summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/db/sysdb.h1
-rw-r--r--src/db/sysdb_search.c3
-rw-r--r--src/providers/krb5/krb5_access.c4
-rw-r--r--src/providers/krb5/krb5_auth.c14
-rw-r--r--src/providers/krb5/krb5_utils.c3
-rw-r--r--src/providers/krb5/krb5_utils.h1
-rw-r--r--src/providers/ldap/ldap_auth.c7
-rw-r--r--src/providers/ldap/sdap_access.c4
-rw-r--r--src/responder/pam/pam_LOCAL_domain.c4
-rw-r--r--src/responder/ssh/sshsrv_cmd.c2
-rw-r--r--src/tests/sysdb-tests.c4
11 files changed, 26 insertions, 21 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index fcb5ba5b..097e0a1a 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -513,6 +513,7 @@ int sysdb_initgroups(TALLOC_CTX *mem_ctx,
int sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
const char **attributes,
struct ldb_result **res);
diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c
index aab53bbc..0bc813a6 100644
--- a/src/db/sysdb_search.c
+++ b/src/db/sysdb_search.c
@@ -484,6 +484,7 @@ done:
int sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
const char **attributes,
struct ldb_result **_res)
@@ -500,7 +501,7 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
}
base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_TMPL_USER_BASE, sysdb->domain->name);
+ SYSDB_TMPL_USER_BASE, domain->name);
if (!base_dn) {
ret = ENOMEM;
goto done;
diff --git a/src/providers/krb5/krb5_access.c b/src/providers/krb5/krb5_access.c
index 970633eb..41e62d36 100644
--- a/src/providers/krb5/krb5_access.c
+++ b/src/providers/krb5/krb5_access.c
@@ -88,8 +88,8 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx,
attrs[2] = SYSDB_GIDNUM;
attrs[3] = NULL;
- ret = sysdb_get_user_attr(state, be_ctx->sysdb, state->pd->user, attrs,
- &res);
+ ret = sysdb_get_user_attr(state, be_ctx->sysdb, be_ctx->domain,
+ state->pd->user, attrs, &res);
if (ret) {
DEBUG(5, ("sysdb search for upn of user [%s] failed.\n", pd->user));
goto done;
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 398f06a8..f03cfcf4 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -429,6 +429,7 @@ struct krb5_auth_state {
struct be_ctx *be_ctx;
struct pam_data *pd;
struct sysdb_ctx *sysdb;
+ struct sss_domain_info *domain;
struct krb5_ctx *krb5_ctx;
struct krb5child_req *kr;
@@ -456,7 +457,6 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
struct tevent_req *req;
struct tevent_req *subreq;
int ret;
- struct sss_domain_info *dom;
req = tevent_req_create(mem_ctx, &state, struct krb5_auth_state);
if (req == NULL) {
@@ -472,13 +472,13 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
state->pam_status = PAM_SYSTEM_ERR;
state->dp_err = DP_ERR_FATAL;
- ret = get_domain_or_subdomain(state, be_ctx, pd->domain, &dom);
+ ret = get_domain_or_subdomain(state, be_ctx, pd->domain, &state->domain);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("get_domain_or_subdomain failed.\n"));
goto done;
}
- state->sysdb = dom->sysdb;
+ state->sysdb = state->domain->sysdb;
switch (pd->cmd) {
case SSS_PAM_AUTHENTICATE:
@@ -541,8 +541,8 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
}
kr = state->kr;
- ret = sysdb_get_user_attr(state, state->sysdb, state->pd->user, attrs,
- &res);
+ ret = sysdb_get_user_attr(state, state->sysdb, state->domain,
+ state->pd->user, attrs, &res);
if (ret) {
DEBUG(5, ("sysdb search for upn of user [%s] failed.\n", pd->user));
state->pam_status = PAM_SYSTEM_ERR;
@@ -901,8 +901,8 @@ static void krb5_auth_done(struct tevent_req *subreq)
goto done;
}
- ret = check_if_cached_upn_needs_update(state->sysdb, pd->user,
- res->correct_upn);
+ ret = check_if_cached_upn_needs_update(state->sysdb, state->domain,
+ pd->user, res->correct_upn);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE,
("check_if_cached_upn_needs_update failed.\n"));
diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c
index f99b0f99..b770714b 100644
--- a/src/providers/krb5/krb5_utils.c
+++ b/src/providers/krb5/krb5_utils.c
@@ -58,6 +58,7 @@ errno_t find_or_guess_upn(TALLOC_CTX *mem_ctx, struct ldb_message *msg,
}
errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *user,
