diff options
Diffstat (limited to 'source/nsswitch/idmap_ldap.c')
| -rw-r--r-- | source/nsswitch/idmap_ldap.c | 97 |
1 files changed, 76 insertions, 21 deletions
diff --git a/source/nsswitch/idmap_ldap.c b/source/nsswitch/idmap_ldap.c index f74372eceab..e6cd5c7f231 100644 --- a/source/nsswitch/idmap_ldap.c +++ b/source/nsswitch/idmap_ldap.c @@ -151,6 +151,7 @@ static NTSTATUS verify_idpool(void) &result); if (rc != LDAP_SUCCESS) { + DEBUG(1, ("Unable to verify the idpool, cannot continue initialization!\n")); return NT_STATUS_UNSUCCESSFUL; } @@ -209,6 +210,11 @@ static NTSTATUS idmap_ldap_alloc_init(const char *params) gid_t low_gid = 0; gid_t high_gid = 0; + /* Only do init if we are online */ + if (idmap_is_offline()) { + return NT_STATUS_FILE_IS_OFFLINE; + } + idmap_alloc_ldap = talloc_zero(NULL, struct idmap_ldap_alloc_context); CHECK_ALLOC_DONE( idmap_alloc_ldap ); @@ -344,6 +350,11 @@ static NTSTATUS idmap_ldap_allocate_id(struct unixid *xid) const char **attr_list; const char *type; + /* Only do query if we are online */ + if (idmap_is_offline()) { + return NT_STATUS_FILE_IS_OFFLINE; + } + if ( ! idmap_alloc_ldap) { return NT_STATUS_UNSUCCESSFUL; } @@ -490,6 +501,11 @@ static NTSTATUS idmap_ldap_get_hwm(struct unixid *xid) const char **attr_list; const char *type; + /* Only do query if we are online */ + if (idmap_is_offline()) { + return NT_STATUS_FILE_IS_OFFLINE; + } + if ( ! idmap_alloc_ldap) { return NT_STATUS_UNSUCCESSFUL; } @@ -580,6 +596,11 @@ static NTSTATUS idmap_ldap_set_hwm(struct unixid *xid) const char **attr_list; const char *type; + /* Only do query if we are online */ + if (idmap_is_offline()) { + return NT_STATUS_FILE_IS_OFFLINE; + } + if ( ! idmap_alloc_ldap) { return NT_STATUS_UNSUCCESSFUL; } @@ -700,14 +721,19 @@ static int idmap_ldap_close_destructor(struct idmap_ldap_context *ctx) Initialise idmap database. ********************************/ -static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom, const char *params) +static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom) { NTSTATUS ret; struct idmap_ldap_context *ctx = NULL; char *config_option = NULL; const char *range = NULL; const char *tmp = NULL; - + + /* Only do init if we are online */ + if (idmap_is_offline()) { + return NT_STATUS_FILE_IS_OFFLINE; + } + ctx = talloc_zero(dom, struct idmap_ldap_context); if ( ! ctx) { DEBUG(0, ("Out of memory!\n")); @@ -732,9 +758,9 @@ static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom, const char *params) } } - if (params && *params) { + if (dom->params && *(dom->params)) { /* assume location is the only parameter */ - ctx->url = talloc_strdup(ctx, params); + ctx->url = talloc_strdup(ctx, dom->params); } else { tmp = lp_parm_const_string(-1, config_option, "ldap_url", NULL); @@ -837,6 +863,19 @@ static NTSTATUS idmap_ldap_unixids_to_sids(struct idmap_domain *dom, struct id_m int rc; int i; + /* Only do query if we are online */ + if (idmap_is_offline()) { + return NT_STATUS_FILE_IS_OFFLINE; + } + + /* Initilization my have been deferred because we were offline */ + if ( ! dom->initialized) { + ret = idmap_ldap_db_init(dom); + if ( ! NT_STATUS_IS_OK(ret)) { + return ret; + } + } + ctx = talloc_get_type(dom->private_data, struct idmap_ldap_context); memctx = talloc_new(ctx); @@ -991,10 +1030,10 @@ again: ret = NT_STATUS_OK; - - /* mark all unknwon ones as unmapped */ + /* mark all unknwon/expired ones as unmapped */ for (i = 0; ids[i]; i++) { - if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED; + if (ids[i]->status != ID_MAPPED) + ids[i]->status = ID_UNMAPPED; } done: @@ -1025,6 +1064,7 @@ static struct id_map *find_map_by_sid(struct id_map **maps, DOM_SID *sid) static NTSTATUS idmap_ldap_sids_to_unixids(struct idmap_domain *dom, struct id_map **ids) { + LDAPMessage *entry = NULL; NTSTATUS ret; TALLOC_CTX *memctx; struct idmap_ldap_context *ctx; @@ -1040,6 +1080,19 @@ static NTSTATUS idmap_ldap_sids_to_unixids(struct idmap_domain *dom, struct id_m int rc; int i; + /* Only do query if we are online */ + if (idmap_is_offline()) { + return NT_STATUS_FILE_IS_OFFLINE; + } + + /* Initilization my have been deferred because we were offline */ + if ( ! dom->initialized) { + ret = idmap_ldap_db_init(dom); + if ( ! NT_STATUS_IS_OK(ret)) { + return ret; + } + } + ctx = talloc_get_type(dom->private_data, struct idmap_ldap_context); memctx = talloc_new(ctx); @@ -1105,7 +1158,6 @@ again: } for (i = 0; i < count; i++) { - LDAPMessage *entry = NULL; char *sidstr = NULL; char *tmp = NULL; enum id_type type; @@ -1192,9 +1244,10 @@ again: ret = NT_STATUS_OK; - /* mark all unknwon ones as unmapped */ + /* mark all unknwon/expired ones as unmapped */ for (i = 0; ids[i]; i++) { - if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED; + if (ids[i]->status != ID_MAPPED) + ids[i]->status = ID_UNMAPPED; } done: @@ -1221,6 +1274,19 @@ static NTSTATUS idmap_ldap_set_mapping(struct idmap_domain *dom, const struct id char *dn; int rc = -1; + /* Only do query if we are online */ + if (idmap_is_offline()) { + return NT_STATUS_FILE_IS_OFFLINE; + } + + /* Initilization my have been deferred because we were offline */ + if ( ! dom->initialized) { + ret = idmap_ldap_db_init(dom); + if ( ! NT_STATUS_IS_OK(ret)) { + return ret; + } + } + ctx = talloc_get_type(dom->private_data, struct idmap_ldap_context); switch(map->xid.type) { @@ -1301,15 +1367,6 @@ done: } /********************************** - remove a mapping. -**********************************/ - -static NTSTATUS idmap_ldap_remove_mapping(struct idmap_domain *dom, const struct id_map *map) -{ - return NT_STATUS_UNSUCCESSFUL; -} - -/********************************** Close the idmap ldap instance **********************************/ @@ -1333,8 +1390,6 @@ static struct idmap_methods idmap_ldap_methods = { .unixids_to_sids = idmap_ldap_unixids_to_sids, .sids_to_unixids = idmap_ldap_sids_to_unixids, .set_mapping = idmap_ldap_set_mapping, - .remove_mapping = idmap_ldap_remove_mapping, - /* .dump_data = TODO */ .close_fn = idmap_ldap_close }; |