|
 |
956cae |
From c860682bca53bbafe34b6c22ba151faf18ad2ace Mon Sep 17 00:00:00 2001
|
|
|
956cae |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
956cae |
Date: Thu, 2 Mar 2017 13:52:54 +0100
|
|
|
956cae |
Subject: [PATCH 163/163] UTIL: Store UPN suffixes when creating a new
|
|
|
956cae |
subdomain
|
|
|
956cae |
|
|
|
956cae |
We used to store UPN suffixes pointer into the domain structure only if
|
|
|
956cae |
the domain changed, not when a new domain was created. As an effect, the
|
|
|
956cae |
enterprise principals flag was not enabled unless a domain changed,
|
|
|
956cae |
preventing logins with enterprise principals.
|
|
|
956cae |
|
|
|
956cae |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
956cae |
(cherry picked from commit 8718ff9ccd29f6431bfa8630bfa3576b2692c9ee)
|
|
|
956cae |
---
|
|
|
956cae |
src/db/sysdb_private.h | 1 +
|
|
|
956cae |
src/db/sysdb_subdomains.c | 11 ++++++++++-
|
|
|
956cae |
src/tests/cmocka/test_fqnames.c | 2 +-
|
|
|
956cae |
src/tests/cmocka/test_nss_srv.c | 2 +-
|
|
|
956cae |
src/tests/sysdb-tests.c | 8 ++++----
|
|
|
956cae |
5 files changed, 17 insertions(+), 7 deletions(-)
|
|
|
956cae |
|
|
|
956cae |
diff --git a/src/db/sysdb_private.h b/src/db/sysdb_private.h
|
|
|
956cae |
index b6bf3706e6b9e49d8dd4984f3334b317d17ed9bf..bfd24799950ab3b31d57df11b8f91c0b2572f13a 100644
|
|
|
956cae |
--- a/src/db/sysdb_private.h
|
|
|
956cae |
+++ b/src/db/sysdb_private.h
|
|
|
956cae |
@@ -190,6 +190,7 @@ struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx,
|
|
|
956cae |
bool mpg,
|
|
|
956cae |
bool enumerate,
|
|
|
956cae |
const char *forest,
|
|
|
956cae |
+ const char **upn_suffixes,
|
|
|
956cae |
uint32_t trust_direction);
|
|
|
956cae |
|
|
|
956cae |
/* Helper functions to deal with the timestamp cache should not be used
|
|
|
956cae |
diff --git a/src/db/sysdb_subdomains.c b/src/db/sysdb_subdomains.c
|
|
|
956cae |
index 780140484f6f023bc6e8c12266e3b81ff016ec10..4f326405f955abd462f892e6013a8c24764afd55 100644
|
|
|
956cae |
--- a/src/db/sysdb_subdomains.c
|
|
|
956cae |
+++ b/src/db/sysdb_subdomains.c
|
|
|
956cae |
@@ -32,6 +32,7 @@ struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx,
|
|
|
956cae |
bool mpg,
|
|
|
956cae |
bool enumerate,
|
|
|
956cae |
const char *forest,
|
|
|
956cae |
+ const char **upn_suffixes,
|
|
|
956cae |
uint32_t trust_direction)
|
|
|
956cae |
{
|
|
|
956cae |
struct sss_domain_info *dom;
|
|
|
956cae |
@@ -108,6 +109,14 @@ struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx,
|
|
|
956cae |
}
|
|
|
956cae |
}
|
|
|
956cae |
|
|
|
956cae |
+ if (upn_suffixes != NULL) {
|
|
|
956cae |
+ dom->upn_suffixes = dup_string_list(dom, upn_suffixes);
|
|
|
956cae |
+ if (dom->upn_suffixes == NULL) {
|
|
|
956cae |
+ DEBUG(SSSDBG_OP_FAILURE, "Failed to copy UPN upn_suffixes.\n");
|
|
|
956cae |
+ goto fail;
|
|
|
956cae |
+ }
|
|
|
956cae |
+ }
|
|
|
956cae |
+
|
|
|
956cae |
dom->enumerate = enumerate;
|
|
|
956cae |
dom->fqnames = true;
|
|
|
956cae |
dom->mpg = mpg;
|
|
|
956cae |
@@ -442,7 +451,7 @@ errno_t sysdb_update_subdomains(struct sss_domain_info *domain)
|
|
|
956cae |
if (dom == NULL) {
|
|
|
956cae |
dom = new_subdomain(domain, domain, name, realm,
|
|
|
956cae |
flat, id, mpg, enumerate, forest,
|
|
|
956cae |
- trust_direction);
|
|
|
956cae |
+ upn_suffixes, trust_direction);
|
|
|
956cae |
if (dom == NULL) {
|
|
|
956cae |
ret = ENOMEM;
|
|
|
956cae |
goto done;
|
|
|
956cae |
diff --git a/src/tests/cmocka/test_fqnames.c b/src/tests/cmocka/test_fqnames.c
|
|
|
956cae |
index f4cdd80ef94584fe4eb1f0578bf388da3ead824c..19788248a39774bb4509363145ac4ce0815b7d28 100644
