diff options
| author | Sumit Bose <sbose@redhat.com> | 2012-10-19 18:28:41 +0200 |
|---|---|---|
| committer | Sumit Bose <sbose@redhat.com> | 2012-10-26 10:32:05 +0200 |
| commit | d29e91321d175dce94d87c23a44ced40d265de2c (patch) | |
| tree | 66025c86ad9a2ae8a76b37603c6db091aba70d6f /src/providers/krb5/krb5_utils.c | |
| parent | d9137b153f1266ee5659405b2d7bc11787dad817 (diff) | |
| download | sssd-d29e91321d175dce94d87c23a44ced40d265de2c.tar.gz sssd-d29e91321d175dce94d87c23a44ced40d265de2c.tar.xz sssd-d29e91321d175dce94d87c23a44ced40d265de2c.zip | |
krb5_auth_send: check for sub-domains
If there is an authentication request for a user from a sub-domain a
temporary sysdb context is generated to allow lookups in the
corresponding sub-tree in the cache.
Diffstat (limited to 'src/providers/krb5/krb5_utils.c')
| -rw-r--r-- | src/providers/krb5/krb5_utils.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c index 73a711d91..7a68b0f4c 100644 --- a/src/providers/krb5/krb5_utils.c +++ b/src/providers/krb5/krb5_utils.c @@ -1031,3 +1031,22 @@ struct sss_krb5_cc_be dir_cc = { }; #endif /* HAVE_KRB5_DIRCACHE */ + +errno_t get_domain_or_subdomain(TALLOC_CTX *mem_ctx, struct be_ctx *be_ctx, + char *domain_name, + struct sss_domain_info **dom) +{ + + if (domain_name != NULL && + strcasecmp(domain_name, be_ctx->domain->name) != 0) { + *dom = new_subdomain(mem_ctx, be_ctx->domain, domain_name, NULL, NULL); + if (*dom == NULL) { + DEBUG(SSSDBG_OP_FAILURE, ("new_subdomain failed.\n")); + return ENOMEM; + } + } else { + *dom = be_ctx->domain; + } + + return EOK; +} |