rpms / sssd

Clone
Source Code
GIT

Blame SOURCES/0071-SDAP-Search-with-a-NULL-search-base-when-looking-up-.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   ced1f5999da391400b61715bbeadd618c57a1623
  2.   SOURCES
  3.   0071-SDAP-Search-with-a-NULL-search-base-when-looking-up-.patch
Blob History Raw
ced1f5 
From c7003e815aca1c28953c3dc55311ffc3f2d4ab28 Mon Sep 17 00:00:00 2001
ced1f5 
From: Jakub Hrozek <jhrozek@redhat.com>
ced1f5 
Date: Sun, 12 Nov 2017 19:24:01 +0100
ced1f5 
Subject: [PATCH 71/83] SDAP: Search with a NULL search base when looking up an
ced1f5 
 ID in the Global Catalog
ced1f5 
MIME-Version: 1.0
ced1f5 
Content-Type: text/plain; charset=UTF-8
ced1f5 
Content-Transfer-Encoding: 8bit
ced1f5
ced1f5 
The posix_check request is used to determine whether domains in the forest
ced1f5 
replicate the POSIX attributes into the Global Catalog. And since the
ced1f5 
schema modification that replicates the attributes is not per-domain, but
ced1f5 
per-forest, we don't need to iterate over search bases when checking for
ced1f5 
the POSIX attribute presence. It is OK to just search with a NULL search
ced1f5 
base (and it's what Windows clients do, too).
ced1f5
ced1f5 
Additionally, searching over the whole GC will come handy when implementing
ced1f5 
the request that located an account's domain.
ced1f5
ced1f5 
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
ced1f5 
Reviewed-by: Sumit Bose <sbose@redhat.com>
ced1f5 
(cherry picked from commit 6ae22d9adc0b075361defc99b8f14480ba8e7b46)
ced1f5 
---
ced1f5 
 src/providers/ldap/ldap_id.c         |  2 --
ced1f5 
 src/providers/ldap/sdap_async.c      | 51 +++++++-----------------------------
ced1f5 
 src/providers/ldap/sdap_async.h      |  1 -
ced1f5 
 src/providers/ldap/sdap_async_enum.c |  1 -
ced1f5 
 4 files changed, 10 insertions(+), 45 deletions(-)
ced1f5
ced1f5 
diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c
ced1f5 
index 47969a9749253721334a20f46230f7aecea64882..b5ac3a749113a281fe8a5564ac341ced0570eded 100644
ced1f5 
--- a/src/providers/ldap/ldap_id.c
ced1f5 
+++ b/src/providers/ldap/ldap_id.c
ced1f5 
@@ -417,7 +417,6 @@ static void users_get_connect_done(struct tevent_req *subreq)
ced1f5 
                                !state->non_posix)) {
ced1f5 
         subreq = sdap_posix_check_send(state, state->ev, state->ctx->opts,
ced1f5 
                                        sdap_id_op_handle(state->op),
ced1f5 
-                                       state->sdom->user_search_bases,
ced1f5 
                                        dp_opt_get_int(state->ctx->opts->basic,
ced1f5 
                                                       SDAP_SEARCH_TIMEOUT));
ced1f5 
         if (subreq == NULL) {
ced1f5 
@@ -963,7 +962,6 @@ static void groups_get_connect_done(struct tevent_req *subreq)
ced1f5 
                                !state->non_posix)) {
ced1f5 
         subreq = sdap_posix_check_send(state, state->ev, state->ctx->opts,
ced1f5 
                                        sdap_id_op_handle(state->op),
ced1f5 
-                                       state->sdom->user_search_bases,
ced1f5 
                                        dp_opt_get_int(state->ctx->opts->basic,
ced1f5 
                                                       SDAP_SEARCH_TIMEOUT));
