From 2a385185e0c57bebda38b769579a012c6d38eb23 Mon Sep 17 00:00:00 2001 From: Michal Židek Date: Oct 30 2015 21:34:41 +0000 Subject: util: Update get_next_domain's interface Update get next domain to be able to include disbled domains and change the interface to accept flags instead of multiple booleans. Ticket: https://fedorahosted.org/sssd/ticket/2673 Reviewed-by: Jakub Hrozek (cherry picked from commit 877b92e80bde510d5cd9f03dbf01e2bcf73ab072) --- diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c index d811f7c..a1bfc19 100644 --- a/src/confdb/confdb.c +++ b/src/confdb/confdb.c @@ -1458,7 +1458,7 @@ int confdb_get_domain(struct confdb_ctx *cdb, return ret; } - for (dom = doms; dom; dom = get_next_domain(dom, false)) { + for (dom = doms; dom; dom = get_next_domain(dom, 0)) { if (strcasecmp(dom->name, name) == 0) { *_domain = dom; return EOK; diff --git a/src/db/sysdb_subdomains.c b/src/db/sysdb_subdomains.c index 546dc1c..4994b79 100644 --- a/src/db/sysdb_subdomains.c +++ b/src/db/sysdb_subdomains.c @@ -191,12 +191,13 @@ static void link_forest_roots(struct sss_domain_info *domain) { struct sss_domain_info *d; struct sss_domain_info *dd; + uint32_t gnd_flags = SSS_GND_DESCEND; - for (d = domain; d; d = get_next_domain(d, true)) { + for (d = domain; d; d = get_next_domain(d, gnd_flags)) { d->forest_root = NULL; } - for (d = domain; d; d = get_next_domain(d, true)) { + for (d = domain; d; d = get_next_domain(d, gnd_flags)) { if (d->forest_root != NULL) { continue; } @@ -205,7 +206,7 @@ static void link_forest_roots(struct sss_domain_info *domain) d->forest_root = d; DEBUG(SSSDBG_TRACE_INTERNAL, "[%s] is a forest root\n", d->name); - for (dd = domain; dd; dd = get_next_domain(dd, true)) { + for (dd = domain; dd; dd = get_next_domain(dd, gnd_flags)) { if (dd->forest_root != NULL) { continue; } diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c index 54e41de..89ac882 100644 --- a/src/monitor/monitor.c +++ b/src/monitor/monitor.c @@ -805,7 +805,7 @@ static int check_domain_ranges(struct sss_domain_info *domains) uint32_t id_min, id_max; while (dom) { - other = get_next_domain(dom, false); + other = get_next_domain(dom, 0); if (dom->id_max && dom->id_min > dom->id_max) { DEBUG(SSSDBG_CRIT_FAILURE, "Domain '%s' does not have a valid ID range\n", dom->name); @@ -821,9 +821,9 @@ static int check_domain_ranges(struct sss_domain_info *domains) "Domains '%s' and '%s' overlap in range %u - %u\n", dom->name, other->name, id_min, id_max); } - other = get_next_domain(other, false); + other = get_next_domain(other, 0); } - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } return EOK; @@ -844,7 +844,7 @@ static int check_local_domain_unique(struct sss_domain_info *domains) break; } - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (count > 1) { @@ -2424,7 +2424,7 @@ static int monitor_process_init(struct mt_ctx *ctx, /* start providers */ num_providers = 0; - for (dom = ctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = ctx->domains; dom; dom = get_next_domain(dom, 0)) { ret = add_new_provider(ctx, dom->name, 0); if (ret != EOK && ret != ENOENT) { return ret; diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c index c2a6544..2e5d912 100644 --- a/src/providers/ad/ad_subdomains.c +++ b/src/providers/ad/ad_subdomains.c @@ -350,9 +350,9 @@ static errno_t ad_subdomains_refresh(struct ad_subdomains_ctx *ctx, } /* check existing subdomains */ - for (dom = get_next_domain(domain, true); + for (dom = get_next_domain(domain, SSS_GND_DESCEND); dom && IS_SUBDOMAIN(dom); /* if we get back to a parent, stop */ - dom = get_next_domain(dom, false)) { + dom = get_next_domain(dom, 0)) { /* If we are handling root domain, skip all the other domains. We don't * want to accidentally remove non-root domains diff --git a/src/providers/dp_refresh.c b/src/providers/dp_refresh.c index 76c092b..589c280 100644 --- a/src/providers/dp_refresh.c +++ b/src/providers/dp_refresh.c @@ -261,7 +261,7 @@ static errno_t be_refresh_step(struct tevent_req *req) /* if not found than continue with next domain */ if (state->index == BE_REFRESH_TYPE_SENTINEL) { - state->domain = get_next_domain(state->domain, false); + state->domain = get_next_domain(state->domain, 0); continue; } diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c index 089736b..70a2933 100644 --- a/src/providers/ipa/ipa_subdomains.c +++ b/src/providers/ipa/ipa_subdomains.c @@ -509,9 +509,9 @@ static errno_t ipa_subdomains_refresh(struct