+
+ ret = sysdb_attrs_get_string_array(attrs, SYSDB_USER_EMAIL, tmp_ctx,
+ &emails);
+ if (ret == EOK) {
+ for (c = 0; emails[c] != NULL; c++) {
+ if (is_email_from_domain(emails[c], dom)) {
+ ret = sysdb_attrs_add_lc_name_alias_safe(attrs, emails[c]);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "Failed to add lower-cased version of email [%s] "
+ "into the alias list\n", emails[c]);
+ goto done;
+ }
+ }
+ }
+ } else if (ret == ENOENT) {
+ DEBUG(SSSDBG_TRACE_ALL, "No email addresses available.\n");
+ } else {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "sysdb_attrs_get_string_array failed, skipping ...\n");
+ }
+
+ ret = EOK;
+
+done:
+ talloc_free(tmp_ctx);
+
+ return ret;
+}
+
static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom,
struct req_input *req_input,
struct resp_attrs *attrs,
@@ -2030,6 +2073,12 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom,
goto done;
}
+ ret = add_emails_to_aliases(attrs->sysdb_attrs, dom);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "add_emails_to_aliases failed, skipping ...\n");
+ }
+
if (upn == NULL) {
/* We also have to store a fake UPN here, because otherwise the
* krb5 child later won't be able to properly construct one as
diff --git a/src/providers/ldap/sdap_utils.c b/src/providers/ldap/sdap_utils.c
index 696af51d66e279d718e9af142ce5ed871eae7727..a3a9642171ca057be5a59dfae192803b84c501c8 100644
--- a/src/providers/ldap/sdap_utils.c
+++ b/src/providers/ldap/sdap_utils.c
@@ -87,6 +87,7 @@ sdap_save_all_names(const char *name,
int i;
bool lowercase = !dom->case_sensitive;
bool store_as_fqdn;
+ const char **emails;
switch (entry_type) {
case SYSDB_MEMBER_USER:
@@ -143,6 +144,27 @@ sdap_save_all_names(const char *name,
}
+ ret = sysdb_attrs_get_string_array(ldap_attrs, SYSDB_USER_EMAIL, tmp_ctx,
+ &emails);
+ if (ret == EOK) {
+ for (i = 0; emails[i] != NULL; i++) {
+ if (is_email_from_domain(emails[i], dom)) {
+ ret = sysdb_attrs_add_lc_name_alias_safe(attrs, emails[i]);
+ if (ret) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "Failed to add lower-cased version of email [%s] "
+ "into the alias list\n", emails[i]);
+ goto done;
+ }
+ }
+ }
+ } else if (ret == ENOENT) {
+ DEBUG(SSSDBG_TRACE_ALL, "No email addresses available.\n");
+ } else {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "sysdb_attrs_get_string_array failed, skipping ...\n");
+ }
+
ret = EOK;
done:
talloc_free(tmp_ctx);
--
2.4.11