dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone
Source Code
GIT

Blame SOURCES/0166-IPA-resolve-missing-members.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s
  1.   905b4de0e68274ed1d28be199df37121524b2919
  2.   SOURCES
  3.   0166-IPA-resolve-missing-members.patch
Blob History Raw
905b4d 
From 7dfe969cb2c9e116eaeb1813e2c1adb80195944e Mon Sep 17 00:00:00 2001
905b4d 
From: Sumit Bose <sbose@redhat.com>
905b4d 
Date: Fri, 5 Dec 2014 11:12:42 +0100
905b4d 
Subject: [PATCH 166/167] IPA: resolve missing members
905b4d
905b4d 
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
905b4d 
(cherry picked from commit 3cd287313d93e29f9754feb46017dba2a039affd)
905b4d 
---
905b4d 
 src/providers/ipa/ipa_s2n_exop.c | 62 +++++++++++++++++++++++++++++++---------
905b4d 
 1 file changed, 48 insertions(+), 14 deletions(-)
905b4d
905b4d 
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
905b4d 
index 505c2325f2a74e26816bb59ad3c7d4810cc64dbf..0aa12f371e8aa0d58311391a27c668aa929a5b80 100644
905b4d 
--- a/src/providers/ipa/ipa_s2n_exop.c
905b4d 
+++ b/src/providers/ipa/ipa_s2n_exop.c
905b4d 
@@ -886,6 +886,8 @@ struct ipa_s2n_get_fqlist_state {
905b4d 
     char **fqname_list;
905b4d 
     size_t fqname_idx;
905b4d 
     int exop_timeout;
905b4d 
+    int entry_type;
905b4d 
+    enum request_types request_type;
905b4d 
     struct resp_attrs *attrs;
905b4d 
     struct sss_domain_info *obj_domain;
905b4d 
     struct sysdb_attrs *override_attrs;
905b4d 
@@ -897,12 +899,14 @@ static void ipa_s2n_get_fqlist_next(struct tevent_req *subreq);
905b4d 
 static errno_t ipa_s2n_get_fqlist_save_step(struct tevent_req *req);
905b4d
905b4d 
 static struct tevent_req *ipa_s2n_get_fqlist_send(TALLOC_CTX *mem_ctx,
905b4d 
-                                                  struct tevent_context *ev,
905b4d 
-                                                  struct ipa_id_ctx *ipa_ctx,
905b4d 
-                                                  struct sss_domain_info *dom,
905b4d 
-                                                  struct sdap_handle *sh,
905b4d 
-                                                  int exop_timeout,
905b4d 
-                                                  char **fqname_list)
905b4d 
+                                                struct tevent_context *ev,
905b4d 
+                                                struct ipa_id_ctx *ipa_ctx,
905b4d 
+                                                struct sss_domain_info *dom,
905b4d 
+                                                struct sdap_handle *sh,
905b4d 
+                                                int exop_timeout,
905b4d 
+                                                int entry_type,
905b4d 
+                                                enum request_types request_type,
905b4d 
+                                                char **fqname_list)
905b4d 
 {
905b4d 
     int ret;
905b4d 
     struct ipa_s2n_get_fqlist_state *state;
905b4d 
@@ -922,6 +926,8 @@ static struct tevent_req *ipa_s2n_get_fqlist_send(TALLOC_CTX *mem_ctx,
905b4d 
     state->req_input.type = REQ_INP_NAME;
905b4d 
     state->req_input.inp.name = NULL;
905b4d 
     state->exop_timeout = exop_timeout;
905b4d 
+    state->entry_type = entry_type;
905b4d 
+    state->request_type = request_type;
905b4d 
     state->attrs = NULL;
905b4d 
     state->override_attrs = NULL;
905b4d
905b4d 
@@ -976,8 +982,8 @@ static errno_t ipa_s2n_get_fqlist_step(struct tevent_req *req)
905b4d
905b4d 
     state->req_input.inp.name = short_name;
905b4d
905b4d 
-    ret = s2n_encode_request(state, state->obj_domain->name, BE_REQ_GROUP,
905b4d 
-                             REQ_FULL_WITH_MEMBERS,
905b4d 
+    ret = s2n_encode_request(state, state->obj_domain->name, state->entry_type,
905b4d 
+                             state->request_type,
905b4d 
                              &state->req_input, &bv_req);
905b4d 
     if (ret != EOK) {
905b4d 
         DEBUG(SSSDBG_OP_FAILURE, "s2n_encode_request failed.\n");
905b4d 
@@ -1439,7 +1445,7 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq)
905b4d 
     struct berval *retdata = NULL;
905b4d 
     struct resp_attrs *attrs = NULL;
905b4d 
     struct berval *bv_req = NULL;
905b4d 
-    char **missing_groups = NULL;
905b4d 
+    char **missing_list = NULL;
905b4d 
     struct ldb_dn **group_dn_list = NULL;
905b4d 
     const char *sid_str;
905b4d 
     struct be_acct_req *ar;
905b4d 
@@ -1478,17 +1484,46 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq)
905b4d 
         if (attrs->response_type == RESP_USER_GROUPLIST) {
905b4d 
             ret = get_group_dn_list(state, state->dom,
905b4d 
                                     attrs->ngroups, attrs->groups,
905b4d 
-                                    &group_dn_list, &missing_groups);
905b4d 
+                                    &group_dn_list, &missing_list);
905b4d 
             if (ret != EOK) {
905b4d 
                 DEBUG(SSSDBG_OP_FAILURE, "get_group_dn_list failed.\n");
905b4d 
                 goto done;
905b4d 
             }
905b4d
905b4d 
-            if (missing_groups != NULL) {
905b4d 
+            if (missing_list != NULL) {
905b4d 
                 subreq = ipa_s2n_get_fqlist_send(state, state->ev,
905b4d 
                                                  state->ipa_ctx, state->dom,
905b4d 
                                                  state->sh, state->exop_timeout,
905b4d 
-                                                 missing_groups);
905b4d 
+                                                 BE_REQ_GROUP,
905b4d 
+                                                 REQ_FULL_WITH_MEMBERS,
905b4d 
+                                                 missing_list);
905b4d 
+                if (subreq == NULL) {
905b4d 
+                    DEBUG(SSSDBG_OP_FAILURE,
905b4d 
+                          "ipa_s2n_get_fqlist_send failed.\n");
905b4d 
+                    ret = ENOMEM;
905b4d 
+                    goto done;
905b4d 
+                }
905b4d 
+                tevent_req_set_callback(subreq, ipa_s2n_get_fqlist_done,
905b4d 
+                                        req);
905b4d 
+
905b4d 
+                return;
905b4d 
+            }
905b4d 
+            break;
905b4d 
+        } else if (attrs->response_type == RESP_GROUP_MEMBERS) {
905b4d 
+            ret = process_members(state->dom, NULL, attrs->a.group.gr_mem,
905b4d 
+                                  state, &missing_list);
905b4d 
+            if (ret != EOK) {
905b4d 
+                DEBUG(SSSDBG_OP_FAILURE, "process_members failed.\n");
905b4d 
+                goto done;
905b4d 
+            }
905b4d 
+
905b4d 
+            if (missing_list != NULL) {
905b4d 
+                subreq = ipa_s2n_get_fqlist_send(state, state->ev,
905b4d 
+                                                 state->ipa_ctx, state->dom,
905b4d 
+                                                 state->sh, state->exop_timeout,
905b4d 
+                                                 BE_REQ_USER,
905b4d 
+                                                 REQ_FULL_WITH_MEMBERS,
905b4d 
+                                                 missing_list);
905b4d 
                 if (subreq == NULL) {
905b4d 
                     DEBUG(SSSDBG_OP_FAILURE,
905b4d 
                           "ipa_s2n_get_fqlist_send failed.\n");
905b4d 
@@ -1503,8 +1538,7 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq)
905b4d 
             break;
905b4d 
         }
905b4d
905b4d 
-        if (state->req_input->type == REQ_INP_SECID
905b4d 
-                || attrs->response_type == RESP_GROUP_MEMBERS) {
905b4d 
+        if (state->req_input->type == REQ_INP_SECID) {
905b4d 
             /* We already know the SID, we do not have to read it. */
905b4d 
             break;
905b4d 
         }
905b4d 
--
905b4d 
2.1.0
905b4d

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation