summaryrefslogtreecommitdiff
path: root/src/providers/ldap
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2013-06-19 13:00:41 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-06-28 22:22:20 +0200
commit4e3ba17a3376b635cb0d9ae60a6d4e712ded01a0 (patch)
tree46bd78bf573bf010d164ee96d9874bc2ba1933f8 /src/providers/ldap
parentf8a4a5f6240156809e1b5ef03816f673281e3fa0 (diff)
downloadsssd-4e3ba17a3376b635cb0d9ae60a6d4e712ded01a0.tar.gz
sssd-4e3ba17a3376b635cb0d9ae60a6d4e712ded01a0.tar.bz2
sssd-4e3ba17a3376b635cb0d9ae60a6d4e712ded01a0.zip
AD: Move storing sdap_domain for subdomain to generic LDAP code
Makes creating the sdap_domain structure for a subdomain reusable outside AD subdomain code where it was created initially. Subtask of: https://fedorahosted.org/sssd/ticket/1962
Diffstat (limited to 'src/providers/ldap')
-rw-r--r--src/providers/ldap/ldap_common.c73
-rw-r--r--src/providers/ldap/ldap_common.h4
2 files changed, 77 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index 96edd336..9aa98173 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -94,6 +94,79 @@ sdap_domain_add(struct sdap_options *opts,
return EOK;
}
+errno_t
+sdap_domain_subdom_add(struct sdap_id_ctx *sdap_id_ctx,
+ struct sdap_domain *sdom_list,
+ struct sss_domain_info *parent)
+{
+ struct sss_domain_info *dom;
+ struct sdap_domain *sdom, *sditer;
+ char *basedn;
+ errno_t ret;
+
+ for (dom = get_next_domain(parent, true);
+ dom && IS_SUBDOMAIN(dom); /* if we get back to a parent, stop */
+ dom = get_next_domain(dom, false)) {
+
+ DLIST_FOR_EACH(sditer, sdom_list) {
+ if (sditer->dom == dom) {
+ break;
+ }
+ }
+
+ if (sditer == NULL) {
+ /* New sdap domain */
+ DEBUG(SSSDBG_TRACE_FUNC, ("subdomain %s is a new one, will "
+ "create a new sdap domain object\n", dom->name));
+
+ ret = sdap_domain_add(sdap_id_ctx->opts, dom, &sdom);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ ("Cannot add new sdap domain for domain %s [%d]: %s\n",
+ parent->name, ret, strerror(ret)));
+ return ret;
+ }
+ } else {
+ sdom = sditer;
+ }
+
+ /* Convert the domain name into search base */
+ ret = domain_to_basedn(sdom, sdom->dom->name, &basedn);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ ("Cannot convert domain name [%s] to base DN [%d]: %s\n",
+ dom->name, ret, strerror(ret)));
+ talloc_free(basedn);
+ return ret;
+ }
+
+ /* Update search bases */
+ talloc_zfree(sdom->search_bases);
+ sdom->search_bases = talloc_array(sdom, struct sdap_search_base *, 2);
+ if (sdom->search_bases == NULL) {
+ return ret;
+ }
+ sdom->search_bases[1] = NULL;
+
+ ret = sdap_create_search_base(sdom, basedn, LDAP_SCOPE_SUBTREE, NULL,
+ &sdom->search_bases[0]);
+ talloc_free(basedn);
+ if (ret) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Cannot create new sdap search base\n"));
+ return ret;
+ }
+
+ sdom->user_search_bases = sdom->search_bases;
+ sdom->group_search_bases = sdom->search_bases;
+ sdom->netgroup_search_bases = sdom->search_bases;
+ sdom->sudo_search_bases = sdom->search_bases;
+ sdom->service_search_bases = sdom->search_bases;
+ sdom->autofs_search_bases = sdom->search_bases;
+ }
+
+ return EOK;
+}
+
void
sdap_domain_remove(struct sdap_options *opts,
struct sss_domain_info *dom)
diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h
index 7a708301..db2466ad 100644
--- a/src/providers/ldap/ldap_common.h
+++ b/src/providers/ldap/ldap_common.h
@@ -240,6 +240,10 @@ errno_t msgs2attrs_array(TALLOC_CTX *mem_ctx, size_t count,
errno_t sdap_domain_add(struct sdap_options *opts,
struct sss_domain_info *dom,
struct sdap_domain **_sdom);
+errno_t
+sdap_domain_subdom_add(struct sdap_id_ctx *sdap_id_ctx,
+ struct sdap_domain *sdom_list,
+ struct sss_domain_info *parent);
void
sdap_domain_remove(struct sdap_options *opts,