diff options
Diffstat (limited to 'src/providers/ldap')
-rw-r--r-- | src/providers/ldap/ldap_common.c | 47 | ||||
-rw-r--r-- | src/providers/ldap/ldap_common.h | 27 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id.c | 10 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id_enum.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id_netgroup.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id_services.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/ldap_init.c | 45 | ||||
-rw-r--r-- | src/providers/ldap/sdap_access.c | 3 | ||||
-rw-r--r-- | src/providers/ldap/sdap_autofs.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/sdap_dyndns.c | 4 | ||||
-rw-r--r-- | src/providers/ldap/sdap_id_op.c | 63 | ||||
-rw-r--r-- | src/providers/ldap/sdap_id_op.h | 2 | ||||
-rw-r--r-- | src/providers/ldap/sdap_sudo.c | 6 |
13 files changed, 142 insertions, 73 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 1e92400d9..856c57e43 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -1628,3 +1628,50 @@ sdap_attrs_get_sid_str(TALLOC_CTX *mem_ctx, return EOK; } + +struct sdap_id_conn_ctx * +sdap_id_ctx_conn_add(struct sdap_id_ctx *id_ctx, + struct sdap_service *sdap_service) +{ + struct sdap_id_conn_ctx *conn; + errno_t ret; + + conn = talloc_zero(id_ctx, struct sdap_id_conn_ctx); + if (conn == NULL) { + return NULL; + } + conn->service = talloc_steal(conn, sdap_service); + conn->id_ctx = id_ctx; + + /* Create a connection cache */ + ret = sdap_id_conn_cache_create(conn, id_ctx, conn, &conn->conn_cache); + if (ret != EOK) { + talloc_free(conn); + return NULL; + } + DLIST_ADD_END(id_ctx->conn, conn, struct sdap_id_conn_ctx *); + + return conn; +} + +struct sdap_id_ctx * +sdap_id_ctx_new(TALLOC_CTX *mem_ctx, struct be_ctx *bectx, + struct sdap_service *sdap_service) +{ + struct sdap_id_ctx *sdap_ctx; + + sdap_ctx = talloc_zero(mem_ctx, struct sdap_id_ctx); + if (sdap_ctx == NULL) { + return NULL; + } + sdap_ctx->be = bectx; + + /* There should be at least one connection context */ + sdap_ctx->conn = sdap_id_ctx_conn_add(sdap_ctx, sdap_service); + if (sdap_ctx->conn == NULL) { + talloc_free(sdap_ctx); + return NULL; + } + + return sdap_ctx; +} diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h index 2d17b7558..8c6083541 100644 --- a/src/providers/ldap/ldap_common.h +++ b/src/providers/ldap/ldap_common.h @@ -42,17 +42,26 @@ /* a fd the child process would log into */ extern int ldap_child_debug_fd; +struct sdap_id_ctx; + +struct sdap_id_conn_ctx { + struct sdap_id_ctx *id_ctx; + + struct sdap_service *service; + /* LDAP connection cache */ + struct sdap_id_conn_cache *conn_cache; + /* dlinklist pointers */ + struct sdap_id_conn_ctx *prev, *next; +}; + struct sdap_id_ctx { struct be_ctx *be; struct sdap_options *opts; - struct fo_service *fo_service; - struct sdap_service *service; /* If using GSSAPI */ struct krb5_service *krb5_service; - - /* LDAP connection cache */ - struct sdap_id_conn_cache *conn_cache; + /* connection to a server */ + struct sdap_id_conn_ctx *conn; /* enumeration loop timer */ struct timeval last_enum; @@ -235,4 +244,12 @@ sdap_set_sasl_options(struct sdap_options *id_opts, char *default_realm, const char *keytab_path); +struct sdap_id_conn_ctx * +sdap_id_ctx_conn_add(struct