From ada45cd38a73b1b196db459849fcc19781bc06fc Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Wed, 6 Dec 2017 16:26:15 +0100
Subject: [PATCH 72/83] SDAP: Rename sdap_posix_check to sdap_gc_posix_check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Because searching the LDAP port of Active Directory server with a NULL
search base yields an error:
https://technet.microsoft.com/en-us/library/cc755809(v=ws.10).aspx
we changed the POSIX check request to only run against a GC connection
in a previous patch. To make it clearer to the caller that this request
should only be used with a GC connection, this patch renames the
request.
There are no functional changes in this patch.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit ba8a92bbd59f189bd1323dd0c4010cdfc694be35)
---
src/providers/ldap/ldap_id.c | 20 +++++++--------
src/providers/ldap/sdap_async.c | 48 ++++++++++++++++++------------------
src/providers/ldap/sdap_async.h | 16 ++++++++----
src/providers/ldap/sdap_async_enum.c | 10 ++++----
4 files changed, 50 insertions(+), 44 deletions(-)
diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c
index b5ac3a749113a281fe8a5564ac341ced0570eded..3824f8f9aa8d2892664f1182376bedf6fb8627f6 100644
--- a/src/providers/ldap/ldap_id.c
+++ b/src/providers/ldap/ldap_id.c
@@ -415,10 +415,10 @@ static void users_get_connect_done(struct tevent_req *subreq)
state->conn,
state->use_id_mapping,
!state->non_posix)) {
- subreq = sdap_posix_check_send(state, state->ev, state->ctx->opts,
- sdap_id_op_handle(state->op),
- dp_opt_get_int(state->ctx->opts->basic,
- SDAP_SEARCH_TIMEOUT));
+ subreq = sdap_gc_posix_check_send(state, state->ev, state->ctx->opts,
+ sdap_id_op_handle(state->op),
+ dp_opt_get_int(state->ctx->opts->basic,
+ SDAP_SEARCH_TIMEOUT));
if (subreq == NULL) {
tevent_req_error(req, ENOMEM);
return;
@@ -441,7 +441,7 @@ static void users_get_posix_check_done(struct tevent_req *subreq)
struct users_get_state *state = tevent_req_data(req,
struct users_get_state);
- ret = sdap_posix_check_recv(subreq, &has_posix);
+ ret = sdap_gc_posix_check_recv(subreq, &has_posix);
talloc_zfree(subreq);
if (ret != EOK) {
/* We can only finish the id_op on error as the connection
@@ -960,10 +960,10 @@ static void groups_get_connect_done(struct tevent_req *subreq)
state->conn,
state->use_id_mapping,
!state->non_posix)) {
- subreq = sdap_posix_check_send(state, state->ev, state->ctx->opts,
- sdap_id_op_handle(state->op),
- dp_opt_get_int(state->ctx->opts->basic,
- SDAP_SEARCH_TIMEOUT));
+ subreq = sdap_gc_posix_check_send(state, state->ev, state->ctx->opts,
+ sdap_id_op_handle(state->op),
+ dp_opt_get_int(state->ctx->opts->basic,
+ SDAP_SEARCH_TIMEOUT));
if (subreq == NULL) {
tevent_req_error(req, ENOMEM);
return;
@@ -985,7 +985,7 @@ static void groups_get_posix_check_done(struct tevent_req *subreq)
struct groups_get_state *state = tevent_req_data(req,
struct groups_get_state);
- ret = sdap_posix_check_recv(subreq, &has_posix);
+ ret = sdap_gc_posix_check_recv(subreq, &has_posix);
talloc_zfree(subreq);
if (ret != EOK) {
/* We can only finish the id_op on error as the connection
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
index 1df0b85f4bda6442d8da66784ad7424306b1f051..a9bea4f80903aeb9d0fdb4d2b8f2acb36d81d6fe 100644
--- a/src/providers/ldap/sdap_async.c
+++ b/src/providers/ldap/sdap_async.c
@@ -2573,12 +2573,12 @@ int sdap_asq_search_recv(struct tevent_req *req,
}
/* ==Posix attribute presence test================================= */
-static void sdap_posix_check_done(struct tevent_req *subreq);
-static errno_t sdap_posix_check_parse(struct sdap_handle *sh,
- struct sdap_msg *msg,
- void *pvt);
+static void sdap_gc_posix_check_done(struct tevent_req *subreq);
+static errno_t sdap_gc_posix_check_parse(struct sdap_handle *sh,
+ struct sdap_msg *msg,
+ void *pvt);
-struct sdap_posix_check_state {
+struct sdap_gc_posix_check_state {
struct tevent_context *ev;
struct sdap_options *opts;
struct sdap_handle *sh;
@@ -2591,16 +2591,16 @@ struct sdap_posix_check_state {
};
struct tevent_req *
-sdap_posix_check_send(TALLOC_CTX *memctx, struct tevent_context *ev,
- struct sdap_options *opts, struct sdap_handle *sh,
- int timeout)
+sdap_gc_posix_check_send(TALLOC_CTX *memctx, struct tevent_context *ev,
+ struct sdap_options *opts, struct sdap_handle *sh,
+ int timeout)
{
struct tevent_req *req = NULL;
struct tevent_req *subreq = NULL;
- struct sdap_posix_check_state *state;
+ struct sdap_gc_posix_check_state *state;
errno_t ret;
- req = tevent_req_create(memctx, &state, struct sdap_posix_check_state);
+ req = tevent_req_create(memctx, &state, struct sdap_gc_posix_check_state);
if (req == NULL) {
return NULL;
}
@@ -2636,13 +2636,13 @@ sdap_posix_check_send(TALLOC_CTX *memctx, struct tevent_context *ev,
LDAP_SCOPE_SUBTREE, state->filter,
state->attrs,
NULL, NULL, 1, state->timeout,
- sdap_posix_check_parse, state,
+ sdap_gc_posix_check_parse, state,
SDAP_SRCH_FLG_SIZELIMIT_SILENT);
if (subreq == NULL) {
ret = ENOMEM;
goto fail;
}
- tevent_req_set_callback(subreq, sdap_posix_check_done, req);
+ tevent_req_set_callback(subreq, sdap_gc_posix_check_done, req);
return req;
@@ -2652,13 +2652,13 @@ fail:
return req;
}
-static errno_t sdap_posix_check_parse(struct sdap_handle *sh,
- struct sdap_msg *msg,
- void *pvt)
+static errno_t sdap_gc_posix_check_parse(struct sdap_handle *sh,
+ struct sdap_msg *msg,
+ void *pvt)
{
struct berval **vals = NULL;
- struct sdap_posix_check_state *state =
- talloc_get_type(pvt, struct sdap_posix_check_state);
+ struct sdap_gc_posix_check_state *state =
+ talloc_get_type(pvt, struct sdap_gc_posix_check_state);
char *dn;
char *endptr;
@@ -2700,12 +2700,12 @@ done:
return EOK;
}
-static void sdap_posix_check_done(struct tevent_req *subreq)
+static void sdap_gc_posix_check_done(struct tevent_req *subreq)
{
struct tevent_req *req = tevent_req_callback_data(subreq,
struct tevent_req);
- struct sdap_posix_check_state *state =
- tevent_req_data(req, struct sdap_posix_check_state);
+ struct sdap_gc_posix_check_state *state =
+ tevent_req_data(req, struct sdap_gc_posix_check_state);
errno_t ret;
ret = sdap_get_generic_ext_recv(subreq, NULL, NULL, NULL);
@@ -2730,11 +2730,11 @@ static void sdap_posix_check_done(struct tevent_req *subreq)
tevent_req_done(req);
}
-int sdap_posix_check_recv(struct tevent_req *req,
- bool *_has_posix)
+int sdap_gc_posix_check_recv(struct tevent_req *req,
+ bool *_has_posix)
{
- struct sdap_posix_check_state *state = tevent_req_data(req,
- struct sdap_posix_check_state);
+ struct sdap_gc_posix_check_state *state = tevent_req_data(req,
+ struct sdap_gc_posix_check_state);
TEVENT_REQ_RETURN_ON_ERROR(req);
diff --git a/src/providers/ldap/sdap_async.h b/src/providers/ldap/sdap_async.h
index 7216ba032e551196cf5258b4e58fbfc8cfe417ea..26f13e38bf6dff08a8cd0e6b3b5282effda80c9e 100644
--- a/src/providers/ldap/sdap_async.h
+++ b/src/providers/ldap/sdap_async.h
@@ -266,13 +266,19 @@ int sdap_deref_search_recv(struct tevent_req *req,
size_t *reply_count,
struct sdap_deref_attrs ***reply);
+/*
+ * This request should only be ran against a Global Catalog connection
+ * because it uses a NULL search base to search all domains in the forest,
+ * which would return an error with an LDAP port:
+ * https://technet.microsoft.com/en-us/library/cc755809(v=ws.10).aspx
+ */
struct tevent_req *
-sdap_posix_check_send(TALLOC_CTX *memctx, struct tevent_context *ev,
- struct sdap_options *opts, struct sdap_handle *sh,
- int timeout);
+sdap_gc_posix_check_send(TALLOC_CTX *memctx, struct tevent_context *ev,
+ struct sdap_options *opts, struct sdap_handle *sh,
+ int timeout);
-int sdap_posix_check_recv(struct tevent_req *req,
- bool *_has_posix);
+int sdap_gc_posix_check_recv(struct tevent_req *req,
+ bool *_has_posix);
struct tevent_req *
sdap_sd_search_send(TALLOC_CTX *memctx,
diff --git a/src/providers/ldap/sdap_async_enum.c b/src/providers/ldap/sdap_async_enum.c
index ec0c679823a8cd9820bb978f77799a3f86621271..ea9d51adc7f94145cd7e689893bf7fd81028c5bb 100644
--- a/src/providers/ldap/sdap_async_enum.c
+++ b/src/providers/ldap/sdap_async_enum.c
@@ -200,10 +200,10 @@ static void sdap_dom_enum_ex_get_users(struct tevent_req *subreq)
state->user_conn,
use_id_mapping,
true)) {
- subreq = sdap_posix_check_send(state, state->ev, state->ctx->opts,
- sdap_id_op_handle(state->user_op),
- dp_opt_get_int(state->ctx->opts->basic,
- SDAP_SEARCH_TIMEOUT));
+ subreq = sdap_gc_posix_check_send(state, state->ev, state->ctx->opts,
+ sdap_id_op_handle(state->user_op),
+ dp_opt_get_int(state->ctx->opts->basic,
+ SDAP_SEARCH_TIMEOUT));
if (subreq == NULL) {
tevent_req_error(req, ENOMEM);
return;
@@ -233,7 +233,7 @@ static void sdap_dom_enum_ex_posix_check_done(struct tevent_req *subreq)
struct sdap_dom_enum_ex_state *state = tevent_req_data(req,
struct sdap_dom_enum_ex_state);
- ret = sdap_posix_check_recv(subreq, &has_posix);
+ ret = sdap_gc_posix_check_recv(subreq, &has_posix);
talloc_zfree(subreq);
if (ret != EOK && ret != ERR_NO_POSIX) {
/* We can only finish the id_op on error as the connection
--
2.14.3