ced1f5 
         if (subreq == NULL) {
ced1f5 
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
ced1f5 
index 246e12a1f386da1841963d5c1d1c4d2870cc1b6b..1df0b85f4bda6442d8da66784ad7424306b1f051 100644
ced1f5 
--- a/src/providers/ldap/sdap_async.c
ced1f5 
+++ b/src/providers/ldap/sdap_async.c
ced1f5 
@@ -2573,7 +2573,6 @@ int sdap_asq_search_recv(struct tevent_req *req,
ced1f5 
 }
ced1f5
ced1f5 
 /* ==Posix attribute presence test================================= */
ced1f5 
-static errno_t sdap_posix_check_next(struct tevent_req *req);
ced1f5 
 static void sdap_posix_check_done(struct tevent_req *subreq);
ced1f5 
 static errno_t sdap_posix_check_parse(struct sdap_handle *sh,
ced1f5 
                                       struct sdap_msg *msg,
ced1f5 
@@ -2583,12 +2582,10 @@ struct sdap_posix_check_state {
ced1f5 
     struct tevent_context *ev;
ced1f5 
     struct sdap_options *opts;
ced1f5 
     struct sdap_handle *sh;
ced1f5 
-    struct sdap_search_base **search_bases;
ced1f5 
     int timeout;
ced1f5
ced1f5 
     const char **attrs;
ced1f5 
     const char *filter;
ced1f5 
-    size_t base_iter;
ced1f5
ced1f5 
     bool has_posix;
ced1f5 
 };
ced1f5 
@@ -2596,10 +2593,10 @@ struct sdap_posix_check_state {
ced1f5 
 struct tevent_req *
ced1f5 
 sdap_posix_check_send(TALLOC_CTX *memctx, struct tevent_context *ev,
ced1f5 
                       struct sdap_options *opts, struct sdap_handle *sh,
ced1f5 
-                      struct sdap_search_base **search_bases,
ced1f5 
                       int timeout)
ced1f5 
 {
ced1f5 
     struct tevent_req *req = NULL;
ced1f5 
+    struct tevent_req *subreq = NULL;
ced1f5 
     struct sdap_posix_check_state *state;
ced1f5 
     errno_t ret;
ced1f5
ced1f5 
@@ -2610,7 +2607,6 @@ sdap_posix_check_send(TALLOC_CTX *memctx, struct tevent_context *ev,
ced1f5 
     state->ev = ev;
ced1f5 
     state->sh = sh;
ced1f5 
     state->opts = opts;
ced1f5 
-    state->search_bases = search_bases;
ced1f5 
     state->timeout = timeout;
ced1f5
ced1f5 
     state->attrs = talloc_array(state, const char *, 4);
ced1f5 
@@ -2634,43 +2630,26 @@ sdap_posix_check_send(TALLOC_CTX *memctx, struct tevent_context *ev,
ced1f5 
         goto fail;
ced1f5 
     }
ced1f5
ced1f5 
-    ret = sdap_posix_check_next(req);
ced1f5 
-    if (ret != EOK) {
ced1f5 
-        goto fail;
ced1f5 
-    }
ced1f5 
-
ced1f5 
-    return req;
ced1f5 
-
ced1f5 
-fail:
ced1f5 
-    tevent_req_error(req, ret);
ced1f5 
-    tevent_req_post(req, ev);
ced1f5 
-    return req;
ced1f5 
-}
ced1f5 
-
ced1f5 
-static errno_t sdap_posix_check_next(struct tevent_req *req)
ced1f5 
-{
ced1f5 
-    struct tevent_req *subreq = NULL;
ced1f5 
-    struct sdap_posix_check_state *state =
ced1f5 
-        tevent_req_data(req, struct sdap_posix_check_state);
ced1f5 
-
ced1f5 
-    DEBUG(SSSDBG_TRACE_FUNC,
ced1f5 
-          "Searching for POSIX attributes with base [%s]\n",
ced1f5 
-           state->search_bases[state->base_iter]->basedn);
ced1f5 
-
ced1f5 
     subreq = sdap_get_generic_ext_send(state, state->ev, state->opts,
ced1f5 
                                  state->sh,
ced1f5 
-                                 state->search_bases[state->base_iter]->basedn,
ced1f5 
