IPA: Initialize server mode ctx if server mode is on

This patch introduces a new structure that holds information about a
subdomain and its ad_id_ctx. This structure will be used only in server
mode to make it possible to search subdomains with a particular
ad_id_ctx.

Subtask of:
https://fedorahosted.org/sssd/ticket/1962

4 files changed, 62 insertions, 0 deletions

diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h
index 43ccb8e0a..2af20e1de 100644
--- a/src/providers/ipa/ipa_common.h
+++ b/src/providers/ipa/ipa_common.h
@@ -112,9 +112,14 @@ struct ipa_auth_ctx {
     struct dp_option *ipa_options;
 };
 
+/* In server mode, each subdomain corresponds to an AD context */
+
 struct ipa_id_ctx {
     struct sdap_id_ctx *sdap_id_ctx;
     struct ipa_options *ipa_options;
+
+    /* Only used with server mode */
+    struct ipa_server_mode_ctx *server_mode;
 };
 
 struct ipa_options {
diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c
index 7297fc936..fe13b1872 100644
--- a/src/providers/ipa/ipa_init.c
+++ b/src/providers/ipa/ipa_init.c
@@ -528,6 +528,12 @@ int sssm_ipa_subdomains_init(struct be_ctx *bectx,
         return ret;
     }
 
+    ret = ipa_ad_subdom_init(bectx, id_ctx);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_CRIT_FAILURE, ("ipa_ad_subdom_init failed.\n"));
+        return ret;
+    }
+
     return EOK;
 }
 
diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c
index a67526c83..652726daf 100644
--- a/src/providers/ipa/ipa_subdomains.c
+++ b/src/providers/ipa/ipa_subdomains.c
@@ -925,3 +925,36 @@ int ipa_subdom_init(struct be_ctx *be_ctx,
 
     return EOK;
 }
+
+int ipa_ad_subdom_init(struct be_ctx *be_ctx,
+                       struct ipa_id_ctx *id_ctx)
+{
+    char *realm;
+    char *hostname;
+
+    if (dp_opt_get_bool(id_ctx->ipa_options->basic,
+                        IPA_SERVER_MODE) == false) {
+        return EOK;
+    }
+
+    realm = dp_opt_get_string(id_ctx->ipa_options->basic, IPA_KRB5_REALM);
+    if (realm == NULL) {
+        DEBUG(SSSDBG_CRIT_FAILURE, ("No Kerberos realm for IPA?\n"));
+        return EINVAL;
+    }
+
+    hostname = dp_opt_get_string(id_ctx->ipa_options->basic, IPA_HOSTNAME);
+    if (hostname == NULL) {
+        DEBUG(SSSDBG_CRIT_FAILURE, ("No host name for IPA?\n"));
+        return EINVAL;
+    }
+
+    id_ctx->server_mode = talloc(id_ctx, struct ipa_server_mode_ctx);
+    if (id_ctx->server_mode == NULL) {
+        return ENOMEM;
+    }
+    id_ctx->server_mode->realm = realm;
+    id_ctx->server_mode->hostname = hostname;
+
+    return EOK;
+}
diff --git a/src/providers/ipa/ipa_subdomains.h b/src/providers/ipa/ipa_subdomains.h
index c9ab82a25..315ce9e06 100644
--- a/src/providers/ipa/ipa_subdomains.h
+++ b/src/providers/ipa/ipa_subdomains.h
@@ -38,6 +38,24 @@ int ipa_subdom_init(struct be_ctx *be_ctx,
                     struct bet_ops **ops,
                     void **pvt_data);
 
+/* The following are used in server mode only */
+struct ipa_ad_server_ctx {
+    struct sss_domain_info *dom;
+    struct ad_id_ctx *ad_id_ctx;
+
+    struct ipa_ad_server_ctx *next, *prev;
+};
+
+struct ipa_server_mode_ctx {
+    const char *realm;
+    const char *hostname;
+
+    struct ipa_ad_server_ctx *trusts;
+};
+
+int ipa_ad_subdom_init(struct be_ctx *be_ctx,
+                       struct ipa_id_ctx *id_ctx);
+
 enum req_input_type {
     REQ_INP_NAME,
     REQ_INP_ID,