diff options
author | Pavel Březina <pbrezina@redhat.com> | 2013-09-10 14:45:52 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-10-30 22:45:26 +0100 |
commit | c704c35ae7ab3861c78371437e3a9ed06ba93d8b (patch) | |
tree | 43cf9189a4a9777fafa76c29989cfd8568ec62bd /src/providers/ldap/ldap_common.c | |
parent | 76da70d5a5b5b05b926840d7692a31915d3ca8eb (diff) | |
download | sssd-c704c35ae7ab3861c78371437e3a9ed06ba93d8b.tar.gz sssd-c704c35ae7ab3861c78371437e3a9ed06ba93d8b.tar.xz sssd-c704c35ae7ab3861c78371437e3a9ed06ba93d8b.zip |
sdap: store base dn in sdap_domain
Groups may contain members from different domains. Remembering
base dn in domain object gives us the ability to simply lookup
correct domain by comparing object dn with domain base dn.
Resolves:
https://fedorahosted.org/sssd/ticket/2064
Diffstat (limited to 'src/providers/ldap/ldap_common.c')
-rw-r--r-- | src/providers/ldap/ldap_common.c | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 7192740b6..e632efccc 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -69,6 +69,7 @@ sdap_domain_add(struct sdap_options *opts, struct sdap_domain **_sdom) { struct sdap_domain *sdom; + errno_t ret; sdom = talloc_zero(opts, struct sdap_domain); if (sdom == NULL) { @@ -77,11 +78,27 @@ sdap_domain_add(struct sdap_options *opts, sdom->dom = dom; sdom->head = &opts->sdom; + /* Convert the domain name into search base */ + ret = domain_to_basedn(sdom, sdom->dom->name, &sdom->basedn); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + ("Cannot convert domain name [%s] to base DN [%d]: %s\n", + dom->name, ret, strerror(ret))); + goto done; + } + talloc_set_destructor((TALLOC_CTX *)sdom, sdap_domain_destructor); DLIST_ADD_END(opts->sdom, sdom, struct sdap_domain *); if (_sdom) *_sdom = sdom; - return EOK; + ret = EOK; + +done: + if (ret != EOK) { + talloc_free(sdom); + } + + return ret; } errno_t @@ -91,7 +108,6 @@ sdap_domain_subdom_add(struct sdap_id_ctx *sdap_id_ctx, { struct sss_domain_info *dom; struct sdap_domain *sdom, *sditer; - char *basedn; errno_t ret; for (dom = get_next_domain(parent, true); @@ -120,16 +136,6 @@ sdap_domain_subdom_add(struct sdap_id_ctx *sdap_id_ctx, sdom = sditer; } - /* Convert the domain name into search base */ - ret = domain_to_basedn(sdom, sdom->dom->name, &basedn); - if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, - ("Cannot convert domain name [%s] to base DN [%d]: %s\n", - dom->name, ret, strerror(ret))); - talloc_free(basedn); - return ret; - } - /* Update search bases */ talloc_zfree(sdom->search_bases); sdom->search_bases = talloc_array(sdom, struct sdap_search_base *, 2); @@ -138,9 +144,8 @@ sdap_domain_subdom_add(struct sdap_id_ctx *sdap_id_ctx, } sdom->search_bases[1] = NULL; - ret = sdap_create_search_base(sdom, basedn, LDAP_SCOPE_SUBTREE, NULL, - &sdom->search_bases[0]); - talloc_free(basedn); + ret = sdap_create_search_base(sdom, sdom->basedn, LDAP_SCOPE_SUBTREE, + NULL, &sdom->search_bases[0]); if (ret) { DEBUG(SSSDBG_OP_FAILURE, ("Cannot create new sdap search base\n")); return ret; |