summaryrefslogtreecommitdiffstats
path: root/src/responder
diff options
context:
space:
mode:
Diffstat (limited to 'src/responder')
-rw-r--r--src/responder/autofs/autofssrv_cmd.c6
-rw-r--r--src/responder/common/negcache.c8
-rw-r--r--src/responder/common/responder_cache_req.c7
-rw-r--r--src/responder/common/responder_common.c8
-rw-r--r--src/responder/common/responder_get_domains.c9
-rw-r--r--src/responder/ifp/ifp_cache.c2
-rw-r--r--src/responder/ifp/ifp_domains.c9
-rw-r--r--src/responder/ifp/ifp_groups.c2
-rw-r--r--src/responder/ifp/ifp_users.c2
-rw-r--r--src/responder/nss/nsssrv_cmd.c85
-rw-r--r--src/responder/nss/nsssrv_netgroup.c8
-rw-r--r--src/responder/nss/nsssrv_services.c20
-rw-r--r--src/responder/pam/pamsrv_cmd.c6
-rw-r--r--src/responder/sudo/sudosrv_get_sudorules.c6
14 files changed, 93 insertions, 85 deletions
diff --git a/src/responder/autofs/autofssrv_cmd.c b/src/responder/autofs/autofssrv_cmd.c
index 27b6617c2..82f2f8647 100644
--- a/src/responder/autofs/autofssrv_cmd.c
+++ b/src/responder/autofs/autofssrv_cmd.c
@@ -661,7 +661,7 @@ lookup_automntmap_step(struct setautomntent_lookup_ctx *lookup_ctx)
if (!dctx->check_provider) {
if (dctx->cmd_ctx->check_next) {
DEBUG(SSSDBG_TRACE_INTERNAL, "Moving on to next domain\n");
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
continue;
}
else break;
@@ -868,8 +868,8 @@ static void lookup_automntmap_cache_updated(uint16_t err_maj, uint32_t err_min,
"Will try to return what we have in cache\n",
(unsigned int)err_maj, (unsigned int)err_min, err_msg);
/* Loop to the next domain if possible */
- if (dctx->cmd_ctx->check_next && get_next_domain(dctx->domain, false)) {
- dctx->domain = get_next_domain(dctx->domain, false);
+ if (dctx->cmd_ctx->check_next && get_next_domain(dctx->domain, 0)) {
+ dctx->domain = get_next_domain(dctx->domain, 0);
dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider);
}
}
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c
index fc482c411..f7af9e028 100644
--- a/src/responder/common/negcache.c
+++ b/src/responder/common/negcache.c
@@ -664,7 +664,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
int i;
/* Populate domain-specific negative cache entries */
- for (dom = domain_list; dom; dom = get_next_domain(dom, false)) {
+ for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) {
conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL,
dom->name);
if (!conf_path) {
@@ -765,7 +765,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
continue;
}
} else {
- for (dom = domain_list; dom; dom = get_next_domain(dom, false)) {
+ for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) {
ret = sss_ncache_set_user(ncache, true, dom, name);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
@@ -780,7 +780,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
}
filter_set = false;
- for (dom = domain_list; dom; dom = get_next_domain(dom, false)) {
+ for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) {
conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, dom->name);
if (!conf_path) {
ret = ENOMEM;
@@ -873,7 +873,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
continue;
}
} else {
- for (dom = domain_list; dom; dom = get_next_domain(dom, false)) {
+ for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) {
ret = sss_ncache_set_group(ncache, true, dom, name);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c
index ab73401b3..fc63f84f1 100644
--- a/src/responder/common/responder_cache_req.c
+++ b/src/responder/common/responder_cache_req.c
@@ -983,7 +983,7 @@ static errno_t cache_req_next_domain(struct tevent_req *req)
while (state->domain != NULL && state->check_next
&& state->domain->fqnames
&& !cache_req_input_is_upn(state->input)) {
- state->domain = get_next_domain(state->domain, false);
+ state->domain = get_next_domain(state->domain, 0);
}
state->selected_domain = state->domain;
@@ -1011,9 +1011,10 @@ static errno_t cache_req_next_domain(struct tevent_req *req)
/* we will continue with the following domain the next time */
if (state->check_next) {
if (cache_req_input_is_upn(state->input)) {
- state->domain = get_next_domain(state->domain, true);
+ state->domain = get_next_domain(state->domain,