ipa_subdomains_ctx *ctx, h = 0; /* check existing subdomains */ - for (dom = get_next_domain(parent, true); + for (dom = get_next_domain(parent, SSS_GND_DESCEND); dom && IS_SUBDOMAIN(dom); /* if we get back to a parent, stop */ - dom = get_next_domain(dom, false)) { + dom = get_next_domain(dom, 0)) { for (c = 0; c < count; c++) { if (handled[c]) { continue; diff --git a/src/providers/ipa/ipa_subdomains_server.c b/src/providers/ipa/ipa_subdomains_server.c index c561118..7d8b3d3 100644 --- a/src/providers/ipa/ipa_subdomains_server.c +++ b/src/providers/ipa/ipa_subdomains_server.c @@ -836,9 +836,9 @@ static errno_t ipa_server_create_trusts_step(struct tevent_req *req) state = tevent_req_data(req, struct ipa_server_create_trusts_state); - for (state->domiter = get_next_domain(state->domiter, true); + for (state->domiter = get_next_domain(state->domiter, SSS_GND_DESCEND); state->domiter && IS_SUBDOMAIN(state->domiter); - state->domiter = get_next_domain(state->domiter, false)) { + state->domiter = get_next_domain(state->domiter, 0)) { /* Check if we already have an ID context for this subdomain */ DLIST_FOR_EACH(trust_iter, state->id_ctx->server_mode->trusts) { diff --git a/src/providers/ldap/sdap_domain.c b/src/providers/ldap/sdap_domain.c index d7e3dc3..5cba9df 100644 --- a/src/providers/ldap/sdap_domain.c +++ b/src/providers/ldap/sdap_domain.c @@ -132,9 +132,9 @@ sdap_domain_subdom_add(struct sdap_id_ctx *sdap_id_ctx, struct sdap_domain *sdom, *sditer; errno_t ret; - for (dom = get_next_domain(parent, true); + for (dom = get_next_domain(parent, SSS_GND_DESCEND); dom && IS_SUBDOMAIN(dom); /* if we get back to a parent, stop */ - dom = get_next_domain(dom, false)) { + dom = get_next_domain(dom, 0)) { DLIST_FOR_EACH(sditer, sdom_list) { if (sditer->dom == dom) { diff --git a/src/responder/autofs/autofssrv_cmd.c b/src/responder/autofs/autofssrv_cmd.c index 27b6617..82f2f86 100644 --- a/src/responder/autofs/autofssrv_cmd.c +++ b/src/responder/autofs/autofssrv_cmd.c @@ -661,7 +661,7 @@ lookup_automntmap_step(struct setautomntent_lookup_ctx *lookup_ctx) if (!dctx->check_provider) { if (dctx->cmd_ctx->check_next) { DEBUG(SSSDBG_TRACE_INTERNAL, "Moving on to next domain\n"); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } else break; @@ -868,8 +868,8 @@ static void lookup_automntmap_cache_updated(uint16_t err_maj, uint32_t err_min, "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); /* Loop to the next domain if possible */ - if (dctx->cmd_ctx->check_next && get_next_domain(dctx->domain, false)) { - dctx->domain = get_next_domain(dctx->domain, false); + if (dctx->cmd_ctx->check_next && get_next_domain(dctx->domain, 0)) { + dctx->domain = get_next_domain(dctx->domain, 0); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } } diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index fc482c4..f7af9e0 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -664,7 +664,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, int i; /* Populate domain-specific negative cache entries */ - for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { + for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, dom->name); if (!conf_path) { @@ -765,7 +765,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } } else { - for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { + for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { ret = sss_ncache_set_user(ncache, true, dom, name); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -780,7 +780,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, } filter_set = false; - for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { + for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, dom->name); if (!conf_path) { ret = ENOMEM; @@ -873,7 +873,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } } else { - for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { + for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { ret = sss_ncache_set_group(ncache, true, dom, name); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c index ab73401..fc63f84 100644 --- a/src/responder/common/responder_cache_req.c +++ b/src/responder/common/responder_cache_req.c @@ -983,7 +983,7 @@ static errno_t cache_req_next_domain(struct tevent_req *req) while (state->domain != NULL && state->check_next && state->domain->fqnames && !cache_req_input_is_upn(state->input)) { - state->domain = get_next_domain(state->domain, false); + state->domain = get_next_domain(state->domain, 0); } state->selected_domain = state->domain; @@ -1011,9 +1011,10 @@ static errno_t cache_req_next_domain(struct tevent_req *req) /* we will continue with the following domain the next time */ if (state->check_next) { if (cache_req_input_is_upn(state->input)) { - state->domain = get_next_domain(state->domain, true); + state->domain = get_next_domain(state->domain, + SSS_GND_DESCEND); } else { - state->domain = get_next_domain(state->domain, false); + state->domain = get_next_domain(state->domain, 0); } } diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 2097004..f2e6503 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -844,7 +844,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, goto fail; } - for (dom = rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = rctx->domains; dom; dom = get_next_domain(dom, 0)) { ret = sss_names_init(rctx->cdb, rctx->cdb, dom->name, &dom->names); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, @@ -922,7 +922,8 @@ responder_get_domain(struct resp_ctx *rctx, const char *name) struct sss_domain_info *dom; struct sss_domain_info *ret_dom = NULL; - for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (sss_domain_get_state(dom) == DOM_DISABLED) { continue; } @@ -957,7 +958,8 @@ errno_t responder_get_domain_by_id(struct resp_ctx *rctx, const char *id, id_len = strlen(id); - for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (sss_domain_get_state(dom) == DOM_DISABLED || dom->domain_id == NULL) { continue; diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c index 7fd0b48..6b354d8 100644 --- a/src/responder/common/responder_get_domains.c +++ b/src/responder/common/responder_get_domains.c @@ -186,7 +186,7 @@ struct tevent_req *sss_dp_get_domains_send(TALLOC_CTX *mem_ctx, state->dom = rctx->domains; while(state->dom != NULL && !NEED_CHECK_PROVIDER(state->dom->provider)) { - state->dom = get_next_domain(state->dom, false); + state->dom = get_next_domain(state->dom, 0); } if (state->dom == NULL) { @@ -242,11 +242,11 @@ sss_dp_get_domains_process(struct tevent_req *subreq) } /* Advance to the next domain */ - state->dom = get_next_domain(state->dom, false); + state->dom = get_next_domain(state->dom, 0); /* Skip local domains */ while(state->dom != NULL && !NEED_CHECK_PROVIDER(state->dom->provider)) { - state->dom = get_next_domain(state->dom, false); + state->dom = get_next_domain(state->dom, 0); } if (state->dom == NULL) { @@ -345,7 +345,8 @@ static errno_t check_last_request(struct resp_ctx *rctx, const char *hint) } if (hint != NULL) { - for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (!IS_SUBDOMAIN(dom)) { diff = now - dom->subdomains_last_checked.tv_sec; /* not a subdomain */ diff --git a/src/responder/ifp/ifp_cache.c b/src/responder/ifp/ifp_cache.c index a109ac0..8ea2d80 100644 --- a/src/responder/ifp/ifp_cache.c +++ b/src/responder/ifp/ifp_cache.c @@ -190,7 +190,7 @@ errno_t ifp_cache_list_domains(TALLOC_CTX *mem_ctx, num_paths += num_tmp_paths; - domain = get_next_domain(domain, true); + domain = get_next_domain(domain, SSS_GND_DESCEND); } if (_paths != NULL) { diff --git a/src/responder/ifp/ifp_domains.c b/src/responder/ifp/ifp_domains.c index 3605766..5ad9952 100644 --- a/src/responder/ifp/ifp_domains.c +++ b/src/responder/ifp/ifp_domains.c @@ -111,7 +111,7 @@ static void ifp_list_domains_process(struct tevent_req *req) num_domains = 0; for (dom = ireq->ifp_ctx->rctx->domains; dom != NULL; - dom = get_next_domain(dom, true)) { + dom = get_next_domain(dom, SSS_GND_DESCEND)) { num_domains++; } @@ -124,7 +124,7 @@ static void ifp_list_domains_process(struct tevent_req *req) pi = 0; for (dom = ireq->ifp_ctx->rctx->domains; dom != NULL; - dom = get_next_domain(dom, true)) { + dom = get_next_domain(dom, SSS_GND_DESCEND)) { p = sbus_opath_compose(ireq, IFP_PATH_DOMAINS, dom->name); if (p == NULL) { DEBUG(SSSDBG_MINOR_FAILURE, @@ -221,7 +221,7 @@ static void ifp_find_domain_by_name_process(struct tevent_req *req) /* Reply with the domain that was asked for */ for (iter = ireq->ifp_ctx->rctx->domains; iter != NULL; - iter = get_next_domain(iter, true)) { + iter = get_next_domain(iter, SSS_GND_DESCEND)) { if (strcasecmp(iter->name, state->name) == 0) { break; } @@ -271,7 +271,8 @@ get_domain_info_from_req(struct sbus_request *dbus_req, void *data) DEBUG(SSSDBG_TRACE_INTERNAL, "Looking for domain %s\n", name); domains = ctx->rctx->domains; - for (iter = domains; iter != NULL; iter = get_next_domain(iter, true)) { + for (iter = domains; iter != NULL; + iter = get_next_domain(iter, SSS_GND_DESCEND)) { if (strcasecmp(iter->name, name) == 0) { break; } diff --git a/src/responder/ifp/ifp_groups.c b/src/responder/ifp/ifp_groups.c index d5d7324..08f34b7 100644 --- a/src/responder/ifp/ifp_groups.c +++ b/src/responder/ifp/ifp_groups.c @@ -315,7 +315,7 @@ static void ifp_groups_list_by_name_done(struct tevent_req *req) return; } - list_ctx->dom = get_next_domain(list_ctx->dom, true); + list_ctx->dom = get_next_domain(list_ctx->dom, SSS_GND_DESCEND); if (list_ctx->dom == NULL) { return ifp_groups_list_by_name_reply(list_ctx); } diff --git a/src/responder/ifp/ifp_users.c b/src/responder/ifp/ifp_users.c index 9b71a35..4746de3 100644 --- a/src/responder/ifp/ifp_users.c +++ b/src/responder/ifp/ifp_users.c @@ -403,7 +403,7 @@ static void ifp_users_list_by_name_done(struct tevent_req *req) return; } - list_ctx->dom = get_next_domain(list_ctx->dom, true); + list_ctx->dom = get_next_domain(list_ctx->dom, SSS_GND_DESCEND); if (list_ctx->dom == NULL) { return ifp_users_list_by_name_reply(list_ctx); } diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index c29b409..b8bd642 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -135,7 +135,7 @@ void nss_update_pw_memcache(struct nss_ctx *nctx) now = time(NULL); - for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) { ret = sysdb_enumpwent_with_views(nctx, dom, &res); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -982,7 +982,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames && !cmdctx->name_is_upn) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -1021,9 +1021,9 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { if (cmdctx->name_is_upn) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } else { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } continue; } @@ -1100,9 +1100,9 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { if (cmdctx->name_is_upn) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } else { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (dom) continue; } @@ -1220,7 +1220,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, struct nss_cmd_ctx *cmdctx = dctx->cmdctx; struct cli_ctx *cctx = cmdctx->cctx; int ret; - bool check_subdomains; + uint32_t gnd_flags; struct nss_ctx *nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx); if (err_maj) { @@ -1266,7 +1266,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, /* Since subdomain users and groups are fully qualified they are * typically not subject of multi-domain searches. But since POSIX - * ID do not contain a domain name we have to decend to subdomains + * ID do not contain a domain name we have to descend to subdomains * here. */ switch (dctx->cmdctx->cmd) { case SSS_NSS_GETPWUID: @@ -1277,7 +1277,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, "Cannot set negative cache for UID %"PRIu32"\n", cmdctx->id); } - check_subdomains = true; + gnd_flags = SSS_GND_DESCEND; break; case SSS_NSS_GETGRGID: ret = sss_ncache_set_gid(nctx->ncache, false, dctx->domain, @@ -1287,7 +1287,7 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, "Cannot set negative cache for GID %"PRIu32"\n", cmdctx->id); } - check_subdomains = true; + gnd_flags = SSS_GND_DESCEND; break; case SSS_NSS_GETSIDBYID: ret = sss_ncache_set_uid(nctx->ncache, false, dctx->domain, @@ -1304,16 +1304,17 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, "Cannot set negative cache for GID %"PRIu32"\n", cmdctx->id); } - check_subdomains = true; + gnd_flags = SSS_GND_DESCEND; break; default: - check_subdomains = false; + /* Do not descend to subdomains */ + gnd_flags = 0; } /* no previous results, just loop to next domain if possible */ if (cmdctx->check_next && - get_next_domain(dctx->domain, check_subdomains)) { - dctx->domain = get_next_domain(dctx->domain, check_subdomains); + get_next_domain(dctx->domain, gnd_flags)) { + dctx->domain = get_next_domain(dctx->domain, gnd_flags); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } else { /* nothing available */ @@ -1785,7 +1786,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) "(id out of range)\n", cmdctx->id, dom->name); if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } ret = ENOENT; @@ -1832,7 +1833,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) if (dctx->res->count == 0 && !dctx->check_provider) { /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } @@ -2190,7 +2191,8 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = client->rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -2302,7 +2304,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == false) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } if (!dom) break; @@ -2362,14 +2364,14 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) DEBUG(SSSDBG_CRIT_FAILURE, "Enum from cache failed, skipping domain [%s]\n", dom->name); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } if (res->count == 0) { DEBUG(SSSDBG_CONF_SETTINGS, "Domain [%s] has no users, skipping.