diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2013-08-21 16:27:50 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-08-28 18:08:42 +0200 |
commit | 8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc (patch) | |
tree | 5448e43ed51e5e0f93c49b2acd64273c9a743da3 /src | |
parent | 31dd31b00ad759f256282ef0f7054e60672161ce (diff) | |
download | sssd-8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc.tar.gz sssd-8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc.tar.xz sssd-8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc.zip |
NSS: Descend into subdomains if enumerate=true
Since we now store the enumerate flag in sysdb for subdomains, we can
always descend to all available subdomains and if they do not allow
enumeration, simply skip them.
Diffstat (limited to 'src')
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 7c35a7b31..18ccdeacc 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -1597,8 +1597,8 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) { - if (dom->enumerate != 0) break; + for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -1710,7 +1710,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == 0) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } if (!dom) break; @@ -1768,13 +1768,13 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) if (ret != EOK) { DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } if (res->count == 0) { DEBUG(4, ("Domain [%s] has no users, skipping.\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } @@ -1792,7 +1792,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) nctx->pctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } /* We've finished all our lookups @@ -2818,8 +2818,8 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) { - if (dom->enumerate != 0) break; + for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -2931,7 +2931,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == 0) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } if (!dom) break; @@ -2989,13 +2989,13 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) if (ret != EOK) { DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } if (res->count == 0) { DEBUG(4, ("Domain [%s] has no groups, skipping.\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } @@ -3013,7 +3013,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) nctx->gctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } /* We've finished all our lookups |