diff options
author | Simo Sorce <ssorce@redhat.com> | 2009-04-07 19:25:48 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2009-04-08 10:55:03 -0400 |
commit | 6b5d45693f01eec55128eb3508266cda73071d93 (patch) | |
tree | c51ca00f2fb243e5eaf06128e8092583fba1bd8c /server/responder/pam | |
parent | e8a7526b06acf4af322fdab593c8bafbd9f4a103 (diff) | |
download | sssd-6b5d45693f01eec55128eb3508266cda73071d93.tar.gz sssd-6b5d45693f01eec55128eb3508266cda73071d93.tar.bz2 sssd-6b5d45693f01eec55128eb3508266cda73071d93.zip |
Change the way we retrieve domains
To be able to correctly filter out duplicate names when multiple non-fully
qualified domains are in use we need to be able to specify the domains order.
This is now accomplished by the configuration paramets 'domains' in the
config/domains entry. 'domains' is a comma separated list of domain names.
This paramter allows also to have disbaled domains in the configuration without
requiring to completely delete them.
The domains list is now kept in a linked list of sss_domain_info objects.
The first domain is also the "default" domain.
Diffstat (limited to 'server/responder/pam')
-rw-r--r-- | server/responder/pam/pam_LOCAL_domain.c | 5 | ||||
-rw-r--r-- | server/responder/pam/pam_LOCAL_domain.h | 2 | ||||
-rw-r--r-- | server/responder/pam/pamsrv_cmd.c | 29 |
3 files changed, 16 insertions, 20 deletions
diff --git a/server/responder/pam/pam_LOCAL_domain.c b/server/responder/pam/pam_LOCAL_domain.c index 49a06ff3..28a95db8 100644 --- a/server/responder/pam/pam_LOCAL_domain.c +++ b/server/responder/pam/pam_LOCAL_domain.c @@ -347,7 +347,7 @@ done: } int LOCAL_pam_handler(struct cli_ctx *cctx, pam_dp_callback_t callback, - struct pam_data *pd) + struct sss_domain_info *dom, struct pam_data *pd) { int ret; struct LOCAL_request *lreq=NULL; @@ -377,8 +377,7 @@ int LOCAL_pam_handler(struct cli_ctx *cctx, pam_dp_callback_t callback, DEBUG(4, ("LOCAL pam handler.\n")); - lreq->domain_info = btreemap_get_value(lreq->cctx->rctx->domain_map, - lreq->pd->domain); + lreq->domain_info = dom; NULL_CHECK_OR_JUMP(lreq->domain_info, ("Domain info not found.\n"), ret, EINVAL, done); diff --git a/server/responder/pam/pam_LOCAL_domain.h b/server/responder/pam/pam_LOCAL_domain.h index 6cac6075..bc2064db 100644 --- a/server/responder/pam/pam_LOCAL_domain.h +++ b/server/responder/pam/pam_LOCAL_domain.h @@ -4,6 +4,6 @@ #include "responder/pam/pamsrv.h" int LOCAL_pam_handler(struct cli_ctx *cctx, pam_dp_callback_t callback, - struct pam_data *pd); + struct sss_domain_info *dom, struct pam_data *pd); #endif /* __PAM_LOCAL_DOMAIN_H__ */ diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c index 22a2b85d..db5f064f 100644 --- a/server/responder/pam/pamsrv_cmd.c +++ b/server/responder/pam/pamsrv_cmd.c @@ -197,7 +197,7 @@ done: static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) { - struct sss_domain_info *info; + struct sss_domain_info *dom; uint8_t *body; size_t blen; int ret; @@ -224,30 +224,27 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) pd->response_delay = 0; pd->resp_list = NULL; - if (pd->domain == NULL) { - if (cctx->rctx->default_domain != NULL) { - pd->domain = cctx->rctx->default_domain; - } else { - pd->domain = talloc_strdup(pd, "LOCAL"); - } - DEBUG(4, ("Using default domain [%s].\n", pd->domain)); - } if (pd->domain) { - /* Check for registered domain */ - info = btreemap_get_value(cctx->rctx->domain_map, - (void *)(pd->domain)); - if (!info) { + for (dom = cctx->rctx->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, pd->domain) == 0) break; + } + if (!dom) { talloc_free(pd); return EINVAL; } } + else { + DEBUG(4, ("Domain not provided, using default.\n")); + dom = cctx->rctx->domains; + pd->domain = dom->name; + } - if (!info->provider) { - return LOCAL_pam_handler(cctx, pam_reply, pd); + if (!dom->provider) { + return LOCAL_pam_handler(cctx, pam_reply, dom, pd); }; - ret=pam_dp_send_req(cctx, pam_reply, PAM_DP_TIMEOUT, pd); + ret = pam_dp_send_req(cctx, pam_reply, PAM_DP_TIMEOUT, pd); DEBUG(4, ("pam_dp_send_req returned %d\n", ret)); return ret; |