\n", dom->name); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } @@ -2387,7 +2389,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) nctx->pctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } /* We've finished all our lookups @@ -2689,7 +2691,7 @@ void nss_update_gr_memcache(struct nss_ctx *nctx) now = time(NULL); - for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) { ret = sysdb_enumgrent_with_views(nctx, dom, &res); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -3196,7 +3198,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -3234,7 +3236,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) name, dom->name); /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } /* There are no further domains or this was a @@ -3279,7 +3281,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); if (dom) continue; } @@ -3367,7 +3369,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx) "(id out of range)\n", cmdctx->id, dom->name); if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } ret = ENOENT; @@ -3414,7 +3416,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx) if (dctx->res->count == 0 && !dctx->check_provider) { /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } @@ -3552,7 +3554,8 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + for (dom = client->rctx->domains; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -3664,7 +3667,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == false) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } if (!dom) break; @@ -3724,14 +3727,14 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) DEBUG(SSSDBG_CRIT_FAILURE, "Enum from cache failed, skipping domain [%s]\n", dom->name); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } if (res->count == 0) { DEBUG(SSSDBG_CONF_SETTINGS, "Domain [%s] has no groups, skipping.\n", dom->name); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } @@ -3749,7 +3752,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) nctx->gctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } /* We've finished all our lookups @@ -4041,7 +4044,7 @@ void nss_update_initgr_memcache(struct nss_ctx *nctx, int ret; int i, j; - for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) { if (strcasecmp(dom->name, domain) == 0) { break; } @@ -4310,7 +4313,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames && !cmdctx->name_is_upn) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -4350,7 +4353,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) name, dom->name); /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } /* There are no further domains or this was a @@ -4424,7 +4427,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); if (dom) continue; } @@ -4521,7 +4524,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) "(id out of range)\n", cmdctx->id, dom->name); if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } ret = ENOENT; @@ -4531,7 +4534,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -4562,7 +4565,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) /* if a multidomain search, try with next, including * sub-domains */ if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } /* There are no further domains. */ @@ -4618,7 +4621,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) name, dom->name); /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } /* There are no further domains or this was a @@ -4747,7 +4750,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) } /* if a multidomain search, try with next */ if (cmdctx->check_next) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); continue; } diff --git a/src/responder/nss/nsssrv_netgroup.c b/src/responder/nss/nsssrv_netgroup.c index c710438..bee4552 100644 --- a/src/responder/nss/nsssrv_netgroup.c +++ b/src/responder/nss/nsssrv_netgroup.c @@ -525,7 +525,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) /* This