sdap_id_ctx *id_ctx, + struct sdap_service *sdap_service); + +struct sdap_id_ctx * +sdap_id_ctx_new(TALLOC_CTX *mem_ctx, struct be_ctx *bectx, + struct sdap_service *sdap_service); + #endif /* _LDAP_COMMON_H_ */ diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index 13b607ac3..a7987810c 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -80,7 +80,7 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx, state->ctx = ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; @@ -403,7 +403,7 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx, state->ctx = ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; @@ -698,7 +698,7 @@ static struct tevent_req *groups_by_user_send(TALLOC_CTX *memctx, state->ctx = ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; @@ -862,7 +862,7 @@ void sdap_do_online_check(struct be_req *be_req, struct sdap_id_ctx *ctx) check_ctx->be_req = be_req; req = sdap_cli_connect_send(be_req, be_ctx->ev, ctx->opts, - be_ctx, ctx->service, false, + be_ctx, ctx->conn->service, false, CON_TLS_DFL, false); if (req == NULL) { DEBUG(1, ("sdap_cli_connect_send failed.\n")); @@ -1280,7 +1280,7 @@ static struct tevent_req *get_user_and_group_send(TALLOC_CTX *memctx, state->id_ctx = id_ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->id_ctx->conn_cache); + state->op = sdap_id_op_create(state, state->id_ctx->conn->conn_cache); if (!state->op) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/ldap_id_enum.c b/src/providers/ldap/ldap_id_enum.c index 6c5a378ed..7a2129d97 100644 --- a/src/providers/ldap/ldap_id_enum.c +++ b/src/providers/ldap/ldap_id_enum.c @@ -212,7 +212,7 @@ struct tevent_req *ldap_id_enumerate_send(struct tevent_context *ev, state->ev = ev; state->ctx = ctx; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); talloc_zfree(req); diff --git a/src/providers/ldap/ldap_id_netgroup.c b/src/providers/ldap/ldap_id_netgroup.c index 5080cfb62..6788a52e5 100644 --- a/src/providers/ldap/ldap_id_netgroup.c +++ b/src/providers/ldap/ldap_id_netgroup.c @@ -70,7 +70,7 @@ struct tevent_req *ldap_netgroup_get_send(TALLOC_CTX *memctx, state->ctx = ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/ldap_id_services.c b/src/providers/ldap/ldap_id_services.c index 5699bf0dc..5c3c53f2a 100644 --- a/src/providers/ldap/ldap_id_services.c +++ b/src/providers/ldap/ldap_id_services.c @@ -82,7 +82,7 @@ services_get_send(TALLOC_CTX *mem_ctx, state->protocol = protocol; state->filter_type = filter_type; - state->op = sdap_id_op_create(state, state->id_ctx->conn_cache); + state->op = sdap_id_op_create(state, state->id_ctx->conn->conn_cache); if (!state->op) { DEBUG(SSSDBG_MINOR_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c index f70c8f1b0..56339961d 100644 --- a/src/providers/ldap/ldap_init.c +++ b/src/providers/ldap/ldap_init.c @@ -87,11 +87,13 @@ int sssm_ldap_id_init(struct be_ctx *bectx, struct bet_ops **ops, void **pvt_data) { - struct sdap_id_ctx *ctx; + struct sdap_id_ctx *ctx = NULL; const char *urls; const char *backup_urls; const char *dns_service_name; const char *sasl_mech; + struct sdap_service *sdap_service; + struct sdap_options *opts; int ret; /* If we're already set up, just return that */ @@ -103,37 +105,40 @@ int sssm_ldap_id_init(struct be_ctx *bectx, return EOK; } - ctx = talloc_zero(bectx, struct sdap_id_ctx); - if (!ctx) return ENOMEM; - - ctx->be = bectx; - - ret = ldap_get_options(ctx, bectx->cdb, - bectx->conf_path, &ctx->opts); + ret = ldap_get_options(bectx, bectx->cdb, + bectx->conf_path, &opts); if (ret != EOK) { goto done; } - dns_service_name = dp_opt_get_string(ctx->opts->basic, + dns_service_name = dp_opt_get_string(opts->basic, SDAP_DNS_SERVICE_NAME); - DEBUG(7, ("Service name for discovery set to %s\n", dns_service_name)); + DEBUG(SSSDBG_CONF_SETTINGS, + ("Service name for discovery set to %s\n", dns_service_name)); - urls = dp_opt_get_string(ctx->opts->basic, SDAP_URI); - backup_urls = dp_opt_get_string(ctx->opts->basic, SDAP_BACKUP_URI); + urls = dp_opt_get_string(opts->basic, SDAP_URI); + backup_urls = dp_opt_get_string(opts->basic, SDAP_BACKUP_URI); - ret = sdap_service_init(ctx, ctx->be, "LDAP", + ret = sdap_service_init(bectx, bectx, "LDAP", dns_service_name, urls, backup_urls, - &ctx->service); + &sdap_service); if (ret != EOK) { - DEBUG(1, ("Failed to initialize failover service!\n")); + DEBUG(SSSDBG_OP_FAILURE, ("Failed to initialize failover service!\n")); goto done; } + ctx = sdap_id_ctx_new(bectx, bectx, sdap_service); + if (!ctx) { + ret = ENOMEM; + goto done; + } + ctx->opts = talloc_steal(ctx, opts); + sasl_mech = dp_opt_get_string(ctx->opts->basic, SDAP_SASL_MECH); if (sasl_mech && strcasecmp(sasl_mech, "GSSAPI") == 0) { if (dp_opt_get_bool(ctx->opts->basic, SDAP_KRB5_KINIT)) { ret = sdap_gssapi_init(ctx, ctx->opts->basic, - ctx->be, ctx->service, + ctx->be, ctx->conn->service, &ctx->krb5_service); if (ret != EOK) { DEBUG(1, ("sdap_gssapi_init failed [%d][%s].\n", @@ -150,11 +155,6 @@ int sssm_ldap_id_init(struct be_ctx *bectx, goto done; } - ret = sdap_id_conn_cache_create(ctx, ctx, &ctx->conn_cache); - if (ret != EOK) { - goto done; - } - /* Set up the ID mapping object */ ret = sdap_idmap_init(ctx, ctx, &ctx->opts->idmap_ctx); if (ret != EOK) goto done; @@ -185,6 +185,7 @@ int sssm_ldap_id_init(struct be_ctx *bectx, done: if (ret != EOK) { + talloc_free(opts); talloc_free(ctx); } return ret; @@ -208,7 +209,7 @@ int sssm_ldap_auth_init(struct be_ctx *bectx, ctx->be = bectx; ctx->opts = id_ctx->opts; - ctx->service = id_ctx->service; + ctx->service = id_ctx->conn->service; ctx->chpass_service = NULL; *ops = &sdap_auth_ops; diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c index 1b2f6993d..e74542346 100644 --- a/src/providers/ldap/sdap_access.c +++ b/src/providers/ldap/sdap_access.c @@ -718,7 +718,8 @@ static struct tevent_req *sdap_access_filter_send(TALLOC_CTX *mem_ctx, DEBUG(6, ("Checking filter against LDAP\n")); - state->sdap_op = sdap_id_op_create(state, state->sdap_ctx->conn_cache); + state->sdap_op = sdap_id_op_create(state, + state->sdap_ctx->conn->conn_cache); if (!state->sdap_op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/sdap_autofs.c b/src/providers/ldap/sdap_autofs.c index 0bb211aa3..e7947c9b2 100644 --- a/src/providers/ldap/sdap_autofs.c +++ b/src/providers/ldap/sdap_autofs.c @@ -154,7 +154,7 @@ sdap_autofs_get_map_send(TALLOC_CTX *mem_ctx, state->dp_error = DP_ERR_FATAL; state->map_name = map_name; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/sdap_dyndns.c