+ SSS_GND_DESCEND);
} else {
- state->domain = get_next_domain(state->domain, false);
+ state->domain = get_next_domain(state->domain, 0);
}
}
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index ebb30a458..a7e198cc5 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -845,7 +845,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx,
goto fail;
}
- for (dom = rctx->domains; dom; dom = get_next_domain(dom, false)) {
+ for (dom = rctx->domains; dom; dom = get_next_domain(dom, 0)) {
ret = sss_names_init(rctx->cdb, rctx->cdb, dom->name, &dom->names);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
@@ -923,7 +923,8 @@ responder_get_domain(struct resp_ctx *rctx, const char *name)
struct sss_domain_info *dom;
struct sss_domain_info *ret_dom = NULL;
- for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ for (dom = rctx->domains; dom;
+ dom = get_next_domain(dom, SSS_GND_DESCEND)) {
if (sss_domain_get_state(dom) == DOM_DISABLED) {
continue;
}
@@ -958,7 +959,8 @@ errno_t responder_get_domain_by_id(struct resp_ctx *rctx, const char *id,
id_len = strlen(id);
- for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ for (dom = rctx->domains; dom;
+ dom = get_next_domain(dom, SSS_GND_DESCEND)) {
if (sss_domain_get_state(dom) == DOM_DISABLED ||
dom->domain_id == NULL) {
continue;
diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c
index 7fd0b48ee..6b354d8b2 100644
--- a/src/responder/common/responder_get_domains.c
+++ b/src/responder/common/responder_get_domains.c
@@ -186,7 +186,7 @@ struct tevent_req *sss_dp_get_domains_send(TALLOC_CTX *mem_ctx,
state->dom = rctx->domains;
while(state->dom != NULL && !NEED_CHECK_PROVIDER(state->dom->provider)) {
- state->dom = get_next_domain(state->dom, false);
+ state->dom = get_next_domain(state->dom, 0);
}
if (state->dom == NULL) {
@@ -242,11 +242,11 @@ sss_dp_get_domains_process(struct tevent_req *subreq)
}
/* Advance to the next domain */
- state->dom = get_next_domain(state->dom, false);
+ state->dom = get_next_domain(state->dom, 0);
/* Skip local domains */
while(state->dom != NULL && !NEED_CHECK_PROVIDER(state->dom->provider)) {
- state->dom = get_next_domain(state->dom, false);
+ state->dom = get_next_domain(state->dom, 0);
}
if (state->dom == NULL) {
@@ -345,7 +345,8 @@ static errno_t check_last_request(struct resp_ctx *rctx, const char *hint)
}
if (hint != NULL) {
- for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ for (dom = rctx->domains; dom;
+ dom = get_next_domain(dom, SSS_GND_DESCEND)) {
if (!IS_SUBDOMAIN(dom)) {
diff = now - dom->subdomains_last_checked.tv_sec;
/* not a subdomain */
diff --git a/src/responder/ifp/ifp_cache.c b/src/responder/ifp/ifp_cache.c
index a109ac05d..8ea2d8008 100644
--- a/src/responder/ifp/ifp_cache.c
+++ b/src/responder/ifp/ifp_cache.c
@@ -190,7 +190,7 @@ errno_t ifp_cache_list_domains(TALLOC_CTX *mem_ctx,
num_paths += num_tmp_paths;
- domain = get_next_domain(domain, true);
+ domain = get_next_domain(domain, SSS_GND_DESCEND);
}
if (_paths != NULL) {
diff --git a/src/responder/ifp/ifp_domains.c b/src/responder/ifp/ifp_domains.c
index 360576687..5ad9952c9 100644
--- a/src/responder/ifp/ifp_domains.c
+++ b/src/responder/ifp/ifp_domains.c
@@ -111,7 +111,7 @@ static void ifp_list_domains_process(struct tevent_req *req)
num_domains = 0;
for (dom = ireq->ifp_ctx->rctx->domains;
dom != NULL;
- dom = get_next_domain(dom, true)) {
+ dom = get_next_domain(dom, SSS_GND_DESCEND)) {
num_domains++;
}
@@ -124,7 +124,7 @@ static void ifp_list_domains_process(struct tevent_req *req)
pi = 0;
for (dom = ireq->ifp_ctx->rctx->domains;
dom != NULL;
- dom = get_next_domain(dom, true)) {
+ dom = get_next_domain(dom, SSS_GND_DESCEND)) {
p = sbus_opath_compose(ireq, IFP_PATH_DOMAINS, dom->name);
if (p == NULL) {
DEBUG(SSSDBG_MINOR_FAILURE,
@@ -221,7 +221,7 @@ static void ifp_find_domain_by_name_process(struct tevent_req *req)
/* Reply with the domain that was asked for */
for (iter = ireq->ifp_ctx->rctx->domains;
iter != NULL;
- iter = get_next_domain(iter, true)) {
+ iter = get_next_domain(iter, SSS_GND_DESCEND)) {
if (strcasecmp(iter->name, state->name) == 0) {
break;
}
@@ -271,7 +271,8 @@ get_domain_info_from_req(struct sbus_request *dbus_req, void *data)
