diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-10-01 13:13:05 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-10-07 12:42:03 +0200 |
commit | 309aa83d16b5919f727af04850bcd0799ba0962f (patch) | |
tree | 8ba57574ae0a09f25a0087655be8af13fc348859 /src/providers/ad | |
parent | d8899526551cbfe112e0ecc8280003a8349fc531 (diff) | |
download | sssd-309aa83d16b5919f727af04850bcd0799ba0962f.tar.gz sssd-309aa83d16b5919f727af04850bcd0799ba0962f.tar.xz sssd-309aa83d16b5919f727af04850bcd0799ba0962f.zip |
AD: Provide common connection list construction functions
https://fedorahosted.org/sssd/ticket/2810
Provides a new AD common function ad_ldap_conn_list() that creates a
list of AD connection to use along with properties to avoid mistakes
when manually constructing these lists.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src/providers/ad')
-rw-r--r-- | src/providers/ad/ad_common.c | 26 | ||||
-rw-r--r-- | src/providers/ad/ad_common.h | 5 | ||||
-rw-r--r-- | src/providers/ad/ad_id.c | 17 |
3 files changed, 32 insertions, 16 deletions
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c index 88f36f8ea..7d46af4a4 100644 --- a/src/providers/ad/ad_common.c +++ b/src/providers/ad/ad_common.c @@ -1237,6 +1237,14 @@ ad_get_dom_ldap_conn(struct ad_id_ctx *ad_ctx, struct sss_domain_info *dom) subdom_id_ctx = talloc_get_type(sdom->pvt, struct ad_id_ctx); conn = subdom_id_ctx->ldap_ctx; + if (IS_SUBDOMAIN(sdom->dom) == true && conn != NULL) { + /* Regardless of connection types, a subdomain error must not be + * allowed to set the whole back end offline, rather report an error + * and let the caller deal with it (normally disable the subdomain + */ + conn->ignore_mark_offline = true; + } + return conn; } @@ -1261,3 +1269,21 @@ ad_gc_conn_list(TALLOC_CTX *mem_ctx, struct ad_id_ctx *ad_ctx, return clist; } + +struct sdap_id_conn_ctx ** +ad_ldap_conn_list(TALLOC_CTX *mem_ctx, + struct ad_id_ctx *ad_ctx, + struct sss_domain_info *dom) +{ + struct sdap_id_conn_ctx **clist; + + clist = talloc_zero_array(mem_ctx, struct sdap_id_conn_ctx *, 2); + if (clist == NULL) { + return NULL; + } + + clist[0] = ad_get_dom_ldap_conn(ad_ctx, dom); + + clist[1] = NULL; + return clist; +} diff --git a/src/providers/ad/ad_common.h b/src/providers/ad/ad_common.h index 817f5b42c..701e46198 100644 --- a/src/providers/ad/ad_common.h +++ b/src/providers/ad/ad_common.h @@ -148,6 +148,11 @@ struct sdap_id_conn_ctx ** ad_gc_conn_list(TALLOC_CTX *mem_ctx, struct ad_id_ctx *ad_ctx, struct sss_domain_info *dom); +struct sdap_id_conn_ctx ** +ad_ldap_conn_list(TALLOC_CTX *mem_ctx, + struct ad_id_ctx *ad_ctx, + struct sss_domain_info *dom); + struct sdap_id_conn_ctx * ad_get_dom_ldap_conn(struct ad_id_ctx *ad_ctx, struct sss_domain_info *dom); diff --git a/src/providers/ad/ad_id.c b/src/providers/ad/ad_id.c index ecaf6c993..be0cb3b12 100644 --- a/src/providers/ad/ad_id.c +++ b/src/providers/ad/ad_id.c @@ -269,29 +269,14 @@ get_conn_list(struct be_req *breq, struct ad_id_ctx *ad_ctx, case BE_REQ_GROUP: /* group */ case BE_REQ_INITGROUPS: /* init groups for user */ clist = ad_gc_conn_list(breq, ad_ctx, dom); - if (clist == NULL) return NULL; break; default: /* Requests for other object should only contact LDAP by default */ - clist = talloc_zero_array(breq, struct sdap_id_conn_ctx *, 2); - if (clist == NULL) return NULL; - - clist[0] = ad_ctx->ldap_ctx; - clist[1] = NULL; + clist = ad_ldap_conn_list(breq, ad_ctx, dom); break; } - /* Regardless of connection types, a subdomain error must not be allowed - * to set the whole back end offline, rather report an error and let the - * caller deal with it (normally disable the subdomain - */ - if (IS_SUBDOMAIN(dom)) { - for (cindex = 0; clist[cindex] != NULL; cindex++) { - clist[cindex]->ignore_mark_offline = true; - } - } - return clist; } |