b/src/providers/ldap/sdap_dyndns.c index d7e20ca4f..8fe2011d1 100644 --- a/src/providers/ldap/sdap_dyndns.c +++ b/src/providers/ldap/sdap_dyndns.c @@ -500,7 +500,7 @@ sdap_dyndns_get_addrs_send(TALLOC_CTX *mem_ctx, } /* Detect DYNDNS address from LDAP connection */ - state->sdap_op = sdap_id_op_create(state, sdap_ctx->conn_cache); + state->sdap_op = sdap_id_op_create(state, sdap_ctx->conn->conn_cache); if (!state->sdap_op) { ret = ENOMEM; DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); @@ -664,7 +664,7 @@ sdap_dyndns_timer_conn_send(TALLOC_CTX *mem_ctx, state->dyndns_ctx->timer_in_progress = true; /* Make sure to have a valid LDAP connection */ - state->sdap_op = sdap_id_op_create(state, state->sdap_ctx->conn_cache); + state->sdap_op = sdap_id_op_create(state, state->sdap_ctx->conn->conn_cache); if (state->sdap_op == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/sdap_id_op.c b/src/providers/ldap/sdap_id_op.c index 02142103b..be25b5da4 100644 --- a/src/providers/ldap/sdap_id_op.c +++ b/src/providers/ldap/sdap_id_op.c @@ -28,7 +28,7 @@ /* LDAP async connection cache */ struct sdap_id_conn_cache { - struct sdap_id_ctx *id_ctx; + struct sdap_id_conn_ctx *id_conn; /* list of all open connections */ struct sdap_id_conn_data *connections; @@ -103,6 +103,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq); /* Create a connection cache */ int sdap_id_conn_cache_create(TALLOC_CTX *memctx, struct sdap_id_ctx *id_ctx, + struct sdap_id_conn_ctx *id_conn, struct sdap_id_conn_cache** conn_cache_out) { int ret; @@ -113,9 +114,9 @@ int sdap_id_conn_cache_create(TALLOC_CTX *memctx, goto fail; } - conn_cache->id_ctx = id_ctx; + conn_cache->id_conn = id_conn; - ret = be_add_offline_cb(conn_cache, id_ctx->be, + ret = be_add_offline_cb(conn_cache, id_conn->id_ctx->be, sdap_id_conn_cache_be_offline_cb, conn_cache, NULL); if (ret != EOK) { @@ -123,7 +124,7 @@ int sdap_id_conn_cache_create(TALLOC_CTX *memctx, goto fail; } - ret = be_add_reconnect_cb(conn_cache, id_ctx->be, + ret = be_add_reconnect_cb(conn_cache, id_conn->id_ctx->be, sdap_id_conn_cache_fo_reconnect_cb, conn_cache, NULL); if (ret != EOK) { @@ -224,7 +225,7 @@ static bool sdap_can_reuse_connection(struct sdap_id_conn_data *conn_data) return false; } - timeout = dp_opt_get_int(conn_data->conn_cache->id_ctx->opts->basic, + timeout = dp_opt_get_int(conn_data->conn_cache->id_conn->id_ctx->opts->basic, SDAP_OPT_TIMEOUT); return !sdap_is_connection_expired(conn_data, timeout); } @@ -242,7 +243,7 @@ static int sdap_id_conn_data_set_expire_timer(struct sdap_id_conn_data *conn_dat return EOK; } - timeout = dp_opt_get_int(conn_data->conn_cache->id_ctx->opts->basic, + timeout = dp_opt_get_int(conn_data->conn_cache->id_conn->id_ctx->opts->basic, SDAP_OPT_TIMEOUT); if (timeout > 0) { tv.tv_sec -= timeout; @@ -255,10 +256,10 @@ static int sdap_id_conn_data_set_expire_timer(struct sdap_id_conn_data *conn_dat talloc_zfree(conn_data->expire_timer); conn_data->expire_timer = - tevent_add_timer(conn_data->conn_cache->id_ctx->be->ev, - conn_data, tv, - sdap_id_conn_data_expire_handler, - conn_data); + tevent_add_timer(conn_data->conn_cache->id_conn->id_ctx->be->ev, + conn_data, tv, + sdap_id_conn_data_expire_handler, + conn_data); if (!conn_data->expire_timer) { return