LDAP: Amend sdap_access_check to allow any connection

Related: https://fedorahosted.org/sssd/ticket/2082 Also move the check for subdomain to the handler. I think it is the job of the handler to decide which domain the request belongs to, not the request itself.
author: Jakub Hrozek <jhrozek@redhat.com> 2013-10-06 20:23:07 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2013-10-25 21:02:43 +0200
commit: 443eb8217741df57d9f58f2098487b91e3404e71 (patch)
tree: 013d5921211dbcd981394218c692d769f2d9adef /src/providers/ad/ad_access.c
parent: f64296c40e07614668c4ac4c978bc8980fb6a7db (diff)
download: sssd-443eb8217741df57d9f58f2098487b91e3404e71.tar.gz
sssd-443eb8217741df57d9f58f2098487b91e3404e71.tar.xz
sssd-443eb8217741df57d9f58f2098487b91e3404e71.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/providers/ad/ad_access.c b/src/providers/ad/ad_access.c
index 746017dc5..cf6412f22 100644
--- a/src/providers/ad/ad_access.c
+++ b/src/providers/ad/ad_access.c
@@ -56,7 +56,9 @@ ad_access_handler(struct be_req *breq)
 
     /* Verify that the account is not locked */
     req = sdap_access_send(breq, be_ctx->ev, be_ctx, domain,
-                           access_ctx->sdap_access_ctx, pd);
+                           access_ctx->sdap_access_ctx,
+                           access_ctx->sdap_access_ctx->id_ctx->conn,
+                           pd);
     if (!req) {
         be_req_terminate(breq, DP_ERR_FATAL, PAM_SYSTEM_ERR, NULL);
         return;
author	Jakub Hrozek <jhrozek@redhat.com>	2013-10-06 20:23:07 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2013-10-25 21:02:43 +0200
commit	443eb8217741df57d9f58f2098487b91e3404e71 (patch)
tree	013d5921211dbcd981394218c692d769f2d9adef /src/providers/ad/ad_access.c
parent	f64296c40e07614668c4ac4c978bc8980fb6a7db (diff)
download	sssd-443eb8217741df57d9f58f2098487b91e3404e71.tar.gz sssd-443eb8217741df57d9f58f2098487b91e3404e71.tar.xz sssd-443eb8217741df57d9f58f2098487b91e3404e71.zip