diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2013-08-21 16:27:50 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-08-28 18:08:42 +0200 |
| commit | 8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc (patch) | |
| tree | 5448e43ed51e5e0f93c49b2acd64273c9a743da3 | |
| parent | 31dd31b00ad759f256282ef0f7054e60672161ce (diff) | |
| download | sssd-8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc.tar.gz sssd-8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc.tar.xz sssd-8b9fc71516a3da83b6e0e551ec0ad9aaa19bc7bc.zip | |
NSS: Descend into subdomains if enumerate=true
Since we now store the enumerate flag in sysdb for subdomains, we can
always descend to all available subdomains and if they do not allow
enumeration, simply skip them.
| -rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 7c35a7b3..18ccdeac 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -1597,8 +1597,8 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) { - if (dom->enumerate != 0) break; + for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -1710,7 +1710,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == 0) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } if (!dom) break; @@ -1768,13 +1768,13 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) if (ret != EOK) { DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } if (res->count == 0) { DEBUG(4, ("Domain [%s] has no users, skipping.\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } @@ -1792,7 +1792,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) nctx->pctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } /* We've finished all our lookups @@ -2818,8 +2818,8 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) { - if (dom->enumerate != 0) break; + for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -2931,7 +2931,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == 0) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } if (!dom) break; @@ -2989,13 +2989,13 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) if (ret != EOK) { DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } if (res->count == 0) { DEBUG(4, ("Domain [%s] has no groups, skipping.\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } @@ -3013,7 +3013,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) nctx->gctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } /* We've finished all our lookups |