ENOMEM; } @@ -349,8 +350,8 @@ static bool sdap_id_op_can_reconnect(struct sdap_id_op *op) int max_retries; int count; - count = be_fo_get_server_count(op->conn_cache->id_ctx->be, - op->conn_cache->id_ctx->service->name); + count = be_fo_get_server_count(op->conn_cache->id_conn->id_ctx->be, + op->conn_cache->id_conn->service->name); max_retries = 2 * count -1; if (max_retries < 1) { max_retries = 1; @@ -361,7 +362,7 @@ static bool sdap_id_op_can_reconnect(struct sdap_id_op *op) /* state of connect request */ struct sdap_id_op_connect_state { - struct sdap_id_ctx *id_ctx; + struct sdap_id_conn_ctx *id_conn; struct tevent_context *ev; struct sdap_id_op *op; int dp_error; @@ -411,8 +412,8 @@ struct tevent_req *sdap_id_op_connect_send(struct sdap_id_op *op, talloc_set_destructor((void*)state, sdap_id_op_connect_state_destroy); - state->id_ctx = op->conn_cache->id_ctx; - state->ev = state->id_ctx->be->ev; + state->id_conn = op->conn_cache->id_conn; + state->ev = state->id_conn->id_ctx->be->ev; state->op = op; op->connect_req = req; @@ -489,9 +490,9 @@ static int sdap_id_op_connect_step(struct tevent_req *req) conn_data->conn_cache = conn_cache; subreq = sdap_cli_connect_send(conn_data, state->ev, - state->id_ctx->opts, - state->id_ctx->be, - state->id_ctx->service, false, + state->id_conn->id_ctx->opts, + state->id_conn->id_ctx->be, + state->id_conn->service, false, CON_TLS_DFL, false); if (!subreq) { @@ -555,12 +556,12 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) /* be is going offline as there is no more servers to try */ DEBUG(1, ("Failed to connect, going offline (%d [%s])\n", ret, strerror(ret))); - be_mark_offline(conn_cache->id_ctx->be); + be_mark_offline(conn_cache->id_conn->id_ctx->be); is_offline = true; } if (ret == EOK) { - current_srv_opts = conn_cache->id_ctx->srv_opts; + current_srv_opts = conn_cache->id_conn->id_ctx->srv_opts; if (current_srv_opts) { DEBUG(8, ("Old USN: %lu, New USN: %lu\n", current_srv_opts->last_usn, srv_opts->last_usn)); @@ -579,7 +580,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) } } ret = sdap_id_conn_data_set_expire_timer(conn_data); - sdap_steal_server_opts(conn_cache->id_ctx, &srv_opts); + sdap_steal_server_opts(conn_cache->id_conn->id_ctx, &srv_opts); } if (can_retry) { @@ -596,7 +597,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) /* do not attempt to retry on errors like ENOMEM */ can_retry = false; is_offline = true; - be_mark_offline(conn_cache->id_ctx->be); + be_mark_offline(conn_cache->id_conn->id_ctx->be); break; } } @@ -635,7 +636,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) if (can_retry) { /* determining whether retry is possible */ - if (be_is_offline(conn_cache->id_ctx->be)) { + if (be_is_offline(conn_cache->id_conn->id_ctx->be)) { /* be is offline, no retry possible */ if (ret == EOK) { DEBUG(9, ("skipping automatic retry on op #%d as be is offline\n", notify_count)); @@ -686,12 +687,12 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) if ((ret == EOK) && conn_data->sh->connected && - !be_is_offline(conn_cache->id_ctx->be)) { + !be_is_offline(conn_cache->id_conn->id_ctx->be)) { DEBUG(9, ("caching successful connection after %d notifies\n", notify_count)); conn_cache->cached_connection = conn_data; /* Run any post-connection routines */ - be_run_online_cb(conn_cache->id_ctx->be); + be_run_online_cb(conn_cache->id_conn->id_ctx->be); } else { if (conn_cache->cached_connection == conn_data) { @@ -704,9 +705,9 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) if (reinit) { DEBUG(SSSDBG_TRACE_FUNC, ("Server reinitialization detected. " "Cleaning cache.