const char *upn)
{
@@ -80,7 +81,7 @@ errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb,
return ENOMEM;
}
- ret = sysdb_get_user_attr(tmp_ctx, sysdb, user, attrs, &res);
+ ret = sysdb_get_user_attr(tmp_ctx, sysdb, domain, user, attrs, &res);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("sysdb_get_user_attr failed.\n"));
goto done;
diff --git a/src/providers/krb5/krb5_utils.h b/src/providers/krb5/krb5_utils.h
index 25d8c6cf..a123a795 100644
--- a/src/providers/krb5/krb5_utils.h
+++ b/src/providers/krb5/krb5_utils.h
@@ -38,6 +38,7 @@ errno_t find_or_guess_upn(TALLOC_CTX *mem_ctx, struct ldb_message *msg,
const char *user_dom, char **_upn);
errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *user,
const char *upn);
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
index 3dcb0b2d..cffdf088 100644
--- a/src/providers/ldap/ldap_auth.c
+++ b/src/providers/ldap/ldap_auth.c
@@ -357,6 +357,7 @@ shadow_fail:
static int get_user_dn(TALLOC_CTX *memctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
struct sdap_options *opts,
const char *username,
char **user_dn,
@@ -394,7 +395,7 @@ static int get_user_dn(TALLOC_CTX *memctx,
attrs[9] = SYSDB_PWD_ATTRIBUTE;
attrs[10] = NULL;
- ret = sysdb_get_user_attr(tmpctx, sysdb, username, attrs, &res);
+ ret = sysdb_get_user_attr(tmpctx, sysdb, domain, username, attrs, &res);
if (ret) {
goto done;
}
@@ -619,8 +620,8 @@ static void auth_connect_done(struct tevent_req *subreq)
state->srv, PORT_WORKING);
}
- ret = get_user_dn(state, state->ctx->be->sysdb, state->ctx->opts,
- state->username, &state->dn,
+ ret = get_user_dn(state, state->ctx->be->sysdb, state->ctx->be->domain,
+ state->ctx->opts, state->username, &state->dn,
&state->pw_expire_type, &state->pw_expire_data);
if (ret) {
tevent_req_error(req, ret);
diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c
index b198e043..a0d4443f 100644
--- a/src/providers/ldap/sdap_access.c
+++ b/src/providers/ldap/sdap_access.c
@@ -172,10 +172,10 @@ sdap_access_send(TALLOC_CTX *mem_ctx,
ret = ENOMEM;
goto done;
}
- ret = sysdb_get_user_attr(state, user_dom->sysdb,
+ ret = sysdb_get_user_attr(state, user_dom->sysdb, user_dom,
pd->user, attrs, &res);
} else {
- ret = sysdb_get_user_attr(state, be_req->sysdb,
+ ret = sysdb_get_user_attr(state, be_req->sysdb, be_req->domain,
pd->user, attrs, &res);
}
if (ret != EOK) {
diff --git a/src/responder/pam/pam_LOCAL_domain.c b/src/responder/pam/pam_LOCAL_domain.c
index 23eb7a2a..a903fea9 100644
--- a/src/responder/pam/pam_LOCAL_domain.c
+++ b/src/responder/pam/pam_LOCAL_domain.c
@@ -243,8 +243,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq)
pd->pam_status = PAM_SUCCESS;
- ret = sysdb_get_user_attr(lreq, lreq->dbctx, preq->pd->user,
- attrs, &res);
+ ret = sysdb_get_user_attr(lreq, lreq->dbctx, preq->domain,
+ preq->pd->user, attrs, &res);
if (ret != EOK) {
DEBUG(1, ("sysdb_get_user_attr failed.\n"));
talloc_free(lreq);
diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index 687e8887..5b029262 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -232,7 +232,7 @@ ssh_user_pubkeys_search_next(struct ssh_cmd_ctx *cmd_ctx)
return EFAULT;
}
- ret = sysdb_get_user_attr(cmd_ctx, sysdb,
+ ret = sysdb_get_user_attr(cmd_ctx, sysdb, cmd_ctx->domain,
cmd_ctx->name, attrs, &res);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index 7cf5a3e0..c0ea6401 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -1143,7 +1143,7 @@ START_TEST (test_sysdb_get_user_attr)
username = talloc_asprintf(test_ctx, "testuser%d", _i);
ret = sysdb_get_user_attr(test_ctx, test_ctx->sysdb,
- username, attrs, &res);
+ test_ctx->domain, username, attrs, &res);
if (ret) {
fail("Could not get attributes for user %s", username);
goto done;
@@ -3751,7 +3751,7 @@ START_TEST(test_odd_characters)
talloc_zfree(res);
/* Attributes */
- ret = sysdb_get_user_attr(test_ctx, test_ctx->sysdb,
+ ret = sysdb_get_user_attr(test_ctx, test_ctx->sysdb, test_ctx->domain,
odd_username, user_attrs, &res);
fail_unless(ret == EOK, "sysdb_get_user_attr error [%d][%s]",
ret, strerror(ret));