From a0289893c03bd2f2342d377e66af6ef731f213e1 Mon Sep 17 00:00:00 2001
From: Matt Benjamin <mbenjamin@redhat.com>
Date: Tue, 15 Mar 2016 18:00:55 -0400
Subject: [PATCH] rgw ldap: s/memberattr/dnattr/;

The parameter really is dnattr (attribute used to form DNs), not
memberattr (attribute used to form group member strings).

Switch to the correct name for this attribute, to avoid confusion--
especially if we ever apply group membership checks in future.

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
---
 src/common/config_opts.h  |  4 ++--
 src/rgw/librgw.cc         |  6 +++---
 src/rgw/rgw_ldap.h        | 10 +++++-----
 src/rgw/rgw_rest_s3.cc    |  6 +++---
 src/test/test_rgw_ldap.cc |  4 ++--
 5 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/src/common/config_opts.h b/src/common/config_opts.h
index 9e0497f062903..818df49dbc057 100644
--- a/src/common/config_opts.h
+++ b/src/common/config_opts.h
@@ -1250,8 +1250,8 @@ OPTION(rgw_ldap_uri, OPT_STR, "ldaps://<ldap.your.domain>")
 OPTION(rgw_ldap_binddn, OPT_STR, "uid=admin,cn=users,dc=example,dc=com")
 /* rgw_ldap_searchdn  LDAP search base (basedn) */
 OPTION(rgw_ldap_searchdn, OPT_STR, "cn=users,cn=accounts,dc=example,dc=com")
-/* rgw_ldap_memberattr  LDAP attribute containing RGW user names */
-OPTION(rgw_ldap_memberattr, OPT_STR, "uid")
+/* rgw_ldap_dnattr  LDAP attribute containing RGW user names (to form binddns)*/
+OPTION(rgw_ldap_dnattr, OPT_STR, "uid")
 /* rgw_ldap_secret  file containing credentials for rgw_ldap_binddn */
 OPTION(rgw_ldap_secret, OPT_STR, "/etc/openldap/secret")
 /* rgw_s3_auth_use_ldap  use LDAP for RGW auth? */
diff --git a/src/rgw/librgw.cc b/src/rgw/librgw.cc
index 4e71ee8659315..220d024099789 100644
--- a/src/rgw/librgw.cc
+++ b/src/rgw/librgw.cc
@@ -467,11 +467,11 @@ namespace rgw {
     const string& ldap_uri = store->ctx()->_conf->rgw_ldap_uri;
     const string& ldap_binddn = store->ctx()->_conf->rgw_ldap_binddn;
     const string& ldap_searchdn = store->ctx()->_conf->rgw_ldap_searchdn;
-    const string& ldap_memberattr =
-      store->ctx()->_conf->rgw_ldap_memberattr;
+    const string& ldap_dnattr =
+      store->ctx()->_conf->rgw_ldap_dnattr;
 
     ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_searchdn,
-			      ldap_memberattr);
+			      ldap_dnattr);
     ldh->init();
     ldh->bind();
 
diff --git a/src/rgw/rgw_ldap.h b/src/rgw/rgw_ldap.h
index bf90d1a11596a..6cc40f6ab3d22 100644
--- a/src/rgw/rgw_ldap.h
+++ b/src/rgw/rgw_ldap.h
@@ -20,14 +20,14 @@ namespace rgw {
     std::string uri;
     std::string binddn;
     std::string searchdn;
-    std::string memberattr;
+    std::string dnattr;
     LDAP *ldap;
 
   public:
     LDAPHelper(std::string _uri, std::string _binddn, std::string _searchdn,
-	      std::string _memberattr)
+	      std::string _dnattr)
       : uri(std::move(_uri)), binddn(std::move(_binddn)), searchdn(_searchdn),
-	memberattr(_memberattr), ldap(nullptr) {
+	dnattr(_dnattr), ldap(nullptr) {
       // nothing
     }
 
@@ -57,11 +57,11 @@ namespace rgw {
       int ret;
       std::string filter;
       filter = "(";
-      filter += memberattr;
+      filter += dnattr;
       filter += "=";
       filter += uid;
       filter += ")";
-      char *attrs[] = { const_cast<char*>(memberattr.c_str()), nullptr };
+      char *attrs[] = { const_cast<char*>(dnattr.c_str()), nullptr };
       LDAPMessage *answer, *entry;
       ret = ldap_search_s(ldap, searchdn.c_str(), LDAP_SCOPE_SUBTREE,
 			  filter.c_str(), attrs, 0, &answer);
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 230c2e7216ed5..b51e059e22ae2 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -2909,11 +2909,11 @@ void RGW_Auth_S3::init_impl(RGWRados* store)
   const string& ldap_uri = store->ctx()->_conf->rgw_ldap_uri;
   const string& ldap_binddn = store->ctx()->_conf->rgw_ldap_binddn;
   const string& ldap_searchdn = store->ctx()->_conf->rgw_ldap_searchdn;
-  const string& ldap_memberattr =
-    store->ctx()->_conf->rgw_ldap_memberattr;
+  const string& ldap_dnattr =
+    store->ctx()->_conf->rgw_ldap_dnattr;
 
   ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_searchdn,
-			    ldap_memberattr);
+			    ldap_dnattr);
 
   ldh->init();
   ldh->bind();
diff --git a/src/test/test_rgw_ldap.cc b/src/test/test_rgw_ldap.cc
index 103b3b071c639..8cbba51c5b77a 100644
--- a/src/test/test_rgw_ldap.cc
+++ b/src/test/test_rgw_ldap.cc
@@ -44,9 +44,9 @@ namespace {
   string ldap_uri = "ldaps://f23-kdc.rgw.com";
   string ldap_binddn = "uid=admin,cn=users,cn=accounts,dc=rgw,dc=com";
   string ldap_searchdn = "cn=users,cn=accounts,dc=rgw,dc=com";
-  string ldap_memberattr = "uid";
+  string ldap_dnattr = "uid";
 
-  rgw::LDAPHelper ldh(ldap_uri, ldap_binddn, ldap_searchdn, ldap_memberattr);
+  rgw::LDAPHelper ldh(ldap_uri, ldap_binddn, ldap_searchdn, ldap_dnattr);
 
 } /* namespace */
 
-- 
2.39.5