diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-04-07 13:06:56 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-04-08 15:15:07 +0200 |
commit | 450c2b78ff0bd5044c4c73f32ca8459b211dd446 (patch) | |
tree | 2fb2bf4a9edcdf794cc4358d10843632e6c4c9ec /src | |
parent | 98d45a51dbf8311500eb844429e0f174250b4ab0 (diff) | |
download | sssd-450c2b78ff0bd5044c4c73f32ca8459b211dd446.tar.gz sssd-450c2b78ff0bd5044c4c73f32ca8459b211dd446.tar.xz sssd-450c2b78ff0bd5044c4c73f32ca8459b211dd446.zip |
LDAP: Set sdap handle as explicitly connected in LDAP auth
In case SSSD is set with id_provider=proxy and auth_provider=ldap, the
LDAP provider is not used to retrieve the user info with the
higher-level calls, but the lower-level connection establishment is used
instead. In this case, we need to make sure to mark the connection as
explicitly connected to be notified about results of looking up the DN.
Resolves:
https://fedorahosted.org/sssd/ticket/2620
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ldap/ldap_auth.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index 6ee570bba..817179426 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -762,6 +762,18 @@ static void auth_connect_done(struct tevent_req *subreq) state->srv, PORT_WORKING); } + /* In case the ID provider is set to proxy, this might be the first + * LDAP operation at all, so we need to set the connection status + */ + if (state->sh->connected == false) { + ret = sdap_set_connected(state->sh, state->ev); + if (ret) { + DEBUG(SSSDBG_OP_FAILURE, "Cannot set connected status\n"); + tevent_req_error(req, ret); + return; + } + } + ret = get_user_dn(state, state->ctx->be->domain, state->ctx->opts, state->username, &state->dn, &state->pw_expire_type, &state->pw_expire_data); |