From fb9a42d952924b5ff084a103d43b6192c4ff0c1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= Date: Thu, 15 Aug 2019 13:51:59 +0200 Subject: [PATCH 83/90] ldap: add base_dn to sdap_search_bases MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit To implement cases where we need to search a specific dn but we need to filter the result with configured filters. Resolves: https://pagure.io/SSSD/sssd/issue/2607 Reviewed-by: Tomáš Halman --- src/providers/ad/ad_subdomains.c | 5 ++-- src/providers/ipa/ipa_subdomains.c | 6 ++--- src/providers/ipa/ipa_subdomains_ext_groups.c | 2 +- src/providers/ipa/ipa_sudo_async.c | 8 +++---- src/providers/ldap/sdap_async_sudo.c | 2 +- src/providers/ldap/sdap_ops.c | 24 ++++++++++++------- src/providers/ldap/sdap_ops.h | 6 +++-- 7 files changed, 31 insertions(+), 22 deletions(-) diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c index 45a8fe0fc..f0b5d59d2 100644 --- a/src/providers/ad/ad_subdomains.c +++ b/src/providers/ad/ad_subdomains.c @@ -1110,7 +1110,7 @@ static void ad_get_slave_domain_connect_done(struct tevent_req *subreq) sdap_id_op_handle(state->sdap_op), state->root_sdom->search_bases, NULL, false, 0, - SLAVE_DOMAIN_FILTER, attrs); + SLAVE_DOMAIN_FILTER, attrs, NULL); if (subreq == NULL) { tevent_req_error(req, ret); return; @@ -1304,7 +1304,8 @@ ad_get_root_domain_send(TALLOC_CTX *mem_ctx, subreq = sdap_search_bases_return_first_send(state, ev, opts, sh, opts->sdom->search_bases, - NULL, false, 0, filter, attrs); + NULL, false, 0, filter, attrs, + NULL); if (subreq == NULL) { ret = ENOMEM; goto immediately; diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c index 3a17c851d..322420264 100644 --- a/src/providers/ipa/ipa_subdomains.c +++ b/src/providers/ipa/ipa_subdomains.c @@ -1005,7 +1005,7 @@ ipa_subdomains_ranges_send(TALLOC_CTX *mem_ctx, subreq = sdap_search_bases_send(state, ev, sd_ctx->sdap_id_ctx->opts, sh, sd_ctx->ranges_search_bases, NULL, false, - 0, RANGE_FILTER, attrs); + 0, RANGE_FILTER, attrs, NULL); if (subreq == NULL) { ret = ENOMEM; goto immediately; @@ -1251,7 +1251,7 @@ ipa_subdomains_master_send(TALLOC_CTX *mem_ctx, subreq = sdap_search_bases_return_first_send(state, ev, sd_ctx->sdap_id_ctx->opts, sh, sd_ctx->master_search_bases, NULL, false, - 0, MASTER_DOMAIN_FILTER, attrs); + 0, MASTER_DOMAIN_FILTER, attrs, NULL); if (subreq == NULL) { ret = ENOMEM; goto immediately; @@ -1397,7 +1397,7 @@ ipa_subdomains_slave_send(TALLOC_CTX *mem_ctx, subreq = sdap_search_bases_send(state, ev, sd_ctx->sdap_id_ctx->opts, sh, sd_ctx->search_bases, NULL, false, - 0, SUBDOMAINS_FILTER, attrs); + 0, SUBDOMAINS_FILTER, attrs, NULL); if (subreq == NULL) { ret = ENOMEM; goto immediately; diff --git a/src/providers/ipa/ipa_subdomains_ext_groups.c b/src/providers/ipa/ipa_subdomains_ext_groups.c index 75963bef1..cd80048b3 100644 --- a/src/providers/ipa/ipa_subdomains_ext_groups.c +++ b/src/providers/ipa/ipa_subdomains_ext_groups.c @@ -545,7 +545,7 @@ static void ipa_get_ad_memberships_connect_done(struct tevent_req *subreq) dp_opt_get_int(state->sdap_id_ctx->opts->basic, SDAP_ENUM_SEARCH_TIMEOUT), IPA_EXT_GROUPS_FILTER, - NULL); + NULL, NULL); if (subreq == NULL) { DEBUG(SSSDBG_OP_FAILURE, "sdap_get_generic_send failed.\n"); ret = ENOMEM; diff --git a/src/providers/ipa/ipa_sudo_async.c b/src/providers/ipa/ipa_sudo_async.c index 060687c77..19bcd94c9 100644 --- a/src/providers/ipa/ipa_sudo_async.c +++ b/src/providers/ipa/ipa_sudo_async.c @@ -492,7 +492,7 @@ ipa_sudo_fetch_addtl_cmdgroups(struct tevent_req *req) subreq = sdap_search_bases_send(state, state->ev, state->sdap_opts, state->sh, state->sudo_sb, map, true, 0, - filter, NULL); + filter, NULL, NULL); if (subreq == NULL) { return ENOMEM; } @@ -582,7 +582,7 @@ ipa_sudo_fetch_rules(struct tevent_req *req) subreq = sdap_search_bases_send(state, state->ev, state->sdap_opts, state->sh, state->sudo_sb, map, true, 0, - filter, NULL); + filter, NULL, NULL); if (subreq == NULL) { return ENOMEM; } @@ -662,7 +662,7 @@ ipa_sudo_fetch_cmdgroups(struct tevent_req *req) subreq = sdap_search_bases_send(state, state->ev, state->sdap_opts, state->sh, state->sudo_sb, state->map_cmdgroup, true, 0, - filter, NULL); + filter, NULL, NULL); if (subreq == NULL) { return ENOMEM; } @@ -742,7 +742,7 @@ ipa_sudo_fetch_cmds(struct tevent_req *req) subreq = sdap_search_bases_send(state, state->ev, state->sdap_opts, state->sh, state->sudo_sb, state->map_cmd, true, 0, - filter, NULL); + filter, NULL, NULL); if (subreq == NULL) { return ENOMEM; } diff --git a/src/providers/ldap/sdap_async_sudo.c b/src/providers/ldap/sdap_async_sudo.c index 5ccfad61f..c19ee87c2 100644 --- a/src/providers/ldap/sdap_async_sudo.c +++ b/src/providers/ldap/sdap_async_sudo.c @@ -75,7 +75,7 @@ sdap_sudo_load_sudoers_send(TALLOC_CTX *mem_ctx, subreq = sdap_search_bases_send(state, ev, opts, sh, sb, opts->sudorule_map, true, 0, - ldap_filter, NULL); + ldap_filter, NULL, NULL); if (subreq == NULL) { ret = ENOMEM; goto immediately; diff --git a/src/providers/ldap/sdap_ops.c b/src/providers/ldap/sdap_ops.c index a90857469..2125b21aa 100644 --- a/src/providers/ldap/sdap_ops.c +++ b/src/providers/ldap/sdap_ops.c @@ -37,6 +37,7 @@ struct sdap_search_bases_ex_state { int timeout; bool allow_paging; bool return_first_reply; + const char *base_dn; size_t base_iter; struct sdap_search_base *cur_base; @@ -60,7 +61,8 @@ sdap_search_bases_ex_send(TALLOC_CTX *mem_ctx, bool return_first_reply, int timeout, const char *filter, - const char **attrs) + const char **attrs, + const char *base_dn) { struct tevent_req *req; struct sdap_search_bases_ex_state *state; @@ -86,6 +88,7 @@ sdap_search_bases_ex_send(TALLOC_CTX *mem_ctx, state->attrs = attrs; state->allow_paging = allow_paging; state->return_first_reply = return_first_reply; + state->base_dn = base_dn; state->timeout = timeout == 0 ? dp_opt_get_int(opts->basic, SDAP_SEARCH_TIMEOUT) @@ -133,6 +136,7 @@ static errno_t sdap_search_bases_ex_next_base(struct tevent_req *req) { struct sdap_search_bases_ex_state *state; struct tevent_req *subreq; + const char *base_dn; char *filter; state = tevent_req_data(req, struct sdap_search_bases_ex_state); @@ -148,12 +152,12 @@ static errno_t sdap_search_bases_ex_next_base(struct tevent_req *req) return ENOMEM; } - DEBUG(SSSDBG_TRACE_FUNC, "Issuing LDAP lookup with base [%s]\n", - state->cur_base->basedn); + base_dn = state->base_dn != NULL ? state->base_dn : state->cur_base->basedn; + + DEBUG(SSSDBG_TRACE_FUNC, "Issuing LDAP lookup with base [%s]\n", base_dn); subreq = sdap_get_generic_send(state, state->ev, state->opts, state->sh, - state->cur_base->basedn, - state->cur_base->scope, filter, + base_dn, state->cur_base->scope, filter, state->attrs, state->map, state->map_num_attrs, state->timeout, state->allow_paging); @@ -253,11 +257,12 @@ sdap_search_bases_send(TALLOC_CTX *mem_ctx, bool allow_paging, int timeout, const char *filter, - const char **attrs) + const char **attrs, + const char *base_dn) { return sdap_search_bases_ex_send(mem_ctx, ev, opts, sh, bases, map, allow_paging, false, timeout, - filter, attrs); + filter, attrs, base_dn); } int sdap_search_bases_recv(struct tevent_req *req, @@ -278,11 +283,12 @@ sdap_search_bases_return_first_send(TALLOC_CTX *mem_ctx, bool allow_paging, int timeout, const char *filter, - const char **attrs) + const char **attrs, + const char *base_dn) { return sdap_search_bases_ex_send(mem_ctx, ev, opts, sh, bases, map, allow_paging, true, timeout, - filter, attrs); + filter, attrs, base_dn); } int sdap_search_bases_return_first_recv(struct tevent_req *req, diff --git a/src/providers/ldap/sdap_ops.h b/src/providers/ldap/sdap_ops.h index cc9de00d2..648a2b68c 100644 --- a/src/providers/ldap/sdap_ops.h +++ b/src/providers/ldap/sdap_ops.h @@ -34,7 +34,8 @@ struct tevent_req *sdap_search_bases_send(TALLOC_CTX *mem_ctx, bool allow_paging, int timeout, const char *filter, - const char **attrs); + const char **attrs, + const char *base_dn); int sdap_search_bases_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, @@ -51,7 +52,8 @@ sdap_search_bases_return_first_send(TALLOC_CTX *mem_ctx, bool allow_paging, int timeout, const char *filter, - const char **attrs); + const char **attrs, + const char *base_dn); int sdap_search_bases_return_first_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, -- 2.20.1