PAM: Check for trusted domain before sending the request to BE

https://fedorahosted.org/sssd/ticket/2501

Moving the checks to one place has the advantage of not duplicating
security decisions. Previously, the checks were scattered all over the
responder code, making testing hard.

The disadvantage is that we actually check for the presence of the user,
which might trigger some back end lookups. But I think the benefits
overweight the disadvantage.

Also only check the requested domains from a trusted client. An untrusted
client should simply have no say in what domains he wants to talk to, it
should ignore the 'domains' option.

Reviewed-by: Sumit Bose <sbose@redhat.com>

0 files changed, 0 insertions, 0 deletions