|
|
|
956cae |
--- a/src/tests/cmocka/test_fqnames.c
|
|
|
956cae |
+++ b/src/tests/cmocka/test_fqnames.c
|
|
|
956cae |
@@ -309,7 +309,7 @@ static int parse_name_test_setup(void **state)
|
|
|
956cae |
* discovered
|
|
|
956cae |
*/
|
|
|
956cae |
test_ctx->subdom = new_subdomain(dom, dom, SUBDOMNAME, NULL, SUBFLATNAME,
|
|
|
956cae |
- NULL, false, false, NULL, 0);
|
|
|
956cae |
+ NULL, false, false, NULL, NULL, 0);
|
|
|
956cae |
assert_non_null(test_ctx->subdom);
|
|
|
956cae |
|
|
|
956cae |
check_leaks_push(test_ctx);
|
|
|
956cae |
diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c
|
|
|
956cae |
index 41425e76f3b76fafa917f33fcfef0946f2f71c7d..5eee82d78f4e4ab4dcdc0dcdfb24c2e7d017acf5 100644
|
|
|
956cae |
--- a/src/tests/cmocka/test_nss_srv.c
|
|
|
956cae |
+++ b/src/tests/cmocka/test_nss_srv.c
|
|
|
956cae |
@@ -3084,7 +3084,7 @@ static int nss_subdom_test_setup(void **state)
|
|
|
956cae |
|
|
|
956cae |
subdomain = new_subdomain(nss_test_ctx, nss_test_ctx->tctx->dom,
|
|
|
956cae |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
956cae |
- false, false, NULL, 0);
|
|
|
956cae |
+ false, false, NULL, NULL, 0);
|
|
|
956cae |
assert_non_null(subdomain);
|
|
|
956cae |
|
|
|
956cae |
ret = sysdb_subdomain_store(nss_test_ctx->tctx->sysdb,
|
|
|
956cae |
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
|
|
|
956cae |
index d1450015cb0f0b073045e7b6031423e3f5494d78..6fd1988668124dc2dc922b41d3f7387c6d00c486 100644
|
|
|
956cae |
--- a/src/tests/sysdb-tests.c
|
|
|
956cae |
+++ b/src/tests/sysdb-tests.c
|
|
|
956cae |
@@ -1395,7 +1395,7 @@ START_TEST (test_sysdb_get_user_attr_subdomain)
|
|
|
956cae |
/* Create subdomain */
|
|
|
956cae |
subdomain = new_subdomain(test_ctx, test_ctx->domain,
|
|
|
956cae |
"test.sub", "TEST.SUB", "test", "S-3",
|
|
|
956cae |
- false, false, NULL, 0);
|
|
|
956cae |
+ false, false, NULL, NULL, 0);
|
|
|
956cae |
fail_if(subdomain == NULL, "Failed to create new subdomain.");
|
|
|
956cae |
|
|
|
956cae |
ret = sss_names_init_from_args(test_ctx,
|
|
|
956cae |
@@ -5468,7 +5468,7 @@ START_TEST(test_sysdb_subdomain_store_user)
|
|
|
956cae |
|
|
|
956cae |
subdomain = new_subdomain(test_ctx, test_ctx->domain,
|
|
|
956cae |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
956cae |
- false, false, NULL, 0);
|
|
|
956cae |
+ false, false, NULL, NULL, 0);
|
|
|
956cae |
fail_unless(subdomain != NULL, "Failed to create new subdomin.");
|
|
|
956cae |
ret = sysdb_subdomain_store(test_ctx->sysdb,
|
|
|
956cae |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
956cae |
@@ -5547,7 +5547,7 @@ START_TEST(test_sysdb_subdomain_user_ops)
|
|
|
956cae |
|
|
|
956cae |
subdomain = new_subdomain(test_ctx, test_ctx->domain,
|
|
|
956cae |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
956cae |
- false, false, NULL, 0);
|
|
|
956cae |
+ false, false, NULL, NULL, 0);
|
|
|
956cae |
fail_unless(subdomain != NULL, "Failed to create new subdomin.");
|
|
|
956cae |
ret = sysdb_subdomain_store(test_ctx->sysdb,
|
|
|
956cae |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
956cae |
@@ -5620,7 +5620,7 @@ START_TEST(test_sysdb_subdomain_group_ops)
|
|
|
956cae |
|
|
|
956cae |
subdomain = new_subdomain(test_ctx, test_ctx->domain,
|
|
|
956cae |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
956cae |
- false, false, NULL, 0);
|
|
|
956cae |
+ false, false, NULL, NULL, 0);
|
|
|
956cae |
fail_unless(subdomain != NULL, "Failed to create new subdomin.");
|
|
|
956cae |
ret = sysdb_subdomain_store(test_ctx->sysdb,
|
|
|
956cae |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
956cae |
--
|
|
|
956cae |
2.9.3
|
|
|
956cae |
|