From f2a61159a9d8a73405d5dbc6f74bb176b3ee34c9 Mon Sep 17 00:00:00 2001

From: Sumit Bose <sbose@redhat.com>

Date: Thu, 27 Nov 2014 10:01:40 +0100

Subject: [PATCH 118/128] krb5: make krb5 provider view aware

https://fedorahosted.org/sssd/ticket/2510

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

---

 src/providers/ipa/ipa_subdomains.c | 13 +++++++++++++

 src/providers/krb5/krb5_auth.c     | 18 ++++++++++++------

 2 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c

index 6fdb0befa32f96d01c9b3666a3ef9c8331a83242..d053d46ac4208bd52fcbf524a11243896b849612 100644

--- a/src/providers/ipa/ipa_subdomains.c

+++ b/src/providers/ipa/ipa_subdomains.c

@@ -1174,6 +1174,19 @@ static void ipa_get_view_name_done(struct tevent_req *req)

                 DEBUG(SSSDBG_CRIT_FAILURE, "Cannot copy view name.\n");

             }

         }

+

+        /* TODO: only needed if view changed */

+        ret = sysdb_master_domain_update(ctx->sd_ctx->be_ctx->domain);

+        if (ret != EOK) {

+            DEBUG(SSSDBG_OP_FAILURE, "sysdb_master_domain_update failed.\n");

+            goto done;

+        }

+

+        ret = sysdb_update_subdomains(ctx->sd_ctx->be_ctx->domain);

+        if (ret != EOK) {

+            DEBUG(SSSDBG_OP_FAILURE, "sysdb_update_subdomains failed.\n");

+            goto done;

+        }

     }

     ret = ipa_check_master(ctx);

diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c

index e791aee1c2d83f84ba617db1d5d93948c0e4e2a1..e43b3652786678b79499e30ed546712ef080fe2c 100644

--- a/src/providers/krb5/krb5_auth.c

+++ b/src/providers/krb5/krb5_auth.c

@@ -462,8 +462,8 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,

     }

     kr = state->kr;

-    ret = sysdb_get_user_attr(state, state->domain, state->pd->user, attrs,

-                              &res;;

+    ret = sysdb_get_user_attr_with_views(state, state->domain, state->pd->user,

+                                         attrs, &res;;

     if (ret) {

         DEBUG(SSSDBG_FUNC_DATA,

               "sysdb search for upn of user [%s] failed.\n", pd->user);

@@ -503,14 +503,18 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,

             goto done;

         }

-        kr->homedir = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_HOMEDIR,

-                                                  NULL);

+        kr->homedir = sss_view_ldb_msg_find_attr_as_string(state->domain,

+                                                           res->msgs[0],

+                                                           SYSDB_HOMEDIR,

+                                                           NULL);

         if (kr->homedir == NULL) {

             DEBUG(SSSDBG_CONF_SETTINGS,

                   "Home directory for user [%s] not known.\n", pd->user);

         }

-        kr->uid = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_UIDNUM, 0);

+        kr->uid = sss_view_ldb_msg_find_attr_as_uint64(state->domain,

+                                                       res->msgs[0],

+                                                       SYSDB_UIDNUM, 0);

         if (kr->uid == 0) {

             DEBUG(SSSDBG_CONF_SETTINGS,

                   "UID for user [%s] not known.\n", pd->user);

@@ -518,7 +522,9 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,

             goto done;

         }

-        kr->gid = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_GIDNUM, 0);

+        kr->gid = sss_view_ldb_msg_find_attr_as_uint64(state->domain,

+                                                       res->msgs[0],

+                                                       SYSDB_GIDNUM, 0);

         if (kr->gid == 0) {

             DEBUG(SSSDBG_CONF_SETTINGS,

                   "GID for user [%s] not known.\n", pd->user);

-- 

1.9.3