+                                 "",
ced1f5 
                                  LDAP_SCOPE_SUBTREE, state->filter,
ced1f5 
                                  state->attrs,
ced1f5 
                                  NULL, NULL, 1, state->timeout,
ced1f5 
                                  sdap_posix_check_parse, state,
ced1f5 
                                  SDAP_SRCH_FLG_SIZELIMIT_SILENT);
ced1f5 
     if (subreq == NULL) {
ced1f5 
-        return ENOMEM;
ced1f5 
+        ret = ENOMEM;
ced1f5 
+        goto fail;
ced1f5 
     }
ced1f5 
     tevent_req_set_callback(subreq, sdap_posix_check_done, req);
ced1f5
ced1f5 
-    return EOK;
ced1f5 
+    return req;
ced1f5 
+
ced1f5 
+fail:
ced1f5 
+    tevent_req_error(req, ret);
ced1f5 
+    tevent_req_post(req, ev);
ced1f5 
+    return req;
ced1f5 
 }
ced1f5
ced1f5 
 static errno_t sdap_posix_check_parse(struct sdap_handle *sh,
ced1f5 
@@ -2746,16 +2725,6 @@ static void sdap_posix_check_done(struct tevent_req *subreq)
ced1f5 
         return;
ced1f5 
     }
ced1f5
ced1f5 
-    state->base_iter++;
ced1f5 
-    if (state->search_bases[state->base_iter]) {
ced1f5 
-        /* There are more search bases to try */
ced1f5 
-        ret = sdap_posix_check_next(req);
ced1f5 
-        if (ret != EOK) {
ced1f5 
-            tevent_req_error(req, ret);
ced1f5 
-        }
ced1f5 
-        return;
ced1f5 
-    }
ced1f5 
-
ced1f5 
     /* All bases done! */
ced1f5 
     DEBUG(SSSDBG_TRACE_LIBS, "Cycled through all bases\n");
ced1f5 
     tevent_req_done(req);
ced1f5 
diff --git a/src/providers/ldap/sdap_async.h b/src/providers/ldap/sdap_async.h
ced1f5 
index 6e5800b42ba4a045fa7985b09a80b6b86b8c6055..7216ba032e551196cf5258b4e58fbfc8cfe417ea 100644
ced1f5 
--- a/src/providers/ldap/sdap_async.h
ced1f5 
+++ b/src/providers/ldap/sdap_async.h
ced1f5 
@@ -269,7 +269,6 @@ int sdap_deref_search_recv(struct tevent_req *req,
ced1f5 
 struct tevent_req *
ced1f5 
 sdap_posix_check_send(TALLOC_CTX *memctx, struct tevent_context *ev,
ced1f5 
                       struct sdap_options *opts, struct sdap_handle *sh,
ced1f5 
-                      struct sdap_search_base **search_bases,
ced1f5 
                       int timeout);
ced1f5
ced1f5 
 int sdap_posix_check_recv(struct tevent_req *req,
ced1f5 
diff --git a/src/providers/ldap/sdap_async_enum.c b/src/providers/ldap/sdap_async_enum.c
ced1f5 
index baa039d63c71cc5054e6af6538d34d04cde6b858..ec0c679823a8cd9820bb978f77799a3f86621271 100644
ced1f5 
--- a/src/providers/ldap/sdap_async_enum.c
ced1f5 
+++ b/src/providers/ldap/sdap_async_enum.c
ced1f5 
@@ -202,7 +202,6 @@ static void sdap_dom_enum_ex_get_users(struct tevent_req *subreq)
ced1f5 
                                true)) {
ced1f5 
         subreq = sdap_posix_check_send(state, state->ev, state->ctx->opts,
ced1f5 
                                        sdap_id_op_handle(state->user_op),
ced1f5 
-                                       state->sdom->user_search_bases,
ced1f5 
                                        dp_opt_get_int(state->ctx->opts->basic,
ced1f5 
                                                       SDAP_SEARCH_TIMEOUT));
ced1f5 
         if (subreq == NULL) {
ced1f5 
--
ced1f5 
2.14.3
ced1f5

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation