|
|
905b4d |
From 85d5f67d94ea38a3dc920b3fe85aba7385930b81 Mon Sep 17 00:00:00 2001
|
|
|
905b4d |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
905b4d |
Date: Mon, 26 Jan 2015 23:25:17 +0100
|
|
|
905b4d |
Subject: [PATCH 185/188] IPA: Resolve IPA user groups' overrideDN in
|
|
|
905b4d |
non-default view
|
|
|
905b4d |
|
|
|
905b4d |
When the client is in a non-default view, we need to store the override
|
|
|
905b4d |
data, in particular the overrideDN as well.
|
|
|
905b4d |
|
|
|
905b4d |
Resolves:
|
|
|
905b4d |
https://fedorahosted.org/sssd/ticket/2571
|
|
|
905b4d |
|
|
|
905b4d |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
905b4d |
(cherry picked from commit b2c3722b9a1eaf265f6b102043958f6d4378788c)
|
|
|
905b4d |
---
|
|
|
905b4d |
src/providers/ipa/ipa_id.c | 318 ++++++++++++++++++++++++++++++++++++++++++++-
|
|
|
905b4d |
1 file changed, 311 insertions(+), 7 deletions(-)
|
|
|
905b4d |
|
|
|
905b4d |
diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ipa_id.c
|
|
|
905b4d |
index 3d6861eeb562683518d425616b0e5c413cddba0b..cc6abcf8721e3f05526bf62063f0cbdc7c1c257b 100644
|
|
|
905b4d |
--- a/src/providers/ipa/ipa_id.c
|
|
|
905b4d |
+++ b/src/providers/ipa/ipa_id.c
|
|
|
905b4d |
@@ -286,6 +286,239 @@ static int ipa_resolve_user_list_recv(struct tevent_req *req, int *dp_error)
|
|
|
905b4d |
return EOK;
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
+struct ipa_initgr_get_overrides_state {
|
|
|
905b4d |
+ struct tevent_context *ev;
|
|
|
905b4d |
+ struct ipa_id_ctx *ipa_ctx;
|
|
|
905b4d |
+ struct sss_domain_info *user_dom;
|
|
|
905b4d |
+ const char *realm;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ struct ldb_message **groups;
|
|
|
905b4d |
+ size_t group_count;
|
|
|
905b4d |
+ size_t group_idx;
|
|
|
905b4d |
+ struct be_acct_req *ar;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ int dp_error;
|
|
|
905b4d |
+};
|
|
|
905b4d |
+
|
|
|
905b4d |
+static int ipa_initgr_get_overrides_step(struct tevent_req *req);
|
|
|
905b4d |
+
|
|
|
905b4d |
+static struct tevent_req *
|
|
|
905b4d |
+ipa_initgr_get_overrides_send(TALLOC_CTX *memctx,
|
|
|
905b4d |
+ struct tevent_context *ev,
|
|
|
905b4d |
+ struct ipa_id_ctx *ipa_ctx,
|
|
|
905b4d |
+ struct sss_domain_info *user_dom,
|
|
|
905b4d |
+ size_t groups_count,
|
|
|
905b4d |
+ struct ldb_message **groups)
|
|
|
905b4d |
+{
|
|
|
905b4d |
+ int ret;
|
|
|
905b4d |
+ struct tevent_req *req;
|
|
|
905b4d |
+ struct ipa_initgr_get_overrides_state *state;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ req = tevent_req_create(memctx, &state,
|
|
|
905b4d |
+ struct ipa_initgr_get_overrides_state);
|
|
|
905b4d |
+ if (req == NULL) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "tevent_req_create failed.\n");
|
|
|
905b4d |
+ return NULL;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ state->ev = ev;
|
|
|
905b4d |
+ state->ipa_ctx = ipa_ctx;
|
|
|
905b4d |
+ state->user_dom = user_dom;
|
|
|
905b4d |
+ state->groups = groups;
|
|
|
905b4d |
+ state->group_count = groups_count;
|
|
|
905b4d |
+ state->group_idx = 0;
|
|
|
905b4d |
+ state->ar = NULL;
|
|
|
905b4d |
+ state->realm = dp_opt_get_string(state->ipa_ctx->ipa_options->basic,
|
|
|
905b4d |
+ IPA_KRB5_REALM);
|
|
|
905b4d |
+ if (state->realm == NULL) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_CRIT_FAILURE, "No Kerberos realm for IPA?\n");
|
|
|
905b4d |
