summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/providers/ldap/ldap_common.c96
-rw-r--r--src/providers/ldap/ldap_common.h6
2 files changed, 73 insertions, 29 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index 3e7ab9da..fd6f05de 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -603,6 +603,69 @@ errno_t sdap_parse_search_base(TALLOC_CTX *mem_ctx,
_search_bases);
}
+errno_t
+sdap_create_search_base(TALLOC_CTX *mem_ctx,
+ const char *unparsed_base,
+ int scope,
+ const char *filter,
+ struct sdap_search_base **_base)
+{
+ struct sdap_search_base *base;
+ TALLOC_CTX *tmp_ctx;
+ errno_t ret;
+ struct ldb_dn *ldn;
+ struct ldb_context *ldb;
+
+ tmp_ctx = talloc_new(NULL);
+ if (!tmp_ctx) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ /* Create a throwaway LDB context for validating the DN */
+ ldb = ldb_init(tmp_ctx, NULL);
+ if (!ldb) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ base = talloc_zero(tmp_ctx, struct sdap_search_base);
+ if (base == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ base->basedn = talloc_strdup(base, unparsed_base);
+ if (base->basedn == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ /* Validate the basedn */
+ ldn = ldb_dn_new(tmp_ctx, ldb, unparsed_base);
+ if (!ldn) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ if (!ldb_dn_validate(ldn)) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ ("Invalid base DN [%s]\n",
+ unparsed_base));
+ ret = EINVAL;
+ goto done;
+ }
+
+ base->scope = scope;
+ base->filter = filter;
+
+ *_base = talloc_steal(mem_ctx, base);
+ ret = EOK;
+done:
+ talloc_free(tmp_ctx);
+ return ret;
+}
+
errno_t common_parse_search_base(TALLOC_CTX *mem_ctx,
const char *unparsed_base,
const char *class_name,
@@ -655,40 +718,15 @@ errno_t common_parse_search_base(TALLOC_CTX *mem_ctx,
ret = ENOMEM;
goto done;
}
- search_bases[0] = talloc_zero(search_bases, struct sdap_search_base);
- if (!search_bases[0]) {
- ret = ENOMEM;
- goto done;
- }
-
- search_bases[0]->basedn = talloc_strdup(search_bases[0],
- unparsed_base);
- if (!search_bases[0]->basedn) {
- ret = ENOMEM;
- goto done;
- }
- /* Validate the basedn */
- ldn = ldb_dn_new(tmp_ctx, ldb, unparsed_base);
- if (!ldn) {
+ ret = sdap_create_search_base(search_bases, unparsed_base,
+ LDAP_SCOPE_SUBTREE, old_filter,
+ &search_bases[0]);
+ if (!search_bases[0]) {
ret = ENOMEM;
goto done;
}
- if (!ldb_dn_validate(ldn)) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- ("Invalid base DN [%s]\n",
- unparsed_base));
- ret = EINVAL;
- goto done;
- }
- talloc_zfree(ldn);
-
- search_bases[0]->scope = LDAP_SCOPE_SUBTREE;
-
- /* Use a search filter specified in the old style if available */
- search_bases[0]->filter = old_filter;
-
DEBUG(SSSDBG_CONF_SETTINGS,
("Search base added: [%s][%s][%s][%s]\n",
class_name,
diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h
index 565e90b0..8960bce1 100644
--- a/src/providers/ldap/ldap_common.h
+++ b/src/providers/ldap/ldap_common.h
@@ -247,6 +247,12 @@ sdap_domain_remove(struct sdap_options *opts,
struct sdap_domain *sdap_domain_get(struct sdap_options *opts,
struct sss_domain_info *dom);
+errno_t
+sdap_create_search_base(TALLOC_CTX *mem_ctx,
+ const char *unparsed_base,
+ int scope,
+ const char *filter,
+ struct sdap_search_base **_base);
errno_t sdap_parse_search_base(TALLOC_CTX *mem_ctx,
struct dp_option *opts, int class,