diff options
| author | Sumit Bose <sbose@redhat.com> | 2012-10-19 18:28:41 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-11-05 00:14:05 +0100 |
| commit | f301ab3bd5959a796f2e88aa29fe40471a800e78 (patch) | |
| tree | bc3018b82374ed1fea2fbc3f076bf4971b7e1285 /src/providers/krb5/krb5_utils.c | |
| parent | dcc133e6357e321d101cf39a2999901e33ae988e (diff) | |
| download | sssd-f301ab3bd5959a796f2e88aa29fe40471a800e78.tar.gz sssd-f301ab3bd5959a796f2e88aa29fe40471a800e78.tar.xz sssd-f301ab3bd5959a796f2e88aa29fe40471a800e78.zip | |
krb5_auth_send: check for sub-domains
If there is an authentication request for a user from a sub-domain a
temporary sysdb context is generated to allow lookups in the
corresponding sub-tree in the cache.
Diffstat (limited to 'src/providers/krb5/krb5_utils.c')
| -rw-r--r-- | src/providers/krb5/krb5_utils.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c index 73a711d91..7a68b0f4c 100644 --- a/src/providers/krb5/krb5_utils.c +++ b/src/providers/krb5/krb5_utils.c @@ -1031,3 +1031,22 @@ struct sss_krb5_cc_be dir_cc = { }; #endif /* HAVE_KRB5_DIRCACHE */ + +errno_t get_domain_or_subdomain(TALLOC_CTX *mem_ctx, struct be_ctx *be_ctx, + char *domain_name, + struct sss_domain_info **dom) +{ + + if (domain_name != NULL && + strcasecmp(domain_name, be_ctx->domain->name) != 0) { + *dom = new_subdomain(mem_ctx, be_ctx->domain, domain_name, NULL, NULL); + if (*dom == NULL) { + DEBUG(SSSDBG_OP_FAILURE, ("new_subdomain failed.\n")); + return ENOMEM; + } + } else { + *dom = be_ctx->domain; + } + + return EOK; +} |