DEBUG(SSSDBG_TRACE_INTERNAL, "Looking for domain %s\n", name);
domains = ctx->rctx->domains;
- for (iter = domains; iter != NULL; iter = get_next_domain(iter, true)) {
+ for (iter = domains; iter != NULL;
+ iter = get_next_domain(iter, SSS_GND_DESCEND)) {
if (strcasecmp(iter->name, name) == 0) {
break;
}
diff --git a/src/responder/ifp/ifp_groups.c b/src/responder/ifp/ifp_groups.c
index d5d7324da..08f34b7a3 100644
--- a/src/responder/ifp/ifp_groups.c
+++ b/src/responder/ifp/ifp_groups.c
@@ -315,7 +315,7 @@ static void ifp_groups_list_by_name_done(struct tevent_req *req)
return;
}
- list_ctx->dom = get_next_domain(list_ctx->dom, true);
+ list_ctx->dom = get_next_domain(list_ctx->dom, SSS_GND_DESCEND);
if (list_ctx->dom == NULL) {
return ifp_groups_list_by_name_reply(list_ctx);
}
diff --git a/src/responder/ifp/ifp_users.c b/src/responder/ifp/ifp_users.c
index 9b71a3538..4746de368 100644
--- a/src/responder/ifp/ifp_users.c
+++ b/src/responder/ifp/ifp_users.c
@@ -403,7 +403,7 @@ static void ifp_users_list_by_name_done(struct tevent_req *req)
return;
}
- list_ctx->dom = get_next_domain(list_ctx->dom, true);
+ list_ctx->dom = get_next_domain(list_ctx->dom, SSS_GND_DESCEND);
if (list_ctx->dom == NULL) {
return ifp_users_list_by_name_reply(list_ctx);
}
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index c29b4091d..b8bd6425e 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -135,7 +135,7 @@ void nss_update_pw_memcache(struct nss_ctx *nctx)
now = time(NULL);
- for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) {
+ for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) {
ret = sysdb_enumpwent_with_views(nctx, dom, &res);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
@@ -982,7 +982,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)
* qualified names instead */
while (dom && cmdctx->check_next && dom->fqnames
&& !cmdctx->name_is_upn) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
}
if (!dom) break;
@@ -1021,9 +1021,9 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
if (cmdctx->name_is_upn) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
} else {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
}
continue;
}
@@ -1100,9 +1100,9 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
if (cmdctx->name_is_upn) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
} else {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
}
if (dom) continue;
}
@@ -1220,7 +1220,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min,
struct nss_cmd_ctx *cmdctx = dctx->cmdctx;
struct cli_ctx *cctx = cmdctx->cctx;
int ret;
- bool check_subdomains;
+ uint32_t gnd_flags;
struct nss_ctx *nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx);
if (err_maj) {
@@ -1266,7 +1266,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min,
/* Since subdomain users and groups are fully qualified they are
* typically not subject of multi-domain searches. But since POSIX
- * ID do not contain a domain name we have to decend to subdomains
+ * ID do not contain a domain name we have to descend to subdomains
* here. */
switch (dctx->cmdctx->cmd) {
case SSS_NSS_GETPWUID:
@@ -1277,7 +1277,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min,
"Cannot set negative cache for UID %"PRIu32"\n",
cmdctx->id);
}
- check_subdomains = true;
+ gnd_flags = SSS_GND_DESCEND;
break;
case SSS_NSS_GETGRGID:
ret = sss_ncache_set_gid(nctx->ncache, false, dctx->domain,
@@ -1287,7 +1287,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min,
"Cannot set negative cache for GID %"PRIu32"\n",
cmdctx->id);
}
- check_subdomains = true;
+ gnd_flags = SSS_GND_DESCEND;
break;
case SSS_NSS_GETSIDBYID:
ret = sss_ncache_set_uid(nctx->ncache, false, dctx->domain,
@@ -1304,16 +1304,17 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min,
"Cannot set negative cache for GID %"PRIu32"\n",
cmdctx->id);
}
- check_subdomains = true;
+ gnd_flags = SSS_GND_DESCEND;
break;
default:
- check_subdomains = false;
+ /* Do not descend to subdomains */
+ gnd_flags = 0;
}
/* no previous results, just loop to next domain if possible */
if (cmdctx->check_next &&
- get_next_domain(dctx->domain, check_subdomains)) {
- dctx->domain = get_next_domain(dctx->domain, check_subdomains);
