summaryrefslogtreecommitdiff
path: root/src/responder/nss
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2013-08-21 16:27:50 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-08-28 18:08:42 +0200
commit8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc (patch)
tree5448e43ed51e5e0f93c49b2acd64273c9a743da3 /src/responder/nss
parent31dd31b00ad759f256282ef0f7054e60672161ce (diff)
downloadsssd-8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc.tar.gz
sssd-8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc.tar.bz2
sssd-8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc.zip
NSS: Descend into subdomains if enumerate=true
Since we now store the enumerate flag in sysdb for subdomains, we can always descend to all available subdomains and if they do not allow enumeration, simply skip them.
Diffstat (limited to 'src/responder/nss')
-rw-r--r--src/responder/nss/nsssrv_cmd.c24
1 files changed, 12 insertions, 12 deletions
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index 7c35a7b3..18ccdeac 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -1597,8 +1597,8 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx,
}
/* check if enumeration is enabled in any domain */
- for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) {
- if (dom->enumerate != 0) break;
+ for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ if (dom->enumerate == true) break;
}
state->dctx->domain = dom;
@@ -1710,7 +1710,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx)
while (dom) {
while (dom && dom->enumerate == 0) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, true);
}
if (!dom) break;
@@ -1768,13 +1768,13 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx)
if (ret != EOK) {
DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n",
dom->name));
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, true);
continue;
}
if (res->count == 0) {
DEBUG(4, ("Domain [%s] has no users, skipping.\n", dom->name));
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, true);
continue;
}
@@ -1792,7 +1792,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx)
nctx->pctx->num++;
/* do not reply until all domain searches are done */
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, true);
}
/* We've finished all our lookups
@@ -2818,8 +2818,8 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx,
}
/* check if enumeration is enabled in any domain */
- for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) {
- if (dom->enumerate != 0) break;
+ for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ if (dom->enumerate == true) break;
}
state->dctx->domain = dom;
@@ -2931,7 +2931,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx)
while (dom) {
while (dom && dom->enumerate == 0) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, true);
}
if (!dom) break;
@@ -2989,13 +2989,13 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx)
if (ret != EOK) {
DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n",
dom->name));
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, true);
continue;
}
if (res->count == 0) {
DEBUG(4, ("Domain [%s] has no groups, skipping.\n", dom->name));
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, true);
continue;
}
@@ -3013,7 +3013,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx)
nctx->gctx->num++;
/* do not reply until all domain searches are done */
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, true);
}
/* We've finished all our lookups