diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-01-06 13:03:34 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-01-13 18:03:20 +0100 |
commit | ccff8e75940963a0f68f86efcddc37133318abfa (patch) | |
tree | cb61ecc535235baa89f804af0e29aafc6324dd77 /src | |
parent | f00a61b6079d8de81432077a59daf015d85800d2 (diff) | |
download | sssd-ccff8e75940963a0f68f86efcddc37133318abfa.tar.gz sssd-ccff8e75940963a0f68f86efcddc37133318abfa.tar.xz sssd-ccff8e75940963a0f68f86efcddc37133318abfa.zip |
GPO: Extract server hostname after connecting
https://fedorahosted.org/sssd/ticket/2543
The LDAP URI is not valid prior to connecting to LDAP. Moreover,
reconnecting to a different server might invalidate the URI.
Move reading the URI after the connection has been established.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ad/ad_gpo.c | 58 |
1 files changed, 29 insertions, 29 deletions
diff --git a/src/providers/ad/ad_gpo.c b/src/providers/ad/ad_gpo.c index 083fc8c2c..375ef1d8a 100644 --- a/src/providers/ad/ad_gpo.c +++ b/src/providers/ad/ad_gpo.c @@ -1489,8 +1489,6 @@ ad_gpo_access_send(TALLOC_CTX *mem_ctx, struct tevent_req *req; struct tevent_req *subreq; struct ad_gpo_access_state *state; - char *server_uri; - LDAPURLDesc *lud; errno_t ret; int hret; hash_key_t key; @@ -1580,33 +1578,6 @@ ad_gpo_access_send(TALLOC_CTX *mem_ctx, goto immediately; } - /* extract server_hostname from server_uri */ - server_uri = state->conn->service->uri; - ret = ldap_url_parse(server_uri, &lud); - if (ret != LDAP_SUCCESS) { - DEBUG(SSSDBG_CRIT_FAILURE, - "Failed to parse ldap URI (%s)!\n", server_uri); - ret = EINVAL; - goto immediately; - } - - if (lud->lud_host == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, - "The LDAP URI (%s) did not contain a host name\n", server_uri); - ldap_free_urldesc(lud); - ret = EINVAL; - goto immediately; - } - - state->server_hostname = talloc_strdup(state, lud->lud_host); - ldap_free_urldesc(lud); - if (!state->server_hostname) { - ret = ENOMEM; - goto immediately; - } - DEBUG(SSSDBG_TRACE_ALL, "server_hostname from uri: %s\n", - state->server_hostname); - subreq = sdap_id_op_connect_send(state->sdap_op, state, &ret); if (subreq == NULL) { DEBUG(SSSDBG_OP_FAILURE, @@ -1666,6 +1637,8 @@ ad_gpo_connect_done(struct tevent_req *subreq) char *domain_dn; int dp_error; errno_t ret; + char *server_uri; + LDAPURLDesc *lud; const char *attrs[] = {AD_AT_DN, AD_AT_UAC, NULL}; @@ -1702,6 +1675,33 @@ ad_gpo_connect_done(struct tevent_req *subreq) } } + /* extract server_hostname from server_uri */ + server_uri = state->conn->service->uri; + ret = ldap_url_parse(server_uri, &lud); + if (ret != LDAP_SUCCESS) { + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to parse ldap URI (%s)!\n", server_uri); + ret = EINVAL; + goto done; + } + + if (lud->lud_host == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, + "The LDAP URI (%s) did not contain a host name\n", server_uri); + ldap_free_urldesc(lud); + ret = EINVAL; + goto done; + } + + state->server_hostname = talloc_strdup(state, lud->lud_host); + ldap_free_urldesc(lud); + if (!state->server_hostname) { + ret = ENOMEM; + goto done; + } + DEBUG(SSSDBG_TRACE_ALL, "server_hostname from uri: %s\n", + state->server_hostname); + sam_account_name = sss_krb5_get_primary(state, "%S$", state->ad_hostname); if (sam_account_name == NULL) { ret = ENOMEM; |