+ ret = EINVAL;
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ipa_initgr_get_overrides_step(req);
|
|
|
905b4d |
+done:
|
|
|
905b4d |
+ if (ret == EOK) {
|
|
|
905b4d |
+ tevent_req_done(req);
|
|
|
905b4d |
+ tevent_req_post(req, ev);
|
|
|
905b4d |
+ } else if (ret != EAGAIN) {
|
|
|
905b4d |
+ tevent_req_error(req, ret);
|
|
|
905b4d |
+ tevent_req_post(req, ev);
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ return req;
|
|
|
905b4d |
+}
|
|
|
905b4d |
+
|
|
|
905b4d |
+static void ipa_initgr_get_overrides_override_done(struct tevent_req *subreq);
|
|
|
905b4d |
+
|
|
|
905b4d |
+static int ipa_initgr_get_overrides_step(struct tevent_req *req)
|
|
|
905b4d |
+{
|
|
|
905b4d |
+ int ret;
|
|
|
905b4d |
+ struct tevent_req *subreq;
|
|
|
905b4d |
+ const char *ipa_uuid;
|
|
|
905b4d |
+ struct ipa_initgr_get_overrides_state *state = tevent_req_data(req,
|
|
|
905b4d |
+ struct ipa_initgr_get_overrides_state);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ DEBUG(SSSDBG_TRACE_LIBS,
|
|
|
905b4d |
+ "Processing group %zu/%zu\n", state->group_idx, state->group_count);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ if (state->group_idx >= state->group_count) {
|
|
|
905b4d |
+ return EOK;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ipa_uuid = ldb_msg_find_attr_as_string(state->groups[state->group_idx],
|
|
|
905b4d |
+ SYSDB_UUID, NULL);
|
|
|
905b4d |
+ if (ipa_uuid == NULL) {
|
|
|
905b4d |
+ /* This should never happen, the search filter used to get the list
|
|
|
905b4d |
+ * of groups includes "uuid=*"
|
|
|
905b4d |
+ */
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "A group with no UUID, error!\n");
|
|
|
905b4d |
+ return EINVAL;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ talloc_free(state->ar); /* Avoid spiking memory with many groups */
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = get_be_acct_req_for_uuid(state, ipa_uuid,
|
|
|
905b4d |
+ state->user_dom->name, &state->ar);
|
|
|
905b4d |
+ if (ret != EOK) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "get_be_acct_req_for_sid failed.\n");
|
|
|
905b4d |
+ return ret;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ DEBUG(SSSDBG_TRACE_LIBS, "Fetching group %s\n", ipa_uuid);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ subreq = ipa_get_ad_override_send(state, state->ev,
|
|
|
905b4d |
+ state->ipa_ctx->sdap_id_ctx,
|
|
|
905b4d |
+ state->ipa_ctx->ipa_options,
|
|
|
905b4d |
+ state->realm,
|
|
|
905b4d |
+ state->ipa_ctx->view_name,
|
|
|
905b4d |
+ state->ar);
|
|
|
905b4d |
+ if (subreq == NULL) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ipa_get_ad_override_send failed.\n");
|
|
|
905b4d |
+ return ENOMEM;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ tevent_req_set_callback(subreq,
|
|
|
905b4d |
+ ipa_initgr_get_overrides_override_done, req);
|
|
|
905b4d |
+ return EAGAIN;
|
|
|
905b4d |
+}
|
|
|
905b4d |
+
|
|
|
905b4d |
+static void ipa_initgr_get_overrides_override_done(struct tevent_req *subreq)
|
|
|
905b4d |
+{
|
|
|
905b4d |
+ struct tevent_req *req = tevent_req_callback_data(subreq,
|
|
|
905b4d |
+ struct tevent_req);
|
|
|
905b4d |
+ struct ipa_initgr_get_overrides_state *state = tevent_req_data(req,
|
|
|
905b4d |
+ struct ipa_initgr_get_overrides_state);
|
|
|
905b4d |
+ int ret;
|
|
|
905b4d |
+ struct sysdb_attrs *override_attrs;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ipa_get_ad_override_recv(subreq, &state->dp_error, state,
