From f8a4a5f6240156809e1b5ef03816f673281e3fa0 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 19 Jun 2013 10:50:44 +0200 Subject: IPA: Initialize server mode ctx if server mode is on This patch introduces a new structure that holds information about a subdomain and its ad_id_ctx. This structure will be used only in server mode to make it possible to search subdomains with a particular ad_id_ctx. Subtask of: https://fedorahosted.org/sssd/ticket/1962 --- src/providers/ipa/ipa_common.h | 5 +++++ src/providers/ipa/ipa_init.c | 6 ++++++ src/providers/ipa/ipa_subdomains.c | 33 +++++++++++++++++++++++++++++++++ src/providers/ipa/ipa_subdomains.h | 18 ++++++++++++++++++ 4 files changed, 62 insertions(+) (limited to 'src') diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h index 43ccb8e0a..2af20e1de 100644 --- a/src/providers/ipa/ipa_common.h +++ b/src/providers/ipa/ipa_common.h @@ -112,9 +112,14 @@ struct ipa_auth_ctx { struct dp_option *ipa_options; }; +/* In server mode, each subdomain corresponds to an AD context */ + struct ipa_id_ctx { struct sdap_id_ctx *sdap_id_ctx; struct ipa_options *ipa_options; + + /* Only used with server mode */ + struct ipa_server_mode_ctx *server_mode; }; struct ipa_options { diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c index 7297fc936..fe13b1872 100644 --- a/src/providers/ipa/ipa_init.c +++ b/src/providers/ipa/ipa_init.c @@ -528,6 +528,12 @@ int sssm_ipa_subdomains_init(struct be_ctx *bectx, return ret; } + ret = ipa_ad_subdom_init(bectx, id_ctx); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("ipa_ad_subdom_init failed.\n")); + return ret; + } + return EOK; } diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c index a67526c83..652726daf 100644 --- a/src/providers/ipa/ipa_subdomains.c +++ b/src/providers/ipa/ipa_subdomains.c @@ -925,3 +925,36 @@ int ipa_subdom_init(struct be_ctx *be_ctx, return EOK; } + +int ipa_ad_subdom_init(struct be_ctx *be_ctx, + struct ipa_id_ctx *id_ctx) +{ + char *realm; + char *hostname; + + if (dp_opt_get_bool(id_ctx->ipa_options->basic, + IPA_SERVER_MODE) == false) { + return EOK; + } + + realm = dp_opt_get_string(id_ctx->ipa_options->basic, IPA_KRB5_REALM); + if (realm == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("No Kerberos realm for IPA?\n")); + return EINVAL; + } + + hostname = dp_opt_get_string(id_ctx->ipa_options->basic, IPA_HOSTNAME); + if (hostname == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("No host name for IPA?\n")); + return EINVAL; + } + + id_ctx->server_mode = talloc(id_ctx, struct ipa_server_mode_ctx); + if (id_ctx->server_mode == NULL) { + return ENOMEM; + } + id_ctx->server_mode->realm = realm; + id_ctx->server_mode->hostname = hostname; + + return EOK; +} diff --git a/src/providers/ipa/ipa_subdomains.h b/src/providers/ipa/ipa_subdomains.h index c9ab82a25..315ce9e06 100644 --- a/src/providers/ipa/ipa_subdomains.h +++ b/src/providers/ipa/ipa_subdomains.h @@ -38,6 +38,24 @@ int ipa_subdom_init(struct be_ctx *be_ctx, struct bet_ops **ops, void **pvt_data); +/* The following are used in server mode only */ +struct ipa_ad_server_ctx { + struct sss_domain_info *dom; + struct ad_id_ctx *ad_id_ctx; + + struct ipa_ad_server_ctx *next, *prev; +}; + +struct ipa_server_mode_ctx { + const char *realm; + const char *hostname; + + struct ipa_ad_server_ctx *trusts; +}; + +int ipa_ad_subdom_init(struct be_ctx *be_ctx, + struct ipa_id_ctx *id_ctx); + enum req_input_type { REQ_INP_NAME, REQ_INP_ID, -- cgit