netgroup was not found in this domain */ if (!step_ctx->dctx->check_provider) { if (step_ctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } else { break; @@ -556,7 +556,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) if (!step_ctx->dctx->check_provider) { if (step_ctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } else break; @@ -646,8 +646,8 @@ static void lookup_netgr_dp_callback(uint16_t err_maj, uint32_t err_min, "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); /* Loop to the next domain if possible */ - if (cmdctx->check_next && get_next_domain(dctx->domain, false)) { - dctx->domain = get_next_domain(dctx->domain, false); + if (cmdctx->check_next && get_next_domain(dctx->domain, 0)) { + dctx->domain = get_next_domain(dctx->domain, 0); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } } diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c index f6abc44..a9fdeb6 100644 --- a/src/responder/nss/nsssrv_services.c +++ b/src/responder/nss/nsssrv_services.c @@ -97,7 +97,7 @@ getserv_send(TALLOC_CTX *mem_ctx, if (!req) return NULL; state->dctx = dctx; - for (dom = cctx->rctx->domains; dom; dom = get_next_domain(dom, false)) { + for (dom = cctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) { num_domains++; } @@ -160,7 +160,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmdctx->check_next && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -190,7 +190,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } else { /* This was a single-domain search. * exit the loop. Since it was negatively- @@ -231,7 +231,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } else { /* This was a single-domain search. * exit the loop. Since it was negatively- @@ -298,7 +298,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } else { /* This was a single-domain search. * exit the loop. @@ -380,7 +380,7 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If this is a multi-domain search, try the next one */ if (cmdctx->check_next) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } else { /* This was a single-domain search. * exit the loop. @@ -1258,7 +1258,7 @@ setservent_send(TALLOC_CTX *mem_ctx, struct cli_ctx *cctx) num_domains = 0; for (dom = state->cctx->rctx->domains; dom; - dom = get_next_domain(dom, false)) { + dom = get_next_domain(dom, 0)) { num_domains++; } @@ -1305,7 +1305,7 @@ setservent_send(TALLOC_CTX *mem_ctx, struct cli_ctx *cctx) "Error [%s] requesting info from domain [%s]. Skipping.\n", strerror(ret), step_ctx->dctx->domain->name); - step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false); + step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, 0); } /* All domains failed */ @@ -1500,7 +1500,7 @@ setservent_step_done(struct tevent_req *req) svcctx->num++; } - step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false); + step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, 0); while (step_ctx->dctx->domain) { /* There are more domains to check */ @@ -1514,7 +1514,7 @@ setservent_step_done(struct tevent_req *req) "Error [%s] requesting info from domain [%s]. Skipping.\n", strerror(ret), step_ctx->dctx->domain->name); - step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, false); + step_ctx->dctx->domain = get_next_domain(step_ctx->dctx->domain, 0); } /* All domains have been checked */ diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index 2823f81..960bc4a 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -1128,7 +1128,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) } else { for (dom = preq->cctx->rctx->domains; dom; - dom = get_next_domain(dom, false)) { + dom = get_next_domain(dom, 0)) { if (dom->fqnames) continue; ncret = sss_ncache_check_user(pctx->ncache, pctx->neg_timeout, @@ -1398,7 +1398,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) * qualified names instead */ while (dom && !preq->pd->domain && !preq->pd->name_is_upn && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -1494,7 +1494,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) /* if a multidomain search, try with next */ if (!preq->pd->domain) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); continue; } diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index c333696..75d8cac 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -94,7 +94,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) /* if it is a domainless search, skip domains that require fully * qualified names instead */ while (dom && cmd_ctx->check_next && dom->fqnames) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } if (!dom) break; @@ -141,7 +141,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmd_ctx->check_next) { dctx->check_provider = true; - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); if (dom) continue; } @@ -211,7 +211,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) /* if a multidomain search, try with next */ if (cmd_ctx->check_next) { dctx->check_provider = true; - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); if (dom) continue; } diff --git a/src/tests/cmocka/test_utils.c b/src/tests/cmocka/test_utils.c index cab1684..27c16bb 100644 --- a/src/tests/cmocka/test_utils.c +++ b/src/tests/cmocka/test_utils.c @@ -520,11 +520,11 @@ static void test_get_next_domain(void **state) struct dom_list_test_ctx); struct sss_domain_info *dom = NULL; - dom = get_next_domain(test_ctx->dom_list, false); + dom = get_next_domain(test_ctx->dom_list, 0); assert_non_null(dom); assert_string_equal(dom->name, "dom2"); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); assert_null(dom); } @@ -534,23 +534,23 @@ static void test_get_next_domain_descend(void **state) struct dom_list_test_ctx); struct sss_domain_info *dom = NULL; - dom = get_next_domain(test_ctx->dom_list, true); + dom = get_next_domain(test_ctx->dom_list, SSS_GND_DESCEND); assert_non_null(dom); assert_string_equal(dom->name, "sub1a"); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); assert_non_null(dom); assert_string_equal(dom->name, "dom2"); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); assert_non_null(dom); assert_string_equal(dom->name, "sub2a"); - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); assert_non_null(dom); assert_string_equal(dom->name, "sub2b"); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); assert_null(dom); } @@ -560,11 +560,12 @@ static void test_get_next_domain_disabled(void **state) struct dom_list_test_ctx); struct sss_domain_info *dom = NULL; - for (dom = test_ctx->dom_list; dom; dom = get_next_domain(dom, true)) { + for (dom = test_ctx->dom_list; dom; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { sss_domain_set_state(dom, DOM_DISABLED); } - dom = get_next_domain(test_ctx->dom_list, true); + dom = get_next_domain(test_ctx->dom_list, SSS_GND_DESCEND); assert_null(dom); } diff --git a/src/tools/common/sss_tools.c b/src/tools/common/sss_tools.c index 0ada62e..c0b5255 100644 --- a/src/tools/common/sss_tools.c +++ b/src/tools/common/sss_tools.c @@ -134,7 +134,8 @@ static errno_t sss_tool_domains_init(TALLOC_CTX *mem_ctx, return ret; } - for (dom = domains; dom != NULL; dom = get_next_domain(dom, true)) { + for (dom = domains; dom != NULL; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { if (!IS_SUBDOMAIN(dom)) { /* Update list of subdomains for this domain */ ret = sysdb_update_subdomains(dom); @@ -146,7 +147,8 @@ static errno_t sss_tool_domains_init(TALLOC_CTX *mem_ctx, } } - for (dom = domains; dom != NULL; dom = get_next_domain(dom, true)) { + for (dom = domains; dom != NULL; + dom = get_next_domain(dom, SSS_GND_DESCEND)) { ret = sss_names_init(mem_ctx, confdb, dom->name, &dom->names); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_names_init() failed\n"); diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c index c9bf249..88895e8 100644 --- a/src/tools/sss_cache.c +++ b/src/tools/sss_cache.c @@ -128,7 +128,8 @@ int main(int argc, const char *argv[]) goto done; } - for (dinfo = tctx->domains; dinfo; dinfo = get_next_domain(dinfo, true)) { + for (dinfo = tctx->domains; dinfo; + dinfo = get_next_domain(dinfo, SSS_GND_DESCEND)) { if (!IS_SUBDOMAIN(dinfo)) { /* Update list of subdomains for this domain */ ret = sysdb_update_subdomains(dinfo); @@ -555,7 +556,7 @@ errno_t init_domains(struct cache_tool_ctx *ctx, const char *domain) } } - for (dinfo = ctx->domains; dinfo; dinfo = get_next_domain(dinfo, false)) { + for (dinfo = ctx->domains; dinfo; dinfo = get_next_domain(dinfo, 0)) { ret = sss_names_init(ctx, ctx->confdb, dinfo->name, &dinfo->names); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_names_init() failed\n"); diff --git a/src/tools/sss_debuglevel.c b/src/tools/sss_debuglevel.c index 333de21..e1467c0 100644 --- a/src/tools/sss_debuglevel.c +++ b/src/tools/sss_debuglevel.c @@ -261,7 +261,7 @@ errno_t get_confdb_sections(TALLOC_CTX *ctx, struct confdb_ctx *confdb, for (domain = domain_list; domain