+ get_next_domain(dctx->domain, gnd_flags)) {
+ dctx->domain = get_next_domain(dctx->domain, gnd_flags);
dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider);
} else {
/* nothing available */
@@ -1785,7 +1786,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx)
"(id out of range)\n",
cmdctx->id, dom->name);
if (cmdctx->check_next) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
ret = ENOENT;
@@ -1832,7 +1833,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx)
if (dctx->res->count == 0 && !dctx->check_provider) {
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
@@ -2190,7 +2191,8 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx,
}
/* check if enumeration is enabled in any domain */
- for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ for (dom = client->rctx->domains; dom;
+ dom = get_next_domain(dom, SSS_GND_DESCEND)) {
if (dom->enumerate == true) break;
}
state->dctx->domain = dom;
@@ -2302,7 +2304,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx)
while (dom) {
while (dom && dom->enumerate == false) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
}
if (!dom) break;
@@ -2362,14 +2364,14 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx)
DEBUG(SSSDBG_CRIT_FAILURE,
"Enum from cache failed, skipping domain [%s]\n",
dom->name);
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
if (res->count == 0) {
DEBUG(SSSDBG_CONF_SETTINGS,
"Domain [%s] has no users, skipping.\n", dom->name);
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
@@ -2387,7 +2389,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx)
nctx->pctx->num++;
/* do not reply until all domain searches are done */
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
}
/* We've finished all our lookups
@@ -2689,7 +2691,7 @@ void nss_update_gr_memcache(struct nss_ctx *nctx)
now = time(NULL);
- for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) {
+ for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) {
ret = sysdb_enumgrent_with_views(nctx, dom, &res);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
@@ -3196,7 +3198,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx)
/* if it is a domainless search, skip domains that require fully
* qualified names instead */
while (dom && cmdctx->check_next && dom->fqnames) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
}
if (!dom) break;
@@ -3234,7 +3236,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx)
name, dom->name);
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
continue;
}
/* There are no further domains or this was a
@@ -3279,7 +3281,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx)
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
if (dom) continue;
}
@@ -3367,7 +3369,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx)
"(id out of range)\n",
cmdctx->id, dom->name);
if (cmdctx->check_next) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
ret = ENOENT;
@@ -3414,7 +3416,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx)
if (dctx->res->count == 0 && !dctx->check_provider) {
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
@@ -3552,7 +3554,8 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx,
}
/* check if enumeration is enabled in any domain */
- for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ for (dom = client->rctx->domains; dom;
+ dom = get_next_domain(dom, SSS_GND_DESCEND)) {
if (dom->enumerate == true) break;
}
state->dctx->domain = dom;
@@ -3664,7 +3667,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx)
while (dom) {
while (dom && dom->enumerate == false) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
}
if (!dom) break;
@@ -3724,14 +3727,14 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx)
DEBUG(SSSDBG_CRIT_FAILURE,
"Enum from cache failed, skipping domain [%s]\n",
dom->name);
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
if (res->count == 0) {
DEBUG(SSSDBG_CONF_SETTINGS,
"Domain [%s] has no groups, skipping.\n", dom->name);
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
@@ -3749,7 +3752,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx)
nctx->gctx->num++;
/* do not reply until all domain searches are done */
