diff options
-rw-r--r-- | src/providers/ldap/ldap_common.c | 96 | ||||
-rw-r--r-- | src/providers/ldap/ldap_common.h | 6 |
2 files changed, 73 insertions, 29 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 3e7ab9da..fd6f05de 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -603,6 +603,69 @@ errno_t sdap_parse_search_base(TALLOC_CTX *mem_ctx, _search_bases); } +errno_t +sdap_create_search_base(TALLOC_CTX *mem_ctx, + const char *unparsed_base, + int scope, + const char *filter, + struct sdap_search_base **_base) +{ + struct sdap_search_base *base; + TALLOC_CTX *tmp_ctx; + errno_t ret; + struct ldb_dn *ldn; + struct ldb_context *ldb; + + tmp_ctx = talloc_new(NULL); + if (!tmp_ctx) { + ret = ENOMEM; + goto done; + } + + /* Create a throwaway LDB context for validating the DN */ + ldb = ldb_init(tmp_ctx, NULL); + if (!ldb) { + ret = ENOMEM; + goto done; + } + + base = talloc_zero(tmp_ctx, struct sdap_search_base); + if (base == NULL) { + ret = ENOMEM; + goto done; + } + + base->basedn = talloc_strdup(base, unparsed_base); + if (base->basedn == NULL) { + ret = ENOMEM; + goto done; + } + + /* Validate the basedn */ + ldn = ldb_dn_new(tmp_ctx, ldb, unparsed_base); + if (!ldn) { + ret = ENOMEM; + goto done; + } + + if (!ldb_dn_validate(ldn)) { + DEBUG(SSSDBG_CRIT_FAILURE, + ("Invalid base DN [%s]\n", + unparsed_base)); + ret = EINVAL; + goto done; + } + + base->scope = scope; + base->filter = filter; + + *_base = talloc_steal(mem_ctx, base); + ret = EOK; +done: + talloc_free(tmp_ctx); + return ret; +} + errno_t common_parse_search_base(TALLOC_CTX *mem_ctx, const char *unparsed_base, const char *class_name, @@ -655,40 +718,15 @@ errno_t common_parse_search_base(TALLOC_CTX *mem_ctx, ret = ENOMEM; goto done; } - search_bases[0] = talloc_zero(search_bases, struct sdap_search_base); - if (!search_bases[0]) { - ret = ENOMEM; - goto done; - } - - search_bases[0]->basedn = talloc_strdup(search_bases[0], - unparsed_base); - if (!search_bases[0]->basedn) { - ret = ENOMEM; - goto done; - } - /* Validate the basedn */ - ldn = ldb_dn_new(tmp_ctx, ldb, unparsed_base); - if (!ldn) { + ret = sdap_create_search_base(search_bases, unparsed_base, + LDAP_SCOPE_SUBTREE, old_filter, + &search_bases[0]); + if (!search_bases[0]) { ret = ENOMEM; goto done; } - if (!ldb_dn_validate(ldn)) { - DEBUG(SSSDBG_CRIT_FAILURE, - ("Invalid base DN [%s]\n", - unparsed_base)); - ret = EINVAL; - goto done; - } - talloc_zfree(ldn); - - search_bases[0]->scope = LDAP_SCOPE_SUBTREE; - - /* Use a search filter specified in the old style if available */ - search_bases[0]->filter = old_filter; - DEBUG(SSSDBG_CONF_SETTINGS, ("Search base added: [%s][%s][%s][%s]\n", class_name, diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h index 565e90b0..8960bce1 100644 --- a/src/providers/ldap/ldap_common.h +++ b/src/providers/ldap/ldap_common.h @@ -247,6 +247,12 @@ sdap_domain_remove(struct sdap_options *opts, struct sdap_domain *sdap_domain_get(struct sdap_options *opts, struct sss_domain_info *dom); +errno_t +sdap_create_search_base(TALLOC_CTX *mem_ctx, + const char *unparsed_base, + int scope, + const char *filter, + struct sdap_search_base **_base); errno_t sdap_parse_search_base(TALLOC_CTX *mem_ctx, struct dp_option *opts, int class, |