From 450c2b78ff0bd5044c4c73f32ca8459b211dd446 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Tue, 7 Apr 2015 13:06:56 +0200 Subject: LDAP: Set sdap handle as explicitly connected in LDAP auth MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In case SSSD is set with id_provider=proxy and auth_provider=ldap, the LDAP provider is not used to retrieve the user info with the higher-level calls, but the lower-level connection establishment is used instead. In this case, we need to make sure to mark the connection as explicitly connected to be notified about results of looking up the DN. Resolves: https://fedorahosted.org/sssd/ticket/2620 Reviewed-by: Pavel Březina --- src/providers/ldap/ldap_auth.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index 6ee570bba..817179426 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -762,6 +762,18 @@ static void auth_connect_done(struct tevent_req *subreq) state->srv, PORT_WORKING); } + /* In case the ID provider is set to proxy, this might be the first + * LDAP operation at all, so we need to set the connection status + */ + if (state->sh->connected == false) { + ret = sdap_set_connected(state->sh, state->ev); + if (ret) { + DEBUG(SSSDBG_OP_FAILURE, "Cannot set connected status\n"); + tevent_req_error(req, ret); + return; + } + } + ret = get_user_dn(state, state->ctx->be->domain, state->ctx->opts, state->username, &state->dn, &state->pw_expire_type, &state->pw_expire_data); -- cgit