From 0232747f04b650796db56fd7b487aee8a96fab03 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 14 Jan 2013 17:04:00 -0500 Subject: Add function get_next_domain() Use this function instead of explicitly calling domain->next This function allows to get the next primary domain or to descend into the subdomains and replaces also get_next_dom_or_subdom() --- src/confdb/confdb.c | 2 +- src/monitor/monitor.c | 10 +-- src/responder/autofs/autofssrv_cmd.c | 8 +-- src/responder/common/negcache.c | 8 +-- src/responder/common/responder_common.c | 4 +- src/responder/common/responder_get_domains.c | 8 +-- src/responder/nss/nsssrv_cmd.c | 94 +++++++++++----------------- src/responder/nss/nsssrv_netgroup.c | 10 +-- src/responder/nss/nsssrv_services.c | 26 ++++---- src/responder/pac/pacsrv_utils.c | 2 +- src/responder/pam/pamsrv_cmd.c | 8 ++- src/responder/ssh/sshsrv_cmd.c | 10 +-- src/responder/sudo/sudosrv_get_sudorules.c | 6 +- src/tools/sss_cache.c | 2 +- src/tools/sss_debuglevel.c | 9 ++- src/util/domain_info_utils.c | 18 ++++++ src/util/usertools.c | 4 +- src/util/util.h | 2 + 18 files changed, 119 insertions(+), 112 deletions(-) (limited to 'src') diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c index 8ae8d016..14e9f057 100644 --- a/src/confdb/confdb.c +++ b/src/confdb/confdb.c @@ -1190,7 +1190,7 @@ int confdb_get_domain(struct confdb_ctx *cdb, return ret; } - for (dom = doms; dom; dom = dom->next) { + for (dom = doms; dom; dom = get_next_domain(dom, false)) { if (strcasecmp(dom->name, name) == 0) { *_domain = dom; return EOK; diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c index 2b699ca7..2c8cdb60 100644 --- a/src/monitor/monitor.c +++ b/src/monitor/monitor.c @@ -772,7 +772,7 @@ static int check_domain_ranges(struct sss_domain_info *domains) uint32_t id_min, id_max; while (dom) { - other = dom->next; + other = get_next_domain(dom, false); if (dom->id_max && dom->id_min > dom->id_max) { DEBUG(SSSDBG_CRIT_FAILURE, ("Domain '%s' does not have a valid ID range\n", dom->name)); @@ -788,9 +788,9 @@ static int check_domain_ranges(struct sss_domain_info *domains) ("Domains '%s' and '%s' overlap in range %u - %u\n", dom->name, other->name, id_min, id_max)); } - other = other->next; + other = get_next_domain(other, false); } - dom = dom->next; + dom = get_next_domain(dom, false); } return EOK; @@ -811,7 +811,7 @@ static int check_local_domain_unique(struct sss_domain_info *domains) break; } - dom = dom->next; + dom = get_next_domain(dom, false); } if (count > 1) { @@ -2235,7 +2235,7 @@ int monitor_process_init(struct mt_ctx *ctx, /* start providers */ num_providers = 0; - for (dom = ctx->domains; dom; dom = dom->next) { + for (dom = ctx->domains; dom; dom = get_next_domain(dom, false)) { ret = add_new_provider(ctx, dom->name, 0); if (ret != EOK && ret != ENOENT) { return ret; diff --git a/src/responder/autofs/autofssrv_cmd.c b/src/responder/autofs/autofssrv_cmd.c index e1f3aeda..550c981a 100644 --- a/src/responder/autofs/autofssrv_cmd.c +++ b/src/responder/autofs/autofssrv_cmd.c @@ -627,7 +627,7 @@ lookup_automntmap_step(struct setautomntent_lookup_ctx *lookup_ctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && dctx->cmd_ctx->check_next && dom->fqnames) { - dom = dom->next; + dom = get_next_domain(dom, false); } /* No domains left to search */ @@ -666,7 +666,7 @@ lookup_automntmap_step(struct setautomntent_lookup_ctx *lookup_ctx) if (!dctx->check_provider) { if (dctx->cmd_ctx->check_next) { DEBUG(SSSDBG_TRACE_INTERNAL, ("Moving on to next domain\n")); - dom = dom->next; + dom = get_next_domain(dom, false); continue; } else break; @@ -873,8 +873,8 @@ static void lookup_automntmap_cache_updated(uint16_t err_maj, uint32_t err_min, "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg)); /* Loop to the next domain if possible */ - if (dctx->domain->next && dctx->cmd_ctx->check_next) { - dctx->domain = dctx->domain->next; + if (dctx->cmd_ctx->check_next && get_next_domain(dctx->domain, false)) { + dctx->domain = get_next_domain(dctx->domain, false); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } } diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index 5be1ea68..57d1fc8b 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -579,7 +579,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, int i; /* Populate domain-specific negative cache entries */ - for (dom = domain_list; dom; dom = dom->next) { + for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, dom->name); if (!conf_path) { @@ -667,7 +667,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } } else { - for (dom = domain_list; dom; dom = dom->next) { + for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { ret = sss_ncache_set_user(ncache, true, dom, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent user filter for" @@ -681,7 +681,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, } filter_set = false; - for (dom = domain_list; dom; dom = dom->next) { + for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, dom->name); if (!conf_path) { ret = ENOMEM; @@ -765,7 +765,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } } else { - for (dom = domain_list; dom; dom = dom->next) { + for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { ret = sss_ncache_set_group(ncache, true, dom, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent group filter for" diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 9defdba4..3a634e03 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -817,7 +817,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, return ret; } - for (dom = rctx->domains; dom; dom = dom->next) { + for (dom = rctx->domains; dom; dom = get_next_domain(dom, false)) { ret = sss_names_init(rctx->cdb, rctx->cdb, dom->name, &dom->names); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, @@ -894,7 +894,7 @@ responder_get_domain(TALLOC_CTX *sd_mem_ctx, struct resp_ctx *rctx, struct sss_domain_info *ret_dom = NULL; int i; - for (dom = rctx->domains; dom; dom = dom->next) { + for (dom = rctx->domains; dom; dom = get_next_domain(dom, false)) { if (strcasecmp(dom->name, domain) == 0 || (dom->flat_name != NULL && strcasecmp(dom->flat_name, domain) == 0)) { diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c index 7049d60a..77e2b146 100644 --- a/src/responder/common/responder_get_domains.c +++ b/src/responder/common/responder_get_domains.c @@ -192,7 +192,7 @@ struct tevent_req *sss_dp_get_domains_send(TALLOC_CTX *mem_ctx, state->dom = rctx->domains; while(state->dom != NULL && !NEED_CHECK_PROVIDER(state->dom->provider)) { - state->dom = state->dom->next; + state->dom = get_next_domain(state->dom, false); } if (state->dom == NULL) { @@ -249,11 +249,11 @@ sss_dp_get_domains_process(struct tevent_req *subreq) } /* Advance to the next domain */ - state->dom = state->dom->next; + state->dom = get_next_domain(state->dom, false); /* Skip local domains */ while(state->dom != NULL && !NEED_CHECK_PROVIDER(state->dom->provider)) { - state->dom = state->dom->next; + state->dom = get_next_domain(state->dom, false); } if (state->dom == NULL) { @@ -391,7 +391,7 @@ static errno_t check_last_request(struct resp_ctx *rctx, const char *hint) break; } } - dom = dom->next; + dom = get_next_domain(dom, false); } } diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 5ac1bacc..76b79ceb 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -120,7 +120,7 @@ void nss_update_pw_memcache(struct nss_ctx *nctx) now = time(NULL); - for (dom = nctx->rctx->domains; dom != NULL; dom = dom->next) { + for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { ret = sysdb_enumpwent(nctx, dom->sysdb, dom, &res); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -714,7 +714,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = dom->next; + dom = get_next_domain(dom, false); } if (!dom) break; @@ -743,7 +743,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) name, dom->name)); /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); continue; } /* There are no further domains or this was a @@ -780,7 +780,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); if (dom) continue; } @@ -843,8 +843,8 @@ static void nss_cmd_getpwnam_dp_callback(uint16_t err_maj, uint32_t err_min, } /* no previous results, just loop to next domain if possible */ - if (dctx->domain->next && cmdctx->check_next) { - dctx->domain = dctx->domain->next; + if (cmdctx->check_next && get_next_domain(dctx->domain, false)) { + dctx->domain = get_next_domain(dctx->domain, false); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } else { /* nothing available */ @@ -1031,28 +1031,6 @@ static void nss_cmd_getpwuid_dp_callback(uint16_t err_maj, uint32_t err_min, * anything else on a fatal error */ -struct sss_domain_info *get_next_dom_or_subdom(struct sss_domain_info *dom) -{ - /* Note that we don't know if the dom is a domain or a subdomain, - * therefore: - * - * If it is a subdomain