Change the way we retrieve domains

To be able to correctly filter out duplicate names when multiple non-fully
qualified domains are in use we need to be able to specify the domains order.

This is now accomplished by the configuration paramets 'domains' in the
config/domains entry. 'domains' is a comma separated list of domain names.
This paramter allows also to have disbaled domains in the configuration without
requiring to completely delete them.

The domains list is now kept in a linked list of sss_domain_info objects.
The first domain is also the "default" domain.

3 files changed, 16 insertions, 20 deletions

diff --git a/server/responder/pam/pam_LOCAL_domain.c b/server/responder/pam/pam_LOCAL_domain.c
index 49a06ff3e..28a95db8d 100644
--- a/server/responder/pam/pam_LOCAL_domain.c
+++ b/server/responder/pam/pam_LOCAL_domain.c
@@ -347,7 +347,7 @@ done:
 }
 
 int LOCAL_pam_handler(struct cli_ctx *cctx, pam_dp_callback_t callback,
-                      struct pam_data *pd)
+                      struct sss_domain_info *dom, struct pam_data *pd)
 {
     int ret;
     struct LOCAL_request *lreq=NULL;
@@ -377,8 +377,7 @@ int LOCAL_pam_handler(struct cli_ctx *cctx, pam_dp_callback_t callback,
 
     DEBUG(4, ("LOCAL pam handler.\n"));
 
-    lreq->domain_info = btreemap_get_value(lreq->cctx->rctx->domain_map,
-                                     lreq->pd->domain);
+    lreq->domain_info = dom;
     NULL_CHECK_OR_JUMP(lreq->domain_info, ("Domain info not found.\n"),
                        ret, EINVAL, done);
 
diff --git a/server/responder/pam/pam_LOCAL_domain.h b/server/responder/pam/pam_LOCAL_domain.h
index 6cac6075a..bc2064dbb 100644
--- a/server/responder/pam/pam_LOCAL_domain.h
+++ b/server/responder/pam/pam_LOCAL_domain.h
@@ -4,6 +4,6 @@
 #include "responder/pam/pamsrv.h"
 
 int LOCAL_pam_handler(struct cli_ctx *cctx, pam_dp_callback_t callback,
-                      struct pam_data *pd);
+                      struct sss_domain_info *dom, struct pam_data *pd);
 
 #endif /* __PAM_LOCAL_DOMAIN_H__ */
diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c
index 22a2b85de..db5f064fd 100644
--- a/server/responder/pam/pamsrv_cmd.c
+++ b/server/responder/pam/pamsrv_cmd.c
@@ -197,7 +197,7 @@ done:
 
 static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
 {
-    struct sss_domain_info *info;
+    struct sss_domain_info *dom;
     uint8_t *body;
     size_t blen;
     int ret;
@@ -224,30 +224,27 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
     pd->response_delay = 0;
     pd->resp_list = NULL;
 
-    if (pd->domain == NULL) {
-        if (cctx->rctx->default_domain != NULL) {
-            pd->domain = cctx->rctx->default_domain;
-        } else {
-            pd->domain = talloc_strdup(pd, "LOCAL");
-        }
-        DEBUG(4, ("Using default domain [%s].\n", pd->domain));
-    }
 
     if (pd->domain) {
-        /* Check for registered domain */
-        info = btreemap_get_value(cctx->rctx->domain_map,
-                                    (void *)(pd->domain));
-        if (!info) {
+        for (dom = cctx->rctx->domains; dom; dom = dom->next) {
+            if (strcasecmp(dom->name, pd->domain) == 0) break;
+        }
+        if (!dom) {
             talloc_free(pd);
             return EINVAL;
         }
     }
+    else {
+        DEBUG(4, ("Domain not provided, using default.\n"));
+        dom = cctx->rctx->domains;
+        pd->domain = dom->name;
+    }
 
-    if (!info->provider) {
-        return LOCAL_pam_handler(cctx, pam_reply, pd);
+    if (!dom->provider) {
+        return LOCAL_pam_handler(cctx, pam_reply, dom, pd);
     };
 
-    ret=pam_dp_send_req(cctx, pam_reply, PAM_DP_TIMEOUT, pd);
+    ret = pam_dp_send_req(cctx, pam_reply, PAM_DP_TIMEOUT, pd);
     DEBUG(4, ("pam_dp_send_req returned %d\n", ret));
 
     return ret;