From 6fdde3913a11cd6148627696fa8717c34e8460fc Mon Sep 17 00:00:00 2001 From: Jan Zeleny Date: Wed, 28 Mar 2012 07:54:26 -0400 Subject: Modified responder_get_domain() Now it checks for subdomains as well as for the domain itself --- src/responder/common/negcache.c | 7 ++++--- src/responder/common/negcache.h | 2 +- src/responder/common/responder.h | 3 ++- src/responder/common/responder_common.c | 37 ++++++++++++++++++++++++++++----- 4 files changed, 39 insertions(+), 10 deletions(-) (limited to 'src/responder/common') diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index 47f4c323..dd4c0008 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -566,13 +566,14 @@ int sss_ncache_reset_permament(struct sss_nc_ctx *ctx) errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, struct confdb_ctx *cdb, struct sss_names_ctx *names_ctx, - struct sss_domain_info *domain_list) + struct resp_ctx *rctx) { errno_t ret; bool filter_set = false; char **filter_list = NULL; char *name = NULL; struct sss_domain_info *dom = NULL; + struct sss_domain_info *domain_list = rctx->domains; char *domainname = NULL; char *conf_path = NULL; TALLOC_CTX *tmpctx = talloc_new(NULL); @@ -649,7 +650,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } if (domainname) { - dom = responder_get_domain(domain_list, domainname); + dom = responder_get_domain(tmpctx, rctx, domainname); if (!dom) { DEBUG(SSSDBG_CRIT_FAILURE, ("Invalid domain name [%s]\n", domainname)); @@ -746,7 +747,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } if (domainname) { - dom = responder_get_domain(domain_list, domainname); + dom = responder_get_domain(tmpctx, rctx, domainname); if (!dom) { DEBUG(SSSDBG_CRIT_FAILURE, ("Invalid domain name [%s]\n", domainname)); diff --git a/src/responder/common/negcache.h b/src/responder/common/negcache.h index 74f7ff34..9d070c69 100644 --- a/src/responder/common/negcache.h +++ b/src/responder/common/negcache.h @@ -73,6 +73,6 @@ int sss_ncache_reset_permament(struct sss_nc_ctx *ctx); errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, struct confdb_ctx *cdb, struct sss_names_ctx *names_ctx, - struct sss_domain_info *domain_list); + struct resp_ctx *rctx); #endif /* _NSS_NEG_CACHE_H_ */ diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h index f331fee3..30a7101d 100644 --- a/src/responder/common/responder.h +++ b/src/responder/common/responder.h @@ -157,7 +157,8 @@ int sss_parse_name(TALLOC_CTX *memctx, int sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain, struct be_conn **_conn); struct sss_domain_info * -responder_get_domain(struct sss_domain_info *doms, const char *domain); +responder_get_domain(TALLOC_CTX *sd_mem_ctx, struct resp_ctx *rctx, + const char *domain); /* responder_cmd.c */ int sss_cmd_empty_packet(struct sss_packet *packet); diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 66148387..2c1ae28b 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -633,16 +633,43 @@ int sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain, } struct sss_domain_info * -responder_get_domain(struct sss_domain_info *doms, const char *domain) +responder_get_domain(TALLOC_CTX *sd_mem_ctx, struct resp_ctx *rctx, + const char *domain) { + time_t now = time(NULL); + time_t time_diff; struct sss_domain_info *dom; + struct sss_domain_info *ret_dom = NULL; + int i; - for (dom = doms; dom; dom = dom->next) { - if (strcasecmp(dom->name, domain) == 0) break; + for (dom = rctx->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, domain) == 0) { + ret_dom = dom; + break; + } + + for (i = 0; i < dom->subdomain_count; i++) { + if (strcasecmp(dom->subdomains[i]->name, domain) == 0 || + (dom->subdomains[i]->flat_name != NULL && + strcasecmp(dom->subdomains[i]->flat_name, domain) == 0)) { + /* Sub-domains may come and go, so we better copy the struct + * for each request. */ + ret_dom = copy_subdomain(sd_mem_ctx, dom->subdomains[i]); + break; + } + } + + time_diff = now - dom->subdomains_last_checked.tv_sec; + if (i < dom->subdomain_count && time_diff < rctx->domains_timeout) break; + } + /* FIXME: we might want to return a real error, e.g. if copy_subdomain + * fails. */ + if (!ret_dom) { + DEBUG(SSSDBG_OP_FAILURE, ("Unknown domain [%s], checking for" + "possible subdomains!\n", domain)); } - if (!dom) DEBUG(SSSDBG_CRIT_FAILURE, ("Unknown domain [%s]!\n", domain)); - return dom; + return ret_dom; } int responder_logrotate(DBusMessage *message, -- cgit