and it doesn't have any siblings (subdomains - * of the same primary domain), return next primary domain - */ - if (dom->next == NULL && dom->parent != NULL) { - return dom->parent->next; - } - - /* If it's primary domain, the next returned should be its first - * subdomain */ - if (dom->subdomains != NULL) { - return dom->subdomains[0]; - } - - /* Any other scenario */ - return dom->next; -} - static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) { struct nss_cmd_ctx *cmdctx = dctx->cmdctx; @@ -1073,7 +1051,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) "(id out of range)\n", (unsigned long)cmdctx->id, dom->name)); if (cmdctx->check_next) { - dom = get_next_dom_or_subdom(dom); + dom = get_next_domain(dom, true); continue; } return ENOENT; @@ -1110,7 +1088,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) if (dctx->res->count == 0 && !dctx->check_provider) { /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_dom_or_subdom(dom); + dom = get_next_domain(dom, true); continue; } @@ -1170,8 +1148,8 @@ static void nss_cmd_getpwuid_dp_callback(uint16_t err_maj, uint32_t err_min, } /* no previous results, just loop to next domain if possible */ - if (dctx->domain->next && cmdctx->check_next) { - dctx->domain = dctx->domain->next; + if (cmdctx->check_next && get_next_domain(dctx->domain, false)) { + dctx->domain = get_next_domain(dctx->domain, false); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } else { /* nothing available */ @@ -1367,7 +1345,7 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = dom->next) { + for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) { if (dom->enumerate != 0) break; } state->dctx->domain = dom; @@ -1480,7 +1458,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == 0) { - dom = dom->next; + dom = get_next_domain(dom, false); } if (!dom) break; @@ -1538,13 +1516,13 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) if (ret != EOK) { DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n", dom->name)); - dom = dom->next; + dom = get_next_domain(dom, false); continue; } if (res->count == 0) { DEBUG(4, ("Domain [%s] has no users, skipping.\n", dom->name)); - dom = dom->next; + dom = get_next_domain(dom, false); continue; } @@ -1562,7 +1540,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) nctx->pctx->num++; /* do not reply until all domain searches are done */ - dom = dom->next; + dom = get_next_domain(dom, false); } /* We've finished all our lookups @@ -1859,7 +1837,7 @@ void nss_update_gr_memcache(struct nss_ctx *nctx) now = time(NULL); - for (dom = nctx->rctx->domains; dom != NULL; dom = dom->next) { + for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { ret = sysdb_enumgrent(nctx, dom->sysdb, dom, &res); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -2311,7 +2289,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = dom->next; + dom = get_next_domain(dom, false); } if (!dom) break; @@ -2340,7 +2318,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) name, dom->name)); /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); continue; } /* There are no further domains or this was a @@ -2377,7 +2355,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); if (dom) continue; } @@ -2441,8 +2419,8 @@ static void nss_cmd_getgrnam_dp_callback(uint16_t err_maj, uint32_t err_min, } /* no previous results, just loop to next domain if possible */ - if (dctx->domain->next && cmdctx->check_next) { - dctx->domain = dctx->domain->next; + if (cmdctx->check_next && get_next_domain(dctx->domain, false)) { + dctx->domain = get_next_domain(dctx->domain, false); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } else { /* nothing available */ @@ -2648,7 +2626,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx) "(id out of range)\n", (unsigned long)cmdctx->id, dom->name)); if (cmdctx->check_next) { - dom = get_next_dom_or_subdom(dom); + dom = get_next_domain(dom, true); continue; } return ENOENT; @@ -2685,7 +2663,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx) if (dctx->res->count == 0 && !dctx->check_provider) { /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_dom_or_subdom(dom); + dom = get_next_domain(dom, true); continue; } @@ -2745,8 +2723,8 @@ static void nss_cmd_getgrgid_dp_callback(uint16_t err_maj, uint32_t err_min, } /* no previous results, just loop to next domain if possible */ - if (dctx->domain->next && cmdctx->check_next) { - dctx->domain = dctx->domain->next; + if (cmdctx->check_next && get_next_domain(dctx->domain, false)) { + dctx->domain = get_next_domain(dctx->domain, false); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } else { /* nothing available */ @@ -2935,7 +2913,7 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = dom->next) { + for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) { if (dom->enumerate != 0) break; } state->dctx->domain = dom; @@ -3048,7 +3026,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == 0) { - dom = dom->next; + dom = get_next_domain(dom, false); } if (!dom) break; @@ -3106,13 +3084,13 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) if (ret != EOK) { DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n", dom->name)); - dom = dom->next; + dom = get_next_domain(dom, false); continue; } if (res->count == 0) { DEBUG(4, ("Domain [%s] has no groups, skipping.\n", dom->name)); - dom = dom->next; + dom = get_next_domain(dom, false); continue; } @@ -3130,7 +3108,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) nctx->gctx->num++; /* do not reply until all domain searches are done */ - dom = dom->next; + dom = get_next_domain(dom, false); } /* We've finished all our lookups @@ -3418,7 +3396,7 @@ void nss_update_initgr_memcache(struct nss_ctx *nctx, int ret; int i, j; - for (dom = nctx->rctx->domains; dom != NULL; dom = dom->next) { + for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { if (strcasecmp(dom->name, domain) == 0) { break; } @@ -3596,7 +3574,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = dom->next; + dom = get_next_domain(dom, false); } if (!dom) break; @@ -3625,7 +3603,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) name, dom->name)); /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); continue; } /* There are no further domains or this was a @@ -3658,7 +3636,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); if (dom) continue; } @@ -3711,8 +3689,8 @@ static void nss_cmd_initgroups_dp_callback(uint16_t err_maj, uint32_t err_min, } /* no previous results, just loop to next domain if possible */ - if (dctx->domain->next && cmdctx->check_next) { - dctx->domain = dctx->domain->next; + if (cmdctx->check_next && get_next_domain(dctx->domain, false)) { + dctx->domain = get_next_domain(dctx->domain, false); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } else { /* nothing available */ diff --git a/src/responder/nss/nsssrv_netgroup.c b/src/responder/nss/nsssrv_netgroup.c index e6debffa..30459bea 100644 --- a/src/responder/nss/nsssrv_netgroup.c +++ b/src/responder/nss/nsssrv_netgroup.c @@ -424,7 +424,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && step_ctx->check_next && dom->fqnames) { - dom = dom->next; + dom = get_next_domain(dom, false); } /* No domains left to search */ @@ -463,7 +463,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) /* This netgroup was not found in this domain */ if (!step_ctx->dctx->check_provider) { if (step_ctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); continue; } else break; @@ -494,7 +494,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) if (!step_ctx->dctx->check_provider) { if (step_ctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); continue; } else break; @@ -588,8 +588,8 @@ static void lookup_netgr_dp_callback(uint16_t err_maj, uint32_t err_min, "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg)); /* Loop to the next domain if possible */ - if (dctx->domain->next && cmdctx->check_next) { - dctx->domain = dctx->domain->next; + if (cmdctx->check_next && get_next_domain(dctx->domain, false)) { + dctx->domain = get_next_domain(dctx->domain, false); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } } diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c index dd12fa41..7b76cad8 100644 --- a/src/responder/nss/nsssrv_services.c +++ b/src/responder/nss/nsssrv_services.c @@ -99,7 +99,9 @@ getserv_send(TALLOC_CTX *mem_ctx, if (!req) return NULL; state->dctx = dctx; - for (dom = cctx->rctx->domains; dom; dom = dom->next) num_domains++; + for (dom = cctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { + num_domains++; + } /* Create an array of domains to check. To save resizes, we'll * assume that all will be checked @@ -160,7 +162,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = dom->next; + dom = get_next_domain(dom, false); } if (!dom) break; @@ -191,7 +193,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); } else { /* This was a