From 462c483e9d99efb9323694729772256b8cdd9aec Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 18 Jun 2018 12:38:26 +0200
Subject: Remove memberOf filtering; not required for proper operation

---
 proxy.c | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/proxy.c b/proxy.c
index afb1bd8..3d06cbe 100644
--- a/proxy.c
+++ b/proxy.c
@@ -54,10 +54,10 @@ static int _pendingCount = 0;
 // Attributes
 static struct string s_uid, s_sAMAccountName, s_objectSid, s_homeMount, s_memberUid, s_realAccount;
 static struct string s_objectClass, s_homeDirectory, s_gidNumber, s_gecos, s_cn, s_dn;
-static struct string s_loginShell, s_uidNumber, s_mail, s_objectCategory, s_memberOf, s_distinguishedName;
+static struct string s_loginShell, s_uidNumber, s_mail, s_objectCategory, s_distinguishedName;
 // Some again in lowercase
 static struct string s_samaccountname, s_objectsid, s_homemount, s_memberuid, s_realaccount, s_objectclass;
-static struct string s_homedirectory, s_gidnumber, s_uidnumber, s_memberof, s_distinguishedname, s_loginshell;
+static struct string s_homedirectory, s_gidnumber, s_uidnumber, s_distinguishedname, s_loginshell;
 // Values
 static struct string s_shadowAccount, s_posixAccount, s_posixGroup, s_3, s_1001, s_user, s_member;
 // Feature query
@@ -135,7 +135,6 @@ void proxy_init()
 	SETSTR(uidNumber);
 	SETSTR(mail);
 	SETSTR(objectCategory);
-	SETSTR(memberOf);
 	SETSTR(distinguishedName);
 	SETSTR(cn);
 	SETSTR(dn);
@@ -159,7 +158,6 @@ void proxy_init()
 	SETSTR(homedirectory);
 	SETSTR(gidnumber);
 	SETSTR(uidnumber);
-	SETSTR(memberof);
 	SETSTR(distinguishedname);
 	SETSTR(bogusFieldName42);
 	SETSTR(bogusFieldName43);
@@ -637,7 +635,6 @@ static void request_addDefaultAttributes(struct AttributeDescriptionList **adl)
 	prependAdl(adl, &s_homedirectory);
 	prependAdl(adl, &s_gidnumber);
 	prependAdl(adl, &s_uidnumber);
-	prependAdl(adl, &s_memberof);
 	prependAdl(adl, &s_distinguishedname);
 }
 
@@ -652,7 +649,7 @@ static void request_filterRequestedAttributes(struct AttributeDescriptionList **
 	while (*adl != NULL) {
 		const struct string * const str = &(*adl)->a;
 		if (!(S_EQ(uid) || S_EQ(homemount) || S_EQ(memberuid) || S_EQ(realaccount) || S_EQ(objectclass)
-				|| S_EQ(homedirectory) || S_EQ(gidnumber) || S_EQ(uidnumber) || S_EQ(memberof)
+				|| S_EQ(homedirectory) || S_EQ(gidnumber) || S_EQ(uidnumber)
 				|| S_EQ(distinguishedname) || S_EQ(bogusfieldname42) || S_EQ(bogusfieldname43))) {
 			// Delete
 			struct AttributeDescriptionList *next = (*adl)->next;
@@ -690,7 +687,6 @@ static void response_replacePal(server_t *server, struct PartialAttributeList **
 		elifDELATTR(uidnumber, uidNumber, !server->plainLdap &&);
 		elifDEL(mail);
 		elifDELATTR(cn, cn, !iequals(&server->map.uid, &s_cn) &&);
-		elifDEL(memberof);
 		else if (iequals(&(*pal)->type, &server->map.homemount)) {
 			// homeDirectory is set in AD - it can either be a local path (in which case it's useless)
 			// or a UNC path, which we can easily mount via mount.cifs
-- 
cgit v1.2.3-55-g7522