diff options
author | Fabiano Fidêncio <fidencio@redhat.com> | 2017-06-02 13:35:30 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-09-05 11:13:40 +0200 |
commit | 4c508463be960682cf94b4e5a39be2f8f49067c8 (patch) | |
tree | 01dfd9d0b8dd7e85d98281e935f684774708eaad | |
parent | a5e9d34fd39c0061ca284674a6fd7cad05c6056c (diff) | |
download | sssd-4c508463be960682cf94b4e5a39be2f8f49067c8.tar.gz sssd-4c508463be960682cf94b4e5a39be2f8f49067c8.tar.xz sssd-4c508463be960682cf94b4e5a39be2f8f49067c8.zip |
SDAP: Use sysdb_search_*_by_orig_dn() in sdap_async_nested_groups.c
Methods for searching the users, groups and entries by their orig dn
have been introduced in one of the previous commit.
Let's make use of those whenever it makes sense.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
-rw-r--r-- | src/providers/ldap/sdap_async_nested_groups.c | 61 |
1 files changed, 13 insertions, 48 deletions
diff --git a/src/providers/ldap/sdap_async_nested_groups.c b/src/providers/ldap/sdap_async_nested_groups.c index 3e3329c0e..9271d8cfe 100644 --- a/src/providers/ldap/sdap_async_nested_groups.c +++ b/src/providers/ldap/sdap_async_nested_groups.c @@ -38,11 +38,11 @@ #include "providers/ldap/sdap_idmap.h" #include "providers/ipa/ipa_dn.h" -#define sdap_nested_group_sysdb_search_users(domain, filter) \ - sdap_nested_group_sysdb_search((domain), (filter), true) +#define sdap_nested_group_sysdb_search_users(domain, dn) \ + sdap_nested_group_sysdb_search((domain), (dn), true) -#define sdap_nested_group_sysdb_search_groups(domain, filter) \ - sdap_nested_group_sysdb_search((domain), (filter), false) +#define sdap_nested_group_sysdb_search_groups(domain, dn) \ + sdap_nested_group_sysdb_search((domain), (dn), false) enum sdap_nested_group_dn_type { SDAP_NESTED_GROUP_DN_USER, @@ -389,7 +389,7 @@ static errno_t sdap_nested_group_external_add(hash_table_t *table, } static errno_t sdap_nested_group_sysdb_search(struct sss_domain_info *domain, - const char *filter, + const char *dn, bool user) { static const char *attrs[] = {SYSDB_CACHE_EXPIRE, @@ -403,11 +403,11 @@ static errno_t sdap_nested_group_sysdb_search(struct sss_domain_info *domain, errno_t ret; if (user) { - ret = sysdb_search_users(NULL, domain, filter, attrs, - &count, &msgs); + ret = sysdb_search_users_by_orig_dn(NULL, domain, dn, attrs, + &count, &msgs); } else { - ret = sysdb_search_groups(NULL, domain, filter, attrs, - &count, &msgs); + ret = sysdb_search_groups_by_orig_dn(NULL, domain, dn, attrs, + &count, &msgs); } if (ret != EOK) { goto done; @@ -451,37 +451,17 @@ sdap_nested_group_check_cache(struct sdap_options *opts, const char *member_dn, enum sdap_nested_group_dn_type *_type) { - TALLOC_CTX *tmp_ctx = NULL; struct sdap_domain *sdap_domain = NULL; struct sss_domain_info *member_domain = NULL; - char *sanitized_dn = NULL; - char *filter = NULL; errno_t ret; - tmp_ctx = talloc_new(NULL); - if (tmp_ctx == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n"); - return ENOMEM; - } - - ret = sss_filter_sanitize(tmp_ctx, member_dn, &sanitized_dn); - if (ret != EOK) { - goto done; - } - - filter = talloc_asprintf(tmp_ctx, "(%s=%s)", SYSDB_ORIG_DN, sanitized_dn); - if (filter == NULL) { - ret = ENOMEM; - goto done; - } - /* determine correct domain of this member */ sdap_domain = sdap_domain_get_by_dn(opts, member_dn); member_domain = sdap_domain == NULL ? domain : sdap_domain->dom; /* search in users */ PROBE(SDAP_NESTED_GROUP_SYSDB_SEARCH_USERS_PRE); - ret = sdap_nested_group_sysdb_search_users(member_domain, filter); + ret = sdap_nested_group_sysdb_search_users(member_domain, member_dn); PROBE(SDAP_NESTED_GROUP_SYSDB_SEARCH_USERS_POST); if (ret == EOK || ret == EAGAIN) { /* user found */ @@ -494,7 +474,7 @@ sdap_nested_group_check_cache(struct sdap_options *opts, /* search in groups */ PROBE(SDAP_NESTED_GROUP_SYSDB_SEARCH_GROUPS_PRE); - ret = sdap_nested_group_sysdb_search_groups(member_domain, filter); + ret = sdap_nested_group_sysdb_search_groups(member_domain, member_dn); PROBE(SDAP_NESTED_GROUP_SYSDB_SEARCH_GROUPS_POST); if (ret == EOK || ret == EAGAIN) { /* group found */ @@ -509,7 +489,6 @@ sdap_nested_group_check_cache(struct sdap_options *opts, ret = ENOENT; done: - talloc_free(tmp_ctx); return ret; } @@ -2840,8 +2819,6 @@ sdap_nested_group_memberof_dn_by_original_dn( const char ***_parents) { errno_t ret; - char *sanitized_dn; - char *filter; const char *attrs[] = { SYSDB_NAME, SYSDB_MEMBEROF, NULL }; @@ -2856,20 +2833,8 @@ sdap_nested_group_memberof_dn_by_original_dn( return ENOMEM; } - ret = sss_filter_sanitize(tmp_ctx, original_dn, &sanitized_dn); - if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, - "Cannot sanitize originalDN [%s]\n", original_dn); - goto done; - } - - filter = talloc_asprintf(tmp_ctx, "(%s=%s)", SYSDB_ORIG_DN, sanitized_dn); - if (filter == NULL) { - goto done; - } - - ret = sysdb_search_groups(tmp_ctx, group_dom, filter, attrs, - &count, &msgs); + ret = sysdb_search_groups_by_orig_dn(tmp_ctx, group_dom, original_dn, + attrs, &count, &msgs); if (ret != EOK) { goto done; } |