single-domain search. * exit the loop. Since it was negatively- @@ -232,7 +234,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); } else { /* This was a single-domain search. * exit the loop. Since it was negatively- @@ -298,7 +300,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); } else { /* This was a single-domain search. * exit the loop. @@ -380,7 +382,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = dom->next; + dom = get_next_domain(dom, false); } else { /* This was a single-domain search. * exit the loop. @@ -1257,10 +1259,10 @@ setservent_send(TALLOC_CTX *mem_ctx, struct cli_ctx *cctx) * to reallocate later */ num_domains = 0; - dom = state->cctx->rctx->domains; - while (dom) { + for (dom = state->cctx->rctx->domains; + dom; + dom = get_next_domain(dom, false)) { num_domains++; - dom = dom->next; } state->nctx->svcctx->doms = talloc_zero_array(state->nctx->svcctx, @@ -1306,7 +1308,7 @@ setservent_send(TALLOC_CTX *mem_ctx, struct cli_ctx *cctx) ("Error [%s] requesting info from domain [%s]. Skipping.\n", strerror(ret), step_ctx->dctx->domain->name)); - step_ctx->dctx->domain = step_ctx->dctx->domain->next; + step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false); } /* All domains failed */ @@ -1501,7 +1503,7 @@ setservent_step_done(struct tevent_req *req) svcctx->num++; } - step_ctx->dctx->domain = step_ctx->dctx->domain->next; + step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false); while (step_ctx->dctx->domain) { /* There are more domains to check */ @@ -1515,7 +1517,7 @@ setservent_step_done(struct tevent_req *req) ("Error [%s] requesting info from domain [%s]. Skipping.\n", strerror(ret), step_ctx->dctx->domain->name)); - step_ctx->dctx->domain = step_ctx->dctx->domain->next; + step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false); } /* All domains have been checked */ diff --git a/src/responder/pac/pacsrv_utils.c b/src/responder/pac/pacsrv_utils.c index f5649724..cab58264 100644 --- a/src/responder/pac/pacsrv_utils.c +++ b/src/responder/pac/pacsrv_utils.c @@ -83,7 +83,7 @@ struct sss_domain_info *find_domain_by_id(struct sss_domain_info *domains, return NULL; } - for (dom = domains; dom; dom = dom->next) { + for (dom = domains; dom; dom = get_next_domain(dom, false)) { if (dom->domain_id == NULL) { continue; } diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index dd3637b0..d7850efa 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -1088,7 +1088,9 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) goto done; } } else { - for (dom = preq->cctx->rctx->domains; dom; dom = dom->next) { + for (dom = preq->cctx->rctx->domains; + dom; + dom = get_next_domain(dom, false)) { if (dom->fqnames) continue; ncret = sss_ncache_check_user(pctx->ncache, pctx->neg_timeout, @@ -1186,7 +1188,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && !preq->pd->domain && dom->fqnames) { - dom = dom->next; + dom = get_next_domain(dom, false); } if (!dom) break; @@ -1248,7 +1250,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) if (preq->res->count == 0) { /* if a multidomain search, try with next */ if (!preq->pd->domain) { - dom = dom->next; + dom = get_next_domain(dom, false); continue; } diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c index f83c136b..e0ce3c9b 100644 --- a/src/responder/ssh/sshsrv_cmd.c +++ b/src/responder/ssh/sshsrv_cmd.c @@ -173,7 +173,7 @@ ssh_user_pubkeys_search(struct ssh_cmd_ctx *cmd_ctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (cmd_ctx->domain && cmd_ctx->check_next && cmd_ctx->domain->fqnames) { - cmd_ctx->domain = cmd_ctx->domain->next; + cmd_ctx->domain = get_next_domain(cmd_ctx->domain, false); } if (!cmd_ctx->domain) { @@ -250,7 +250,7 @@ ssh_user_pubkeys_search_next(struct ssh_cmd_ctx *cmd_ctx) if (!res->count) { /* if a multidomain search, try with next */ if (cmd_ctx->check_next) { - cmd_ctx->domain = cmd_ctx->domain->next; + cmd_ctx->domain = get_next_domain(cmd_ctx->domain, false); return ssh_user_pubkeys_search(cmd_ctx); } @@ -303,7 +303,7 @@ ssh_host_pubkeys_search(struct ssh_cmd_ctx *cmd_ctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (cmd_ctx->domain && cmd_ctx->check_next && cmd_ctx->domain->fqnames) { - cmd_ctx->domain = cmd_ctx->domain->next; + cmd_ctx->domain = get_next_domain(cmd_ctx->domain, false); } if (!cmd_ctx->domain) { @@ -375,7 +375,7 @@ ssh_host_pubkeys_search_next(struct ssh_cmd_ctx *cmd_ctx) if (ret == ENOENT) { /* if a multidomain search, try with next */ if (cmd_ctx->check_next) { - cmd_ctx->domain = cmd_ctx->domain->next; + cmd_ctx->domain = get_next_domain(cmd_ctx->domain, false); return ssh_host_pubkeys_search(cmd_ctx); } @@ -598,7 +598,7 @@ ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx) goto done; } - for (; dom; dom = dom->next) { + for (; dom; dom = get_next_domain(dom, false)) { sysdb = dom->sysdb; if (sysdb == NULL) { DEBUG(SSSDBG_FATAL_FAILURE, diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index 8d7480be..90481ed9 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -108,7 +108,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmd_ctx->check_next && dom->fqnames) { - dom = dom->next; + dom = get_next_domain(dom, false); } if (!dom) break; @@ -155,7 +155,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmd_ctx->check_next) { dctx->check_provider = true; - dom = dom->next; + dom = get_next_domain(dom, false); if (dom) continue; } @@ -209,7 +209,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmd_ctx->check_next) { dctx->check_provider = true; - dom = dom->next; + dom = get_next_domain(dom, false); if (dom) continue; } diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c index 2fb75ad6..db6c792c 100644 --- a/src/tools/sss_cache.c +++ b/src/tools/sss_cache.c @@ -103,7 +103,7 @@ int main(int argc, const char *argv[]) goto done; } - for (dinfo = tctx->domains; dinfo; dinfo = dinfo->next) { + for (dinfo = tctx->domains; dinfo; dinfo = get_next_domain(dinfo, false)) { sysdb = dinfo->sysdb; /* Update filters for each domain */ diff --git a/src/tools/sss_debuglevel.c b/src/tools/sss_debuglevel.c index e955ec38..ce428bd9 100644 --- a/src/tools/sss_debuglevel.c +++ b/src/tools/sss_debuglevel.c @@ -253,8 +253,11 @@ errno_t get_confdb_sections(TALLOC_CTX *ctx, struct confdb_ctx *confdb, if (ret != EOK) DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to get domain list\n")); - for (domain = domain_list; domain != NULL; domain = domain->next) + for (domain = domain_list; + domain; + domain = get_next_domain(domain, false)) { domain_count++; + } /* allocate output space */ sections = talloc_array(ctx, char*, @@ -275,7 +278,9 @@ errno_t get_confdb_sections(TALLOC_CTX *ctx, struct confdb_ctx *confdb, } } - for (domain = domain_list; domain != NULL; domain = domain->next, i++) { + for (domain = domain_list; + domain; + domain = get_next_domain(domain, false), i++) { sections[i] = talloc_asprintf(tmp_ctx, CONFDB_DOMAIN_PATH_TMPL, domain->name); if (sections[i] == NULL) { diff --git a/src/util/domain_info_utils.c b/src/util/domain_info_utils.c index 1ff7c0c6..8cba7dca 100644 --- a/src/util/domain_info_utils.c +++ b/src/util/domain_info_utils.c @@ -22,6 +22,24 @@ #include "db/sysdb.h" #include "util/util.h" +struct sss_domain_info *get_next_domain(struct sss_domain_info *domain, + bool descend) +{ + struct sss_domain_info *dom; + + dom = domain; + if (descend && dom->subdomain_count > 0) { + dom = dom->subdomains[0]; + } else if (dom->next) { + dom = dom->next; + } else if (descend && dom->parent) { + dom = dom->parent->next; + } else { + dom = NULL; + } + return dom; +} + struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx, struct sss_domain_info *parent, const char *name, diff --git a/src/util/usertools.c b/src/util/usertools.c index 0a657a18..33a2a7bd 100644 --- a/src/util/usertools.c +++ b/src/util/usertools.c @@ -339,7 +339,7 @@ int sss_parse_name_for_domains(TALLOC_CTX *memctx, rname = NULL; rdomain = NULL; - for (dom = domains; dom != NULL; dom = dom->next) { + for (dom = domains; dom != NULL; dom = get_next_domain(dom, false)) { ret = sss_parse_name(tmp_ctx, dom->names, orig, &dmatch, &nmatch); if (ret == EOK) { /* @@ -397,7 +397,7 @@ int sss_parse_name_for_domains(TALLOC_CTX *memctx, goto done; } - for (dom = domains; dom != NULL; dom = dom->next) { + for (dom = domains; dom != NULL; dom = get_next_domain(dom, false)) { match = match_any_domain_or_subdomain_name(dom, rdomain); if (match != NULL) { break; diff --git a/src/util/util.h b/src/util/util.h index a2b2a2d3..de212811 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -566,6 +566,8 @@ struct sized_string { void to_sized_string(struct sized_string *out, const char *in); /* form domain_info.c */ +struct sss_domain_info *get_next_domain(struct sss_domain_info *domain, + bool descend); struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx, struct sss_domain_info *parent, const char *name, -- cgit