|
|
|
905b4d |
+ &override_attrs);
|
|
|
905b4d |
+ talloc_zfree(subreq);
|
|
|
905b4d |
+ if (ret != EOK) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "IPA override lookup failed: %d\n", ret);
|
|
|
905b4d |
+ tevent_req_error(req, ret);
|
|
|
905b4d |
+ return;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_store_override(state->user_dom, state->ipa_ctx->view_name,
|
|
|
905b4d |
+ SYSDB_MEMBER_GROUP,
|
|
|
905b4d |
+ override_attrs,
|
|
|
905b4d |
+ state->groups[state->group_idx]->dn);
|
|
|
905b4d |
+ talloc_free(override_attrs);
|
|
|
905b4d |
+ if (ret != EOK) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "sysdb_store_override failed.\n");
|
|
|
905b4d |
+ tevent_req_error(req, ret);
|
|
|
905b4d |
+ return;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ state->group_idx++;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ipa_initgr_get_overrides_step(req);
|
|
|
905b4d |
+ if (ret == EAGAIN) {
|
|
|
905b4d |
+ return;
|
|
|
905b4d |
+ } else if (ret != EOK) {
|
|
|
905b4d |
+ tevent_req_error(req, ret);
|
|
|
905b4d |
+ return;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ tevent_req_done(req);
|
|
|
905b4d |
+}
|
|
|
905b4d |
+
|
|
|
905b4d |
+static int ipa_initgr_get_overrides_recv(struct tevent_req *req, int *dp_error)
|
|
|
905b4d |
+{
|
|
|
905b4d |
+ struct ipa_initgr_get_overrides_state *state = tevent_req_data(req,
|
|
|
905b4d |
+ struct ipa_initgr_get_overrides_state);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ if (dp_error) {
|
|
|
905b4d |
+ *dp_error = state->dp_error;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ TEVENT_REQ_RETURN_ON_ERROR(req);
|
|
|
905b4d |
+ return EOK;
|
|
|
905b4d |
+}
|
|
|
905b4d |
+
|
|
|
905b4d |
+/* Given a user name, retrieve an array of group UUIDs of groups that have
|
|
|
905b4d |
+ * no overrideDN attribute but do have an UUID attribute.
|
|
|
905b4d |
+ */
|
|
|
905b4d |
+static errno_t ipa_id_get_group_uuids(TALLOC_CTX *mem_ctx,
|
|
|
905b4d |
+ struct sysdb_ctx *sysdb,
|
|
|
905b4d |
+ const char *username,
|
|
|
905b4d |
+ size_t *_msgs_count,
|
|
|
905b4d |
+ struct ldb_message ***_msgs)
|
|
|
905b4d |
+{
|
|
|
905b4d |
+ const char *filter;
|
|
|
905b4d |
+ TALLOC_CTX *tmp_ctx;
|
|
|
905b4d |
+ char **uuid_list = NULL;
|
|
|
905b4d |
+ errno_t ret;
|
|
|
905b4d |
+ struct ldb_dn *base_dn;
|
|
|
905b4d |
+ const char *attrs[] = { SYSDB_UUID, NULL };
|
|
|
905b4d |
+ size_t msgs_count;
|
|
|
905b4d |
+ struct ldb_message **msgs;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ tmp_ctx = talloc_new(mem_ctx);
|
|
|
905b4d |
+ if (tmp_ctx == NULL) {
|
|
|
905b4d |
+ return ENOMEM;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ filter = talloc_asprintf(tmp_ctx,
|
|
|
905b4d |
+ "(&(objectclass=%s)(!(%s=*))(%s=*))",
|
|
|
905b4d |
+ SYSDB_GROUP_CLASS, SYSDB_OVERRIDE_DN,
|
|
|
905b4d |
+ SYSDB_UUID);
|
|
|
905b4d |
+ if (filter == NULL) {
|
|
|
905b4d |
+ ret = ENOMEM;
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ base_dn = sysdb_base_dn(sysdb, tmp_ctx);
|
|
|
905b4d |
+ if (base_dn == NULL) {
|
|
|
905b4d |
+ ret = ENOMEM;
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_search_entry(tmp_ctx, sysdb, base_dn,
|
|
|
905b4d |
+ LDB_SCOPE_SUBTREE, filter, attrs,
|
|
|
905b4d |
+ &msgs_count, &msgs);
|
|
|
905b4d |
