From f0af52e320e8f1b062701b2eb36b49915a4e8194 Mon Sep 17 00:00:00 2001

From: Jakub Hrozek <jhrozek@redhat.com>

Date: Tue, 6 Jan 2015 13:03:34 +0100

Subject: [PATCH 156/160] GPO: Extract server hostname after connecting

https://fedorahosted.org/sssd/ticket/2543

The LDAP URI is not valid prior to connecting to LDAP. Moreover,

reconnecting to a different server might invalidate the URI.

Move reading the URI after the connection has been established.

Reviewed-by: Sumit Bose <sbose@redhat.com>

(cherry picked from commit ccff8e75940963a0f68f86efcddc37133318abfa)

---

 src/providers/ad/ad_gpo.c | 58 +++++++++++++++++++++++------------------------

 1 file changed, 29 insertions(+), 29 deletions(-)

diff --git a/src/providers/ad/ad_gpo.c b/src/providers/ad/ad_gpo.c

index 083fc8c2cde36bb15d1a1becd3ddac383a4008fe..375ef1d8a7df13911831a55fed5d5a425daaa996 100644

--- a/src/providers/ad/ad_gpo.c

+++ b/src/providers/ad/ad_gpo.c

@@ -1489,8 +1489,6 @@ ad_gpo_access_send(TALLOC_CTX *mem_ctx,

     struct tevent_req *req;

     struct tevent_req *subreq;

     struct ad_gpo_access_state *state;

-    char *server_uri;

-    LDAPURLDesc *lud;

     errno_t ret;

     int hret;

     hash_key_t key;

@@ -1580,33 +1578,6 @@ ad_gpo_access_send(TALLOC_CTX *mem_ctx,

         goto immediately;

     }

-    /* extract server_hostname from server_uri */

-    server_uri = state->conn->service->uri;

-    ret = ldap_url_parse(server_uri, &lud;;

-    if (ret != LDAP_SUCCESS) {

-        DEBUG(SSSDBG_CRIT_FAILURE,

-              "Failed to parse ldap URI (%s)!\n", server_uri);

-        ret = EINVAL;

-        goto immediately;

-    }

-

-    if (lud->lud_host == NULL) {

-        DEBUG(SSSDBG_CRIT_FAILURE,

-              "The LDAP URI (%s) did not contain a host name\n", server_uri);

-        ldap_free_urldesc(lud);

-        ret = EINVAL;

-        goto immediately;

-    }

-

-    state->server_hostname = talloc_strdup(state, lud->lud_host);

-    ldap_free_urldesc(lud);

-    if (!state->server_hostname) {

-        ret = ENOMEM;

-        goto immediately;

-    }

-    DEBUG(SSSDBG_TRACE_ALL, "server_hostname from uri: %s\n",

-          state->server_hostname);

-

     subreq = sdap_id_op_connect_send(state->sdap_op, state, &ret;;

     if (subreq == NULL) {

         DEBUG(SSSDBG_OP_FAILURE,

@@ -1666,6 +1637,8 @@ ad_gpo_connect_done(struct tevent_req *subreq)

     char *domain_dn;

     int dp_error;

     errno_t ret;

+    char *server_uri;

+    LDAPURLDesc *lud;

     const char *attrs[] = {AD_AT_DN, AD_AT_UAC, NULL};

@@ -1702,6 +1675,33 @@ ad_gpo_connect_done(struct tevent_req *subreq)

         }

     }

+    /* extract server_hostname from server_uri */

+    server_uri = state->conn->service->uri;

+    ret = ldap_url_parse(server_uri, &lud;;

+    if (ret != LDAP_SUCCESS) {

+        DEBUG(SSSDBG_CRIT_FAILURE,

+              "Failed to parse ldap URI (%s)!\n", server_uri);

+        ret = EINVAL;

+        goto done;

+    }

+

+    if (lud->lud_host == NULL) {

+        DEBUG(SSSDBG_CRIT_FAILURE,

+              "The LDAP URI (%s) did not contain a host name\n", server_uri);

+        ldap_free_urldesc(lud);

+        ret = EINVAL;

+        goto done;

+    }

+

+    state->server_hostname = talloc_strdup(state, lud->lud_host);

+    ldap_free_urldesc(lud);

+    if (!state->server_hostname) {

+        ret = ENOMEM;

+        goto done;

+    }

+    DEBUG(SSSDBG_TRACE_ALL, "server_hostname from uri: %s\n",

+          state->server_hostname);

+

     sam_account_name = sss_krb5_get_primary(state, "%S$", state->ad_hostname);

     if (sam_account_name == NULL) {

         ret = ENOMEM;

-- 

2.1.0