\n")); - reinit_req = sdap_reinit_cleanup_send(conn_cache->id_ctx->be, - conn_cache->id_ctx->be, - conn_cache->id_ctx); + reinit_req = sdap_reinit_cleanup_send(conn_cache->id_conn->id_ctx->be, + conn_cache->id_conn->id_ctx->be, + conn_cache->id_conn->id_ctx); if (reinit_req == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to perform reinitialization " "clean up.\n")); @@ -804,14 +805,14 @@ int sdap_id_op_done(struct sdap_id_op *op, int retval, int *dp_err_out) op->conn_cache->cached_connection = NULL; DEBUG(5, ("communication error on cached connection, moving to next server\n")); - be_fo_try_next_server(op->conn_cache->id_ctx->be, - op->conn_cache->id_ctx->service->name); + be_fo_try_next_server(op->conn_cache->id_conn->id_ctx->be, + op->conn_cache->id_conn->service->name); } int dp_err; if (retval == EOK) { dp_err = DP_ERR_OK; - } else if (be_is_offline(op->conn_cache->id_ctx->be)) { + } else if (be_is_offline(op->conn_cache->id_conn->id_ctx->be)) { /* if backend is already offline, just report offline, do not duplicate errors */ dp_err = DP_ERR_OFFLINE; retval = EAGAIN; diff --git a/src/providers/ldap/sdap_id_op.h b/src/providers/ldap/sdap_id_op.h index f36037a9c..b808dd89a 100644 --- a/src/providers/ldap/sdap_id_op.h +++ b/src/providers/ldap/sdap_id_op.h @@ -26,6 +26,7 @@ #define _SDAP_ID_OP_H_ struct sdap_id_ctx; +struct sdap_id_conn_ctx; /* LDAP async connection cache */ struct sdap_id_conn_cache; @@ -38,6 +39,7 @@ struct sdap_id_op; /* Create a connection cache */ int sdap_id_conn_cache_create(TALLOC_CTX *memctx, struct sdap_id_ctx *id_ctx, + struct sdap_id_conn_ctx *id_conn, struct sdap_id_conn_cache** conn_cache_out); /* Create an operation object */ diff --git a/src/providers/ldap/sdap_sudo.c b/src/providers/ldap/sdap_sudo.c index 3472da67c..315f254a3 100644 --- a/src/providers/ldap/sdap_sudo.c +++ b/src/providers/ldap/sdap_sudo.c @@ -508,7 +508,7 @@ void sdap_sudo_handler(struct be_req *be_req) case BE_REQ_SUDO_RULES: DEBUG(SSSDBG_TRACE_FUNC, ("Issuing a refresh of specific sudo rules\n")); req = sdap_sudo_rules_refresh_send(be_req, sudo_ctx, id_ctx->be, - id_ctx->opts, id_ctx->conn_cache, + id_ctx->opts, id_ctx->conn->conn_cache, sudo_req->rules); break; default: @@ -585,7 +585,7 @@ static struct tevent_req *sdap_sudo_full_refresh_send(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_TRACE_FUNC, ("Issuing a full refresh of sudo rules\n")); subreq = sdap_sudo_refresh_send(state, id_ctx->be, id_ctx->opts, - id_ctx->conn_cache, + id_ctx->conn->conn_cache, ldap_full_filter, sysdb_filter); if (subreq == NULL) { ret = ENOMEM; @@ -901,7 +901,7 @@ static struct tevent_req *sdap_sudo_smart_refresh_send(TALLOC_CTX *mem_ctx, "(USN > %s)\n", (usn == NULL ? "0" : usn))); subreq = sdap_sudo_refresh_send(state, id_ctx->be, id_ctx->opts, - id_ctx->conn_cache, + id_ctx->conn->conn_cache, ldap_full_filter, NULL); if (subreq == NULL) { ret = ENOMEM; |