+ if (ret == ENOENT) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_TRACE_FUNC,
|
|
|
905b4d |
+ "No groups without %s in sysdb\n", SYSDB_OVERRIDE_DN);
|
|
|
905b4d |
+ ret = EOK;
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ } else if (ret != EOK) {
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ uuid_list = talloc_zero_array(tmp_ctx, char *, msgs_count);
|
|
|
905b4d |
+ if (uuid_list == NULL) {
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ *_msgs_count = msgs_count;
|
|
|
905b4d |
+ *_msgs = talloc_steal(mem_ctx, msgs);
|
|
|
905b4d |
+ ret = EOK;
|
|
|
905b4d |
+done:
|
|
|
905b4d |
+ talloc_free(tmp_ctx);
|
|
|
905b4d |
+ return ret;
|
|
|
905b4d |
+}
|
|
|
905b4d |
+
|
|
|
905b4d |
struct ipa_id_get_account_info_state {
|
|
|
905b4d |
struct tevent_context *ev;
|
|
|
905b4d |
struct ipa_id_ctx *ipa_ctx;
|
|
|
905b4d |
@@ -300,6 +533,11 @@ struct ipa_id_get_account_info_state {
|
|
|
905b4d |
struct sysdb_attrs *override_attrs;
|
|
|
905b4d |
struct ldb_message *obj_msg;
|
|
|
905b4d |
struct ldb_message_element *ghosts;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ struct ldb_message **user_groups;
|
|
|
905b4d |
+ size_t group_cnt;
|
|
|
905b4d |
+ size_t group_idx;
|
|
|
905b4d |
+
|
|
|
905b4d |
int dp_error;
|
|
|
905b4d |
};
|
|
|
905b4d |
|
|
|
905b4d |
@@ -519,6 +757,8 @@ static errno_t ipa_id_get_account_info_get_original_step(struct tevent_req *req,
|
|
|
905b4d |
return EOK;
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
+static void ipa_id_get_user_groups_done(struct tevent_req *subreq);
|
|
|
905b4d |
+
|
|
|
905b4d |
static void ipa_id_get_account_info_orig_done(struct tevent_req *subreq)
|
|
|
905b4d |
{
|
|
|
905b4d |
struct tevent_req *req = tevent_req_callback_data(subreq,
|
|
|
905b4d |
@@ -549,16 +789,28 @@ static void ipa_id_get_account_info_orig_done(struct tevent_req *subreq)
|
|
|
905b4d |
goto fail;
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
- if ((state->ar->entry_type & BE_REQ_TYPE_MASK) == BE_REQ_GROUP
|
|
|
905b4d |
- && state->ipa_ctx->view_name != NULL
|
|
|
905b4d |
- && strcmp(state->ipa_ctx->view_name,
|
|
|
905b4d |
- SYSDB_DEFAULT_VIEW_NAME) != 0) {
|
|
|
905b4d |
- /* check for ghost members because ghost members are not allowed if a
|
|
|
905b4d |
- * view other than the default view is applied.*/
|
|
|
905b4d |
+ if (state->ipa_ctx->view_name != NULL &&
|
|
|
905b4d |
+ strcmp(state->ipa_ctx->view_name, SYSDB_DEFAULT_VIEW_NAME) != 0) {
|
|
|
905b4d |
|
|
|
905b4d |
- state->ghosts = ldb_msg_find_element(state->obj_msg, SYSDB_GHOST);
|
|
|
905b4d |
+ if ((state->ar->entry_type & BE_REQ_TYPE_MASK) == BE_REQ_GROUP) {
|
|
|
905b4d |
+ /* check for ghost members because ghost members are not allowed
|
|
|
905b4d |
+ * if a view other than the default view is applied.*/
|
|
|
905b4d |
+ state->ghosts = ldb_msg_find_element(state->obj_msg, SYSDB_GHOST);
|
|
|
905b4d |
+ } else if ((state->ar->entry_type & BE_REQ_TYPE_MASK) == \
|
|
|
905b4d |
+ BE_REQ_INITGROUPS) {
|
|
|
905b4d |
+ /* Get UUID list of groups that have no overrideDN set. */
|
|
|
905b4d |
+ ret = ipa_id_get_group_uuids(state, state->sysdb,
|
|
|
905b4d |
+ state->ar->filter_value,
|
|
|
905b4d |
+ &state->group_cnt,
|
|
|
905b4d |
+ &state->user_groups);
|
|
|
905b4d |
+ if (ret != EOK) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "Cannot get UUID list: %d\n", ret);
|
|
|
905b4d |
+ goto fail;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ }
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
+
|
|
|
905b4d |
if (state->override_attrs == NULL) {
|
|
|
905b4d |
uuid = ldb_msg_find_attr_as_string(state->obj_msg, SYSDB_UUID, NULL);
|
|
|
905b4d |
if (uuid == NULL) {
|
|
|
905b4d |
@@ -626,6 +878,19 @@ static void ipa_id_get_account_info_orig_done(struct tevent_req *subreq)
|
|
|
905b4d |
return;
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
+ if (state->user_groups != NULL) {
|
|
|
905b4d |
+ subreq = ipa_initgr_get_overrides_send(state, state->ev, state->ipa_ctx,
|
|
|
905b4d |
+ state->domain, state->group_cnt,
|
|
|
905b4d |
+ state->user_groups);
|
|
|
905b4d |
+ if (subreq == NULL) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ipa_resolve_user_list_send failed.\n");
|
|
|
905b4d |
+ ret = ENOMEM;
|
|
|
905b4d |
+ goto fail;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ tevent_req_set_callback(subreq, ipa_id_get_user_groups_done, req);
|
|
|
905b4d |
+ return;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
state->dp_error = DP_ERR_OK;
|
|
|
905b4d |
tevent_req_done(req);
|
|
|
905b4d |
return;
|
|
|
905b4d |
@@ -692,6 +957,19 @@ static void ipa_id_get_account_info_done(struct tevent_req *subreq)
|
|
|
905b4d |
return;
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
+ if (state->user_groups != NULL) {
|
|
|
905b4d |
+ subreq = ipa_initgr_get_overrides_send(state, state->ev, state->ipa_ctx,
|
|
|
905b4d |
+ state->domain, state->group_cnt,
|
|
|
905b4d |
+ state->user_groups);
|
|
|
905b4d |
+ if (subreq == NULL) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ipa_resolve_user_list_send failed.\n");
|
|
|
905b4d |
+ ret = ENOMEM;
|
|
|
905b4d |
+ goto fail;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ tevent_req_set_callback(subreq, ipa_id_get_user_groups_done, req);
|
|
|
905b4d |
+ return;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
state->dp_error = DP_ERR_OK;
|
|
|
905b4d |
tevent_req_done(req);
|
|
|
905b4d |
return;
|
|
|
905b4d |
@@ -728,6 +1006,32 @@ fail:
|
|
|
905b4d |
return;
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
+static void ipa_id_get_user_groups_done(struct tevent_req *subreq)
|
|
|
905b4d |
+{
|
|
|
905b4d |
+ struct tevent_req *req = tevent_req_callback_data(subreq,
|
|
|
905b4d |
+ struct tevent_req);
|
|
|
905b4d |
+ struct ipa_id_get_account_info_state *state = tevent_req_data(req,
|
|
|
905b4d |
+ struct ipa_id_get_account_info_state);
|
|
|
905b4d |
+ int dp_error = DP_ERR_FATAL;
|
|
|
905b4d |
+ int ret;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ipa_initgr_get_overrides_recv(subreq, &dp_error);
|
|
|
905b4d |
+ talloc_zfree(subreq);
|
|
|
905b4d |
+ if (ret != EOK) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "IPA resolve user groups %d\n", ret);
|
|
|
905b4d |
+ goto fail;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ state->dp_error = DP_ERR_OK;
|
|
|
905b4d |
+ tevent_req_done(req);
|
|
|
905b4d |
+ return;
|
|
|
905b4d |
+
|
|
|
905b4d |
+fail:
|
|
|
905b4d |
+ state->dp_error = dp_error;
|
|
|
905b4d |
+ tevent_req_error(req, ret);
|
|
|
905b4d |
+ return;
|
|
|
905b4d |
+}
|
|
|
905b4d |
+
|
|
|
905b4d |
static int ipa_id_get_account_info_recv(struct tevent_req *req, int *dp_error)
|
|
|
905b4d |
{
|
|
|
905b4d |
struct ipa_id_get_account_info_state *state = tevent_req_data(req,
|
|
|
905b4d |
--
|
|
|
905b4d |
2.1.0
|
|
|
905b4d |
|