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
}
/* We've finished all our lookups
@@ -4041,7 +4044,7 @@ void nss_update_initgr_memcache(struct nss_ctx *nctx,
int ret;
int i, j;
- for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) {
+ for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) {
if (strcasecmp(dom->name, domain) == 0) {
break;
}
@@ -4310,7 +4313,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx)
* qualified names instead */
while (dom && cmdctx->check_next && dom->fqnames
&& !cmdctx->name_is_upn) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
}
if (!dom) break;
@@ -4350,7 +4353,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx)
name, dom->name);
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
continue;
}
/* There are no further domains or this was a
@@ -4424,7 +4427,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx)
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
if (dom) continue;
}
@@ -4521,7 +4524,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx)
"(id out of range)\n",
cmdctx->id, dom->name);
if (cmdctx->check_next) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
ret = ENOENT;
@@ -4531,7 +4534,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx)
/* if it is a domainless search, skip domains that require fully
* qualified names instead */
while (dom && cmdctx->check_next && dom->fqnames) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
}
if (!dom) break;
@@ -4562,7 +4565,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx)
/* if a multidomain search, try with next, including
* sub-domains */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
/* There are no further domains. */
@@ -4618,7 +4621,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx)
name, dom->name);
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
continue;
}
/* There are no further domains or this was a
@@ -4747,7 +4750,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx)
}
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, true);
+ dom = get_next_domain(dom, SSS_GND_DESCEND);
continue;
}
diff --git a/src/responder/nss/nsssrv_netgroup.c b/src/responder/nss/nsssrv_netgroup.c
index c71043858..bee4552d5 100644
--- a/src/responder/nss/nsssrv_netgroup.c
+++ b/src/responder/nss/nsssrv_netgroup.c
@@ -525,7 +525,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx)
/* This netgroup was not found in this domain */
if (!step_ctx->dctx->check_provider) {
if (step_ctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
continue;
} else {
break;
@@ -556,7 +556,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx)
if (!step_ctx->dctx->check_provider) {
if (step_ctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
continue;
}
else break;
@@ -646,8 +646,8 @@ static void lookup_netgr_dp_callback(uint16_t err_maj, uint32_t err_min,
"Will try to return what we have in cache\n",
(unsigned int)err_maj, (unsigned int)err_min, err_msg);
/* Loop to the next domain if possible */
- if (cmdctx->check_next && get_next_domain(dctx->domain, false)) {
- dctx->domain = get_next_domain(dctx->domain, false);
+ if (cmdctx->check_next && get_next_domain(dctx->domain, 0)) {
+ dctx->domain = get_next_domain(dctx->domain, 0);
dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider);
}
}
diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c
index f6abc445c..a9fdeb6c9 100644
--- a/src/responder/nss/nsssrv_services.c
+++ b/src/responder/nss/nsssrv_services.c
@@ -97,7 +97,7 @@ getserv_send(TALLOC_CTX *mem_ctx,
if (!req) return NULL;
state->dctx = dctx;
- for (dom = cctx->rctx->domains; dom; dom = get_next_domain(dom, false)) {
+ for (dom = cctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) {
num_domains++;
}
@@ -160,7 +160,7 @@ getserv_send(TALLOC_CTX *mem_ctx,
/* if it is a domainless search, skip domains that require fully
* qualified names instead */
while (dom && cmdctx->check_next && dom->fqnames) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
}
if (!dom) break;
@@ -190,7 +190,7 @@ getserv_send(TALLOC_CTX *mem_ctx,
/* If this is a multi-domain search, try the next one */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
} else {
/* This was a single-domain search.
