diff options
-rw-r--r-- | src/providers/ldap/ldap_common.c | 111 | ||||
-rw-r--r-- | src/providers/ldap/ldap_common.h | 3 | ||||
-rw-r--r-- | src/providers/ldap/ldap_init.c | 5 |
3 files changed, 84 insertions, 35 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 24c6e124..76236743 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -1072,7 +1072,7 @@ int sdap_gssapi_init(TALLOC_CTX *mem_ctx, } ret = krb5_service_init(mem_ctx, bectx, SSS_KRB5KDC_FO_SRV, krb5_servers, - krb5_realm, &service); + NULL, krb5_realm, &service); if (ret != EOK) { DEBUG(0, ("Failed to init KRB5 failover service!\n")); goto done; @@ -1106,44 +1106,25 @@ done: return ret; } -int sdap_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, - const char *service_name, const char *dns_service_name, - const char *urls, struct sdap_service **_service) +errno_t sdap_urls_init(struct be_ctx *ctx, + struct sdap_service *service, + const char *service_name, + const char *dns_service_name, + const char *urls, + bool primary) { TALLOC_CTX *tmp_ctx; - struct sdap_service *service; - LDAPURLDesc *lud; - char **list = NULL; char *srv_user_data; - int ret; + char **list = NULL; + LDAPURLDesc *lud; + errno_t ret; int i; - tmp_ctx = talloc_new(memctx); + tmp_ctx = talloc_new(NULL); if (!tmp_ctx) { return ENOMEM; } - service = talloc_zero(tmp_ctx, struct sdap_service); - if (!service) { - ret = ENOMEM; - goto done; - } - - ret = be_fo_add_service(ctx, service_name); - if (ret != EOK) { - DEBUG(1, ("Failed to create failover service!\n")); - goto done; - } - - service->name = talloc_strdup(service, service_name); - if (!service->name) { - ret = ENOMEM; - goto done; - } - - if (!urls) { - urls = BE_SRV_IDENTIFIER; - } /* split server parm into a list */ ret = split_on_separator(tmp_ctx, urls, ',', true, &list, NULL); @@ -1198,17 +1179,83 @@ int sdap_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, talloc_steal(service, list[i]); ret = be_fo_add_server(ctx, service->name, lud->lud_host, - lud->lud_port, list[i], true); + lud->lud_port, list[i], primary); ldap_free_urldesc(lud); if (ret) { goto done; } } +done: + talloc_free(tmp_ctx); + return ret; +} + +int sdap_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, + const char *service_name, const char *dns_service_name, + const char *urls, const char *backup_urls, + struct sdap_service **_service) +{ + TALLOC_CTX *tmp_ctx; + struct sdap_service *service; + int ret; + + tmp_ctx = talloc_new(NULL); + if (!tmp_ctx) { + return ENOMEM; + } + + service = talloc_zero(tmp_ctx, struct sdap_service); + if (!service) { + ret = ENOMEM; + goto done; + } + + ret = be_fo_add_service(ctx, service_name); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to create failover service!\n")); + goto done; + } + + service->name = talloc_strdup(service, service_name); + if (!service->name) { + ret = ENOMEM; + goto done; + } + + if (!urls) { + if (backup_urls) { + DEBUG(SSSDBG_CONF_SETTINGS, ("Missing primary LDAP URL but " + "backup URL given - using it " + "as primary!\n")); + urls = backup_urls; + backup_urls = NULL; + } + else { + DEBUG(SSSDBG_CONF_SETTINGS, ("Missing primary and backup LDAP " + "URLs - using service discovery!\n")); + urls = BE_SRV_IDENTIFIER; + } + } + + ret = sdap_urls_init(ctx, service, service_name, dns_service_name, + urls, true); + if (ret != EOK) { + goto done; + } + + if (backup_urls) { + ret = sdap_urls_init(ctx, service, service_name, dns_service_name, + backup_urls, false); + if (ret != EOK) { + goto done; + } + } + ret = be_fo_service_add_callback(memctx, ctx, service->name, sdap_uri_callback, service); if (ret != EOK) { - DEBUG(1, ("Failed to add failover callback!\n")); + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to add failover callback!\n")); goto done; } diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h index 1a458ec9..1773f37e 100644 --- a/src/providers/ldap/ldap_common.h +++ b/src/providers/ldap/ldap_common.h @@ -98,7 +98,8 @@ void sdap_handler_done(struct be_req *req, int dp_err, int sdap_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, const char *service_name, const char *dns_service_name, - const char *urls, struct sdap_service **_service); + const char *urls, const char *backup_urls, + struct sdap_service **_service); int sdap_gssapi_init(TALLOC_CTX *mem_ctx, struct dp_option *opts, diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c index 77b6bbe9..90e5f666 100644 --- a/src/providers/ldap/ldap_init.c +++ b/src/providers/ldap/ldap_init.c @@ -122,7 +122,8 @@ int sssm_ldap_id_init(struct be_ctx *bectx, } ret = sdap_service_init(ctx, ctx->be, "LDAP", - dns_service_name, urls, &ctx->service); + dns_service_name, urls, NULL, + &ctx->service); if (ret != EOK) { DEBUG(1, ("Failed to initialize failover service!\n")); goto done; @@ -243,7 +244,7 @@ int sssm_ldap_chpass_init(struct be_ctx *bectx, ctx->chpass_service = NULL; } else { ret = sdap_service_init(ctx, ctx->be, "LDAP_CHPASS", dns_service_name, - urls, &ctx->chpass_service); + urls, NULL, &ctx->chpass_service); if (ret != EOK) { DEBUG(1, ("Failed to initialize failover service!\n")); goto done; |