diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2015-05-01 16:26:36 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-05-28 11:06:22 +0200 |
| commit | 31bafc0d6384a30859aa18f3bd22275aec6ee2ed (patch) | |
| tree | 0317c6cb993f2cc7947e855fb4abb0961f6d165f /src/providers/ldap | |
| parent | c9db9d3e3d1a51117a64b366ec866bbeb009c57f (diff) | |
| download | sssd-31bafc0d6384a30859aa18f3bd22275aec6ee2ed.tar.gz sssd-31bafc0d6384a30859aa18f3bd22275aec6ee2ed.tar.xz sssd-31bafc0d6384a30859aa18f3bd22275aec6ee2ed.zip | |
AD GPO: Support processing referrals
For GPOs assigned to a site, it's possible that their definition
actually exists in another domain. To retrieve this information,
we need to follow the referral and perform a base search on
another domain controller.
Resolves:
https://fedorahosted.org/sssd/ticket/2645
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers/ldap')
| -rw-r--r-- | src/providers/ldap/sdap_async.c | 32 | ||||
| -rw-r--r-- | src/providers/ldap/sdap_async.h | 8 |
2 files changed, 35 insertions, 5 deletions
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index 2ffc2a170..ca70976b1 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -2006,6 +2006,10 @@ struct sdap_sd_search_state { size_t reply_count; struct sysdb_attrs **reply; struct sdap_reply sreply; + + /* Referrals returned by the search */ + size_t ref_count; + char **refs; }; static int sdap_sd_search_create_control(struct sdap_handle *sh, @@ -2137,12 +2141,26 @@ static errno_t sdap_sd_search_parse_entry(struct sdap_handle *sh, static void sdap_sd_search_done(struct tevent_req *subreq) { + int ret; + struct tevent_req *req = tevent_req_callback_data(subreq, struct tevent_req); struct sdap_sd_search_state *state = tevent_req_data(req, struct sdap_sd_search_state); - return generic_ext_search_handler(subreq, state->opts); + ret = sdap_get_generic_ext_recv(subreq, state, + &state->ref_count, + &state->refs); + talloc_zfree(subreq); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "sdap_get_generic_ext_recv failed [%d]: %s\n", + ret, sss_strerror(ret)); + tevent_req_error(req, ret); + return; + } + + tevent_req_done(req); } static int sdap_sd_search_ctrls_destructor(void *ptr) @@ -2158,7 +2176,9 @@ static int sdap_sd_search_ctrls_destructor(void *ptr) int sdap_sd_search_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, size_t *_reply_count, - struct sysdb_attrs ***_reply) + struct sysdb_attrs ***_reply, + size_t *_ref_count, + char ***_refs) { struct sdap_sd_search_state *state = tevent_req_data(req, struct sdap_sd_search_state); @@ -2167,6 +2187,14 @@ int sdap_sd_search_recv(struct tevent_req *req, *_reply_count = state->sreply.reply_count; *_reply = talloc_steal(mem_ctx, state->sreply.reply); + if(_ref_count) { + *_ref_count = state->ref_count; + } + + if (_refs) { + *_refs = talloc_steal(mem_ctx, state->refs); + } + return EOK; } diff --git a/src/providers/ldap/sdap_async.h b/src/providers/ldap/sdap_async.h index f2ea9bf2e..b5db64d7f 100644 --- a/src/providers/ldap/sdap_async.h +++ b/src/providers/ldap/sdap_async.h @@ -251,9 +251,11 @@ sdap_sd_search_send(TALLOC_CTX *memctx, const char **attrs, int timeout); int sdap_sd_search_recv(struct tevent_req *req, - TALLOC_CTX *mem_ctx, - size_t *reply_count, - struct sysdb_attrs ***reply); + TALLOC_CTX *mem_ctx, + size_t *_reply_count, + struct sysdb_attrs ***_reply, + size_t *_ref_count, + char ***_refs); errno_t sdap_attrs_add_ldap_attr(struct sysdb_attrs *ldap_attrs, |