* exit the loop. Since it was negatively-
@@ -231,7 +231,7 @@ getserv_send(TALLOC_CTX *mem_ctx,
/* If this is a multi-domain search, try the next one */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
} else {
/* This was a single-domain search.
* exit the loop. Since it was negatively-
@@ -298,7 +298,7 @@ getserv_send(TALLOC_CTX *mem_ctx,
/* If this is a multi-domain search, try the next one */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
} else {
/* This was a single-domain search.
* exit the loop.
@@ -380,7 +380,7 @@ getserv_send(TALLOC_CTX *mem_ctx,
/* If this is a multi-domain search, try the next one */
if (cmdctx->check_next) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
} else {
/* This was a single-domain search.
* exit the loop.
@@ -1258,7 +1258,7 @@ setservent_send(TALLOC_CTX *mem_ctx, struct cli_ctx *cctx)
num_domains = 0;
for (dom = state->cctx->rctx->domains;
dom;
- dom = get_next_domain(dom, false)) {
+ dom = get_next_domain(dom, 0)) {
num_domains++;
}
@@ -1305,7 +1305,7 @@ setservent_send(TALLOC_CTX *mem_ctx, struct cli_ctx *cctx)
"Error [%s] requesting info from domain [%s]. Skipping.\n",
strerror(ret), step_ctx->dctx->domain->name);
- step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false);
+ step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, 0);
}
/* All domains failed */
@@ -1500,7 +1500,7 @@ setservent_step_done(struct tevent_req *req)
svcctx->num++;
}
- step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false);
+ step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, 0);
while (step_ctx->dctx->domain) {
/* There are more domains to check */
@@ -1514,7 +1514,7 @@ setservent_step_done(struct tevent_req *req)
"Error [%s] requesting info from domain [%s]. Skipping.\n",
strerror(ret), step_ctx->dctx->domain->name);
- step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false);
+ step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, 0);
}
/* All domains have been checked */
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index e3dc1a326..4bb3e27b1 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -1128,7 +1128,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
} else {
for (dom = preq->cctx->rctx->domains;
dom;
- dom = get_next_domain(dom, false)) {
+ dom = get_next_domain(dom, 0)) {
if (dom->fqnames) continue;
ncret = sss_ncache_check_user(pctx->ncache, pctx->neg_timeout,
@@ -1398,7 +1398,7 @@ static int pam_check_user_search(struct pam_auth_req *preq)
* qualified names instead */
while (dom && !preq->pd->domain && !preq->pd->name_is_upn
&& dom->fqnames) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
}
if (!dom) break;
@@ -1494,7 +1494,7 @@ static int pam_check_user_search(struct pam_auth_req *preq)
/* if a multidomain search, try with next */
if (!preq->pd->domain) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
continue;
}
diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c
index c3336960e..75d8cac41 100644
--- a/src/responder/sudo/sudosrv_get_sudorules.c
+++ b/src/responder/sudo/sudosrv_get_sudorules.c
@@ -94,7 +94,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)
/* if it is a domainless search, skip domains that require fully
* qualified names instead */
while (dom && cmd_ctx->check_next && dom->fqnames) {
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
}
if (!dom) break;
@@ -141,7 +141,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)
/* if a multidomain search, try with next */
if (cmd_ctx->check_next) {
dctx->check_provider = true;
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
if (dom) continue;
}
@@ -211,7 +211,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)
/* if a multidomain search, try with next */
if (cmd_ctx->check_next) {
dctx->check_provider = true;
- dom = get_next_domain(dom, false);
+ dom = get_next_domain(dom, 0);
if (dom) continue;
}
generated by cgit (git 2.34.1) at 2024-06-19 01:38:27 +0000