diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-01-28 11:40:36 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-01-31 09:37:41 -0500 |
commit | ca73004be606fe1a3003f2bc82eede4945fd0f08 (patch) | |
tree | eb9eb6119262f5978fe9062fe3a9912902c43a36 | |
parent | e2925c2d7d10cbb51098402233784044168f1a77 (diff) | |
download | sssd-ca73004be606fe1a3003f2bc82eede4945fd0f08.tar.gz sssd-ca73004be606fe1a3003f2bc82eede4945fd0f08.tar.xz sssd-ca73004be606fe1a3003f2bc82eede4945fd0f08.zip |
IPA: Add support for services lookups (non-enum)
-rw-r--r-- | Makefile.am | 2 | ||||
-rw-r--r-- | src/providers/ipa/ipa_common.c | 38 | ||||
-rw-r--r-- | src/providers/ipa/ipa_common.h | 4 | ||||
-rw-r--r-- | src/tests/ipa_ldap_opt-tests.c | 1 |
4 files changed, 44 insertions, 1 deletions
diff --git a/Makefile.am b/Makefile.am index d2f099b3..710f33c6 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1018,6 +1018,7 @@ libsss_ipa_la_SOURCES = \ src/providers/ldap/ldap_id_enum.c \ src/providers/ldap/ldap_id_cleanup.c \ src/providers/ldap/ldap_id_netgroup.c \ + src/providers/ldap/ldap_id_services.c \ src/providers/ldap/ldap_auth.c \ src/providers/ldap/ldap_common.c \ src/providers/ldap/sdap_async.c \ @@ -1026,6 +1027,7 @@ libsss_ipa_la_SOURCES = \ src/providers/ldap/sdap_async_initgroups.c \ src/providers/ldap/sdap_async_connection.c \ src/providers/ldap/sdap_async_netgroups.c \ + src/providers/ldap/sdap_async_services.c \ src/providers/ldap/sdap_child_helpers.c \ src/providers/ldap/sdap_fd_events.c \ src/providers/ldap/sdap_id_op.c \ diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index 00231ddf..07e87bbb 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -29,6 +29,7 @@ #include "providers/ipa/ipa_common.h" #include "providers/ldap/sdap_async_private.h" #include "util/sss_krb5.h" +#include "db/sysdb_services.h" struct dp_option ipa_basic_opts[] = { { "ipa_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING }, @@ -63,6 +64,7 @@ struct dp_option ipa_def_ldap_opts[] = { { "ldap_sudo_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_sudo_refresh_enabled", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, { "ldap_sudo_refresh_timeout", DP_OPT_NUMBER, { .number = 300 }, NULL_NUMBER }, + { "ldap_service_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_schema", DP_OPT_STRING, { "ipa_v1" }, NULL_STRING }, { "ldap_offline_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER }, { "ldap_force_upper_case_realm", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE }, @@ -197,6 +199,14 @@ struct dp_option ipa_def_krb5_opts[] = { { "krb5_canonicalize", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE } }; +struct sdap_attr_map ipa_service_map[] = { + { "ldap_service_object_class", "ipService", SYSDB_SVC_CLASS, NULL }, + { "ldap_service_name", "cn", SYSDB_NAME, NULL }, + { "ldap_service_port", "ipServicePort", SYSDB_SVC_PORT, NULL }, + { "ldap_service_proto", "ipServiceProtocol", SYSDB_SVC_PROTO, NULL }, + { "ldap_service_entry_usn", NULL, SYSDB_USN, NULL } +}; + int ipa_get_options(TALLOC_CTX *memctx, struct confdb_ctx *cdb, const char *conf_path, @@ -557,6 +567,25 @@ int ipa_get_id_options(struct ipa_options *ipa_opts, } } + if (NULL == dp_opt_get_string(ipa_opts->id->basic, + SDAP_SERVICE_SEARCH_BASE)) { + ret = dp_opt_set_string(ipa_opts->id->basic, SDAP_SERVICE_SEARCH_BASE, + dp_opt_get_string(ipa_opts->id->basic, + SDAP_SEARCH_BASE)); + if (ret != EOK) { + goto done; + } + + DEBUG(6, ("Option %s set to %s\n", + ipa_opts->id->basic[SDAP_GROUP_SEARCH_BASE].opt_name, + dp_opt_get_string(ipa_opts->id->basic, + SDAP_GROUP_SEARCH_BASE))); + } + ret = sdap_parse_search_base(ipa_opts->id, ipa_opts->id->basic, + SDAP_SERVICE_SEARCH_BASE, + &ipa_opts->id->service_search_bases); + if (ret != EOK) goto done; + ret = sdap_get_map(ipa_opts->id, cdb, conf_path, ipa_attr_map, SDAP_AT_GENERAL, @@ -601,6 +630,15 @@ int ipa_get_id_options(struct ipa_options *ipa_opts, goto done; } + ret = sdap_get_map(ipa_opts->id, + cdb, conf_path, + ipa_service_map, + IPA_OPTS_HOST, + &ipa_opts->id->service_map); + if (ret != EOK) { + goto done; + } + ret = EOK; *_opts = ipa_opts->id; diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h index 238fdeea..9cbd993f 100644 --- a/src/providers/ipa/ipa_common.h +++ b/src/providers/ipa/ipa_common.h @@ -35,7 +35,9 @@ struct ipa_service { /* the following defines are used to keep track of the options in the ldap * module, so that if they change and ipa is not updated correspondingly * this will trigger a runtime abort error */ -#define IPA_OPTS_BASIC_TEST 59 +#define IPA_OPTS_BASIC_TEST 60 + +#define IPA_OPTS_SVC_TEST 5 /* the following define is used to keep track of the options in the krb5 * module, so that if they change and ipa is not updated correspondingly diff --git a/src/tests/ipa_ldap_opt-tests.c b/src/tests/ipa_ldap_opt-tests.c index 574aa091..121a0610 100644 --- a/src/tests/ipa_ldap_opt-tests.c +++ b/src/tests/ipa_ldap_opt-tests.c @@ -77,6 +77,7 @@ END_TEST START_TEST(test_check_num_opts) { fail_if(IPA_OPTS_BASIC_TEST != SDAP_OPTS_BASIC); + fail_if(IPA_OPTS_SVC_TEST != SDAP_OPTS_SERVICES); fail_if(IPA_KRB5_OPTS_TEST != KRB5_OPTS); } END_TEST |