From 481bd8fd5db7a92954ff351ab64ab32b4249bf19 Mon Sep 17 00:00:00 2001

From: Sumit Bose <sbose@redhat.com>

Date: Tue, 21 Jun 2016 11:06:19 +0200

Subject: [PATCH 57/62] NSS: continue with UPN/email search if name was not

 found

Currently we only search for UPNs if the domain part of the name was not

know, with Kerberos aliases and email addresses we have to do this even

if the domain name is a know domain.

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

(cherry picked from commit 447b1da857368678990b54cd6b9cfed940357c44)

---

 src/responder/nss/nsssrv_cmd.c | 12 ++++++------

 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c

index 77e540d8da969614e4ab40c62e6ae1f271962f31..cd15b41886ad046d1d70dbd8ad54af5a4eccee5d 100644

--- a/src/responder/nss/nsssrv_cmd.c

+++ b/src/responder/nss/nsssrv_cmd.c

@@ -980,6 +980,7 @@ done:

 static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min,

                                       const char *err_msg, void *ptr);

+static int nss_cmd_assume_upn(struct nss_dom_ctx *dctx);

 /* search for a user.

  * Returns:

@@ -1051,6 +1052,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)

             /* There are no further domains or this was a

              * fully-qualified user request.

              */

+

             return ENOENT;

         }

@@ -1144,8 +1146,6 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)

                 if (dom) continue;

             }

-            DEBUG(SSSDBG_OP_FAILURE, "No results for getpwnam call\n");

-

             /* User not found in ldb -> delete user from memory cache. */

             ret = delete_entry_from_memcache(dctx->domain, name, nctx->rctx,

                                              nctx->pwd_mc_ctx, SSS_MC_PASSWD);

@@ -1163,6 +1163,8 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)

                       "Deleting user from memcache failed.\n");

             }

+            DEBUG(SSSDBG_OP_FAILURE, "No results for getpwnam call\n");

+

             return ENOENT;

         }

@@ -1215,7 +1217,7 @@ static int nss_cmd_assume_upn(struct nss_dom_ctx *dctx)

 {

     int ret;

-    if (dctx->domain == NULL) {

+    if (dctx->cmdctx->name_is_upn == false) {

         dctx->domain = dctx->cmdctx->cctx->rctx->domains;

         dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider);

         dctx->cmdctx->check_next = true;

@@ -1563,6 +1565,7 @@ static int nss_cmd_getbynam(enum sss_cli_command cmd, struct cli_ctx *cctx)

     rawname = (const char *)body;

     dctx->mc_name = rawname;

+    dctx->rawname = rawname;

     DEBUG(SSSDBG_TRACE_FUNC, "Running command [%d][%s] with input [%s].\n",

           cmd, sss_cmd2str(dctx->cmdctx->cmd), rawname);

@@ -1588,7 +1591,6 @@ static int nss_cmd_getbynam(enum sss_cli_command cmd, struct cli_ctx *cctx)

         if (req == NULL) {

             ret = ENOMEM;

         } else {

-            dctx->rawname = rawname;

             tevent_req_set_callback(req, nss_cmd_getbynam_done, dctx);

             ret = EAGAIN;

         }

@@ -1604,7 +1606,6 @@ static int nss_cmd_getbynam(enum sss_cli_command cmd, struct cli_ctx *cctx)

         if (req == NULL) {

             ret = ENOMEM;

         } else {

-            dctx->rawname = rawname;

             tevent_req_set_callback(req, nss_cmd_getbynam_done, dctx);

             ret = EAGAIN;

         }

@@ -1626,7 +1627,6 @@ static int nss_cmd_getbynam(enum sss_cli_command cmd, struct cli_ctx *cctx)

         }

     } else {

         /* this is a multidomain search */

-        dctx->rawname = rawname;

         dctx->domain = cctx->rctx->domains;

         cmdctx->check_next = true;

         if (cctx->rctx->get_domains_last_call.tv_sec == 0) {

-- 

2.4.11