diff options
Diffstat (limited to 'src/responder')
-rw-r--r-- | src/responder/autofs/autofssrv_cmd.c | 6 | ||||
-rw-r--r-- | src/responder/common/negcache.c | 8 | ||||
-rw-r--r-- | src/responder/common/responder_cache_req.c | 7 | ||||
-rw-r--r-- | src/responder/common/responder_common.c | 8 | ||||
-rw-r--r-- | src/responder/common/responder_get_domains.c | 9 | ||||
-rw-r--r-- | src/responder/ifp/ifp_cache.c | 2 | ||||
-rw-r--r-- | src/responder/ifp/ifp_domains.c | 9 | ||||
-rw-r--r-- | src/responder/ifp/ifp_groups.c | 2 | ||||
-rw-r--r-- | src/responder/ifp/ifp_users.c | 2 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 85 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_netgroup.c | 8 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_services.c | 20 | ||||
-rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 6 | ||||
-rw-r--r-- | src/responder/sudo/sudosrv_get_sudorules.c | 6 |
14 files changed, 93 insertions, 85 deletions
diff --git a/src/responder/autofs/autofssrv_cmd.c b/src/responder/autofs/autofssrv_cmd.c index 27b6617c2..82f2f8647 100644 --- a/src/responder/autofs/autofssrv_cmd.c +++ b/src/responder/autofs/autofssrv_cmd.c @@ -661,7 +661,7 @@ lookup_automntmap_step(struct setautomntent_lookup_ctx *lookup_ctx) if (!dctx->check_provider) { if (dctx->cmd_ctx->check_next) { DEBUG(SSSDBG_TRACE_INTERNAL, "Moving on to next domain\n"); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } else break; @@ -868,8 +868,8 @@ static void lookup_automntmap_cache_updated(uint16_t err_maj, uint32_t err_min, "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); /* Loop to the next domain if possible */ - if (dctx->cmd_ctx->check_next && get_next_domain(dctx->domain, false)) { - dctx->domain = get_next_domain(dctx->domain, false); + if (dctx->cmd_ctx->check_next && get_next_domain(dctx->domain, 0)) { + dctx->domain = get_next_domain(dctx->domain, 0); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } } diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index fc482c411..f7af9e028 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -664,7 +664,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, int i; /* Populate domain-specific negative cache entries */ - for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { + for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, dom->name); if (!conf_path) { @@ -765,7 +765,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } } else { - for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { + for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { ret = sss_ncache_set_user(ncache, true, dom, name); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -780,7 +780,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, } filter_set = false; - for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { + for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, dom->name); if (!conf_path) { ret = ENOMEM; @@ -873,7 +873,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } } else { - for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { + for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { ret = sss_ncache_set_group(ncache, true, dom, name); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c index ab73401b3..fc63f84f1 100644 --- a/src/responder/common/responder_cache_req.c +++ b/src/responder/common/responder_cache_req.c @@ -983,7 +983,7 @@ static errno_t cache_req_next_domain(struct tevent_req *req) while (state->domain != NULL && state->check_next && state->domain->fqnames && !cache_req_input_is_upn(state->input)) { - state->domain = get_next_domain(state->domain, false); + state->domain = get_next_domain(state->domain, 0); } state->selected_domain = state->domain; @@ -1011,9 +1011,10 @@ static errno_t cache_req_next_domain(struct tevent_req *req) /* we will continue with the following domain the next time */ if (state->check_next) { if (cache_req_input_is_upn(state->input)) { - state->domain = get_next_domain(state->domain, true); + state->domain = get_next_domain(state->domain, + SSS_GND_DESCEND); } else { - state->domain = get_next_domain(state->domain, false); + state->domain = get_next_domain(state->domain, 0); } } diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index ebb30a458..a7e198cc5 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -845,7 +845,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, goto fail; } - for (dom = rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = rctx->domains; dom; dom = get_next_domain(dom, 0)) { ret = sss_names_init(rctx->cdb, rctx->cdb, dom->name, &dom->names); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, @@ -923,7 +923,8 @@ responder_get_domain(struct resp_ctx *rctx, const char *name) struct sss_domain_info *dom; struct sss_domain_info *ret_dom = NULL; - for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (sss_domain_get_state(dom) == DOM_DISABLED) { continue; } @@ -958,7 +959,8 @@ errno_t responder_get_domain_by_id(struct resp_ctx *rctx, const char *id, id_len = strlen(id); - for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (sss_domain_get_state(dom) == DOM_DISABLED || dom->domain_id == NULL) { continue; diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c index 7fd0b48ee..6b354d8b2 100644 --- a/src/responder/common/responder_get_domains.c +++ b/src/responder/common/responder_get_domains.c @@ -186,7 +186,7 @@ struct tevent_req *sss_dp_get_domains_send(TALLOC_CTX *mem_ctx, state->dom = rctx->domains; while(state->dom != NULL && !NEED_CHECK_PROVIDER(state->dom->provider)) { - state->dom = get_next_domain(state->dom, false); + state->dom = get_next_domain(state->dom, 0); } if (state->dom == NULL) { @@ -242,11 +242,11 @@ sss_dp_get_domains_process(struct tevent_req *subreq) } /* Advance to the next domain */ - state->dom = get_next_domain(state->dom, false); + state->dom = get_next_domain(state->dom, 0); /* Skip local domains */ while(state->dom != NULL && !NEED_CHECK_PROVIDER(state->dom->provider)) { - state->dom = get_next_domain(state->dom, false); + state->dom = get_next_domain(state->dom, 0); } if (state->dom == NULL) { @@ -345,7 +345,8 @@ static errno_t check_last_request(struct resp_ctx *rctx, const char *hint) } if (hint != NULL) { - for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (!IS_SUBDOMAIN(dom)) { diff = now - dom->subdomains_last_checked.tv_sec; /* not a subdomain */ diff --git a/src/responder/ifp/ifp_cache.c b/src/responder/ifp/ifp_cache.c index a109ac05d..8ea2d8008 100644 --- a/src/responder/ifp/ifp_cache.c +++ b/src/responder/ifp/ifp_cache.c @@ -190,7 +190,7 @@ errno_t ifp_cache_list_domains(TALLOC_CTX *mem_ctx, num_paths += num_tmp_paths; - domain = get_next_domain(domain, true); + domain = get_next_domain(domain, SSS_GND_DESCEND); } if (_paths != NULL) { diff --git a/src/responder/ifp/ifp_domains.c b/src/responder/ifp/ifp_domains.c index 360576687..5ad9952c9 100644 --- a/src/responder/ifp/ifp_domains.c +++ b/src/responder/ifp/ifp_domains.c @@ -111,7 +111,7 @@ static void ifp_list_domains_process(struct tevent_req *req) num_domains = 0; for (dom = ireq->ifp_ctx->rctx->domains; dom != NULL; - dom = get_next_domain(dom, true)) { + dom = get_next_domain(dom, SSS_GND_DESCEND)) { num_domains++; } @@ -124,7 +124,7 @@ static void ifp_list_domains_process(struct tevent_req *req) pi = 0; for (dom = ireq->ifp_ctx->rctx->domains; dom != NULL; - dom = get_next_domain(dom, true)) { + dom = get_next_domain(dom, SSS_GND_DESCEND)) { p = sbus_opath_compose(ireq, IFP_PATH_DOMAINS, dom->name); if (p == NULL) { DEBUG(SSSDBG_MINOR_FAILURE, @@ -221,7 +221,7 @@ static void ifp_find_domain_by_name_process(struct tevent_req *req) /* Reply with the domain that was asked for */ for (iter = ireq->ifp_ctx->rctx->domains; iter != NULL; - iter = get_next_domain(iter, true)) { + iter = get_next_domain(iter, SSS_GND_DESCEND)) { if (strcasecmp(iter->name, state->name) == 0) { break; } @@ -271,7 +271,8 @@ get_domain_info_from_req(struct sbus_request *dbus_req, void *data) DEBUG(SSSDBG_TRACE_INTERNAL, "Looking for domain %s\n", name); domains = ctx->rctx->domains; - for (iter = domains; iter != NULL; iter = get_next_domain(iter, true)) { + for (iter = domains; iter != NULL; + iter = get_next_domain(iter, SSS_GND_DESCEND)) { if (strcasecmp(iter->name, name) == 0) { break; } diff --git a/src/responder/ifp/ifp_groups.c b/src/responder/ifp/ifp_groups.c index d5d7324da..08f34b7a3 100644 --- a/src/responder/ifp/ifp_groups.c +++ b/src/responder/ifp/ifp_groups.c @@ -315,7 +315,7 @@ static void ifp_groups_list_by_name_done(struct tevent_req *req) return; } - list_ctx->dom = get_next_domain(list_ctx->dom, true); + list_ctx->dom = get_next_domain(list_ctx->dom, SSS_GND_DESCEND); if (list_ctx->dom == NULL) { return ifp_groups_list_by_name_reply(list_ctx); } diff --git a/src/responder/ifp/ifp_users.c b/src/responder/ifp/ifp_users.c index 9b71a3538..4746de368 100644 --- a/src/responder/ifp/ifp_users.c +++ b/src/responder/ifp/ifp_users.c @@ -403,7 +403,7 @@ static void ifp_users_list_by_name_done(struct tevent_req *req) return; } - list_ctx->dom = get_next_domain(list_ctx->dom, true); + list_ctx->dom = get_next_domain(list_ctx->dom, SSS_GND_DESCEND); if (list_ctx->dom == NULL) { return ifp_users_list_by_name_reply(list_ctx); } diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index c29b4091d..b8bd6425e 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -135,7 +135,7 @@ void nss_update_pw_memcache(struct nss_ctx *nctx) now = time(NULL); - for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) { ret = sysdb_enumpwent_with_views(nctx, dom, &res); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -982,7 +982,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames && !cmdctx->name_is_upn) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -1021,9 +1021,9 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { if (cmdctx->name_is_upn) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } else { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } continue; } @@ -1100,9 +1100,9 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { if (cmdctx->name_is_upn) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } else { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (dom) continue; } @@ -1220,7 +1220,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, struct nss_cmd_ctx *cmdctx = dctx->cmdctx; struct cli_ctx *cctx = cmdctx->cctx; int ret; - bool check_subdomains; + uint32_t gnd_flags; struct nss_ctx *nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx); if (err_maj) { @@ -1266,7 +1266,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, /* Since subdomain users and groups are fully qualified they are * typically not subject of multi-domain searches. But since POSIX - * ID do not contain a domain name we have to decend to subdomains + * ID do not contain a domain name we have to descend to subdomains * here. */ switch (dctx->cmdctx->cmd) { case SSS_NSS_GETPWUID: @@ -1277,7 +1277,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, "Cannot set negative cache for UID %"PRIu32"\n", cmdctx->id); } - check_subdomains = true; + gnd_flags = SSS_GND_DESCEND; break; case SSS_NSS_GETGRGID: ret = sss_ncache_set_gid(nctx->ncache, false, dctx->domain, @@ -1287,7 +1287,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, "Cannot set negative cache for GID %"PRIu32"\n", cmdctx->id); } - check_subdomains = true; + gnd_flags = SSS_GND_DESCEND; break; case SSS_NSS_GETSIDBYID: ret = sss_ncache_set_uid(nctx->ncache, false, dctx->domain, @@ -1304,16 +1304,17 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, "Cannot set negative cache for GID %"PRIu32"\n", cmdctx->id); } - check_subdomains = true; + gnd_flags = SSS_GND_DESCEND; break; default: - check_subdomains = false; + /* Do not descend to subdomains */ + gnd_flags = 0; } /* no previous results, just loop to next domain if possible */ if (cmdctx->check_next && - get_next_domain(dctx->domain, check_subdomains)) { - dctx->domain = get_next_domain(dctx->domain, check_subdomains); + get_next_domain(dctx->domain, gnd_flags)) { + dctx->domain = get_next_domain(dctx->domain, gnd_flags); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } else { /* nothing available */ @@ -1785,7 +1786,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) "(id out of range)\n", cmdctx->id, dom->name); if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } ret = ENOENT; @@ -1832,7 +1833,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) if (dctx->res->count == 0 && !dctx->check_provider) { /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } @@ -2190,7 +2191,8 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = client->rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -2302,7 +2304,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == false) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } if (!dom) break; @@ -2362,14 +2364,14 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) DEBUG(SSSDBG_CRIT_FAILURE, "Enum from cache failed, skipping domain [%s]\n", dom->name); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } if (res->count == 0) { DEBUG(SSSDBG_CONF_SETTINGS, "Domain [%s] has no users, skipping.\n", dom->name); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } @@ -2387,7 +2389,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) nctx->pctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } /* We've finished all our lookups @@ -2689,7 +2691,7 @@ void nss_update_gr_memcache(struct nss_ctx *nctx) now = time(NULL); - for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) { ret = sysdb_enumgrent_with_views(nctx, dom, &res); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -3196,7 +3198,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -3234,7 +3236,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) name, dom->name); /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } /* There are no further domains or this was a @@ -3279,7 +3281,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); if (dom) continue; } @@ -3367,7 +3369,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx) "(id out of range)\n", cmdctx->id, dom->name); if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } ret = ENOENT; @@ -3414,7 +3416,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx) if (dctx->res->count == 0 && !dctx->check_provider) { /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } @@ -3552,7 +3554,8 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = client->rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -3664,7 +3667,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == false) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } if (!dom) break; @@ -3724,14 +3727,14 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) DEBUG(SSSDBG_CRIT_FAILURE, "Enum from cache failed, skipping domain [%s]\n", dom->name); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } if (res->count == 0) { DEBUG(SSSDBG_CONF_SETTINGS, "Domain [%s] has no groups, skipping.\n", dom->name); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } @@ -3749,7 +3752,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) nctx->gctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } /* We've finished all our lookups @@ -4041,7 +4044,7 @@ void nss_update_initgr_memcache(struct nss_ctx *nctx, int ret; int i, j; - for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) { if (strcasecmp(dom->name, domain) == 0) { break; } @@ -4310,7 +4313,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames && !cmdctx->name_is_upn) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -4350,7 +4353,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) name, dom->name); /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } /* There are no further domains or this was a @@ -4424,7 +4427,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); if (dom) continue; } @@ -4521,7 +4524,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) "(id out of range)\n", cmdctx->id, dom->name); if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } ret = ENOENT; @@ -4531,7 +4534,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -4562,7 +4565,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next, including * sub-domains */ if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } /* There are no further domains. */ @@ -4618,7 +4621,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) name, dom->name); /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } /* There are no further domains or this was a @@ -4747,7 +4750,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) } /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } diff --git a/src/responder/nss/nsssrv_netgroup.c b/src/responder/nss/nsssrv_netgroup.c index c71043858..bee4552d5 100644 --- a/src/responder/nss/nsssrv_netgroup.c +++ b/src/responder/nss/nsssrv_netgroup.c @@ -525,7 +525,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) /* This netgroup was not found in this domain */ if (!step_ctx->dctx->check_provider) { if (step_ctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } else { break; @@ -556,7 +556,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) if (!step_ctx->dctx->check_provider) { if (step_ctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } else break; @@ -646,8 +646,8 @@ static void lookup_netgr_dp_callback(uint16_t err_maj, uint32_t err_min, "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); /* Loop to the next domain if possible */ - if (cmdctx->check_next && get_next_domain(dctx->domain, false)) { - dctx->domain = get_next_domain(dctx->domain, false); + if (cmdctx->check_next && get_next_domain(dctx->domain, 0)) { + dctx->domain = get_next_domain(dctx->domain, 0); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } } diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c index f6abc445c..a9fdeb6c9 100644 --- a/src/responder/nss/nsssrv_services.c +++ b/src/responder/nss/nsssrv_services.c @@ -97,7 +97,7 @@ getserv_send(TALLOC_CTX *mem_ctx, if (!req) return NULL; state->dctx = dctx; - for (dom = cctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = cctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) { num_domains++; } @@ -160,7 +160,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -190,7 +190,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } else { /* This was a single-domain search. * exit the loop. Since it was negatively- @@ -231,7 +231,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } else { /* This was a single-domain search. * exit the loop. Since it was negatively- @@ -298,7 +298,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } else { /* This was a single-domain search. * exit the loop. @@ -380,7 +380,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } else { /* This was a single-domain search. * exit the loop. @@ -1258,7 +1258,7 @@ setservent_send(TALLOC_CTX *mem_ctx, struct cli_ctx *cctx) num_domains = 0; for (dom = state->cctx->rctx->domains; dom; - dom = get_next_domain(dom, false)) { + dom = get_next_domain(dom, 0)) { num_domains++; } @@ -1305,7 +1305,7 @@ setservent_send(TALLOC_CTX *mem_ctx, struct cli_ctx *cctx) "Error [%s] requesting info from domain [%s]. Skipping.\n", strerror(ret), step_ctx->dctx->domain->name); - step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false); + step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, 0); } /* All domains failed */ @@ -1500,7 +1500,7 @@ setservent_step_done(struct tevent_req *req) svcctx->num++; } - step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false); + step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, 0); while (step_ctx->dctx->domain) { /* There are more domains to check */ @@ -1514,7 +1514,7 @@ setservent_step_done(struct tevent_req *req) "Error [%s] requesting info from domain [%s]. Skipping.\n", strerror(ret), step_ctx->dctx->domain->name); - step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false); + step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, 0); } /* All domains have been checked */ diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index e3dc1a326..4bb3e27b1 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -1128,7 +1128,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) } else { for (dom = preq->cctx->rctx->domains; dom; - dom = get_next_domain(dom, false)) { + dom = get_next_domain(dom, 0)) { if (dom->fqnames) continue; ncret = sss_ncache_check_user(pctx->ncache, pctx->neg_timeout, @@ -1398,7 +1398,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) * qualified names instead */ while (dom && !preq->pd->domain && !preq->pd->name_is_upn && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -1494,7 +1494,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) /* if a multidomain search, try with next */ if (!preq->pd->domain) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index c3336960e..75d8cac41 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -94,7 +94,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmd_ctx->check_next && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -141,7 +141,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmd_ctx->check_next) { dctx->check_provider = true; - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); if (dom) continue; } @@ -211,7 +211,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmd_ctx->check_next) { dctx->check_provider = true; - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); if (dom) continue; } |