diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2015-04-14 21:50:36 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-04-15 17:43:10 +0200 |
| commit | b800d07991839c1047f10398f979e01e5543d0a7 (patch) | |
| tree | b0925c11de23e55c262bab651733eb9ff1a8739a | |
| parent | 9fadb9c95da9175c4a312690d7d06908c1f7e424 (diff) | |
| download | sssd-b800d07991839c1047f10398f979e01e5543d0a7.tar.gz sssd-b800d07991839c1047f10398f979e01e5543d0a7.tar.xz sssd-b800d07991839c1047f10398f979e01e5543d0a7.zip | |
AD: Always get domain-specific ID connection
ad_get_dom_ldap_conn() assumed that ad_ctx->ldap_ctx always points at
the LDAP connection for the primary domain, however it turns out that
this is not always the case. It's currently unclear why, but this
connection can sometimes be pointing at a subdomain. Since the value of
subdom_id_ctx->ldap_ctx always points to the correct domain (including
the primary domain case), there's no benefit to trying to shortcut to
the ad_ctx->ldap_ctx when performing this lookup.
This patch also makes a minor tweak to the tests so that the primary
domain passes the sdap_domain_get() check for validity (since it needs
to have a private member assigned).
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit e2bd4f8a41b72aea0712ad21ad02ccebb707f536)
(cherry picked from commit 89a706acf3131bbe8c0aefa9c740dd44e892754f)
| -rw-r--r-- | src/providers/ad/ad_common.c | 18 | ||||
| -rw-r--r-- | src/tests/cmocka/test_ad_common.c | 1 |
2 files changed, 8 insertions, 11 deletions
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c index 120878977..5eeb8dd74 100644 --- a/src/providers/ad/ad_common.c +++ b/src/providers/ad/ad_common.c @@ -1140,18 +1140,14 @@ ad_get_dom_ldap_conn(struct ad_id_ctx *ad_ctx, struct sss_domain_info *dom) struct sdap_domain *sdom; struct ad_id_ctx *subdom_id_ctx; - if (IS_SUBDOMAIN(dom)) { - sdom = sdap_domain_get(ad_ctx->sdap_id_ctx->opts, dom); - if (sdom == NULL || sdom->pvt == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, "No ID ctx available for [%s].\n", - dom->name); - return NULL; - } - subdom_id_ctx = talloc_get_type(sdom->pvt, struct ad_id_ctx); - conn = subdom_id_ctx->ldap_ctx; - } else { - conn = ad_ctx->ldap_ctx; + sdom = sdap_domain_get(ad_ctx->sdap_id_ctx->opts, dom); + if (sdom == NULL || sdom->pvt == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "No ID ctx available for [%s].\n", + dom->name); + return NULL; } + subdom_id_ctx = talloc_get_type(sdom->pvt, struct ad_id_ctx); + conn = subdom_id_ctx->ldap_ctx; return conn; } diff --git a/src/tests/cmocka/test_ad_common.c b/src/tests/cmocka/test_ad_common.c index 19a4d395b..1c44bc34b 100644 --- a/src/tests/cmocka/test_ad_common.c +++ b/src/tests/cmocka/test_ad_common.c @@ -94,6 +94,7 @@ ad_common_test_setup(void **state) ret = sdap_domain_add(ad_ctx->sdap_id_ctx->opts, test_ctx->dom, &sdom); assert_int_equal(ret, EOK); + sdom->pvt = ad_ctx; subdom_ad_ctx = talloc_zero(test_ctx, struct ad_id_ctx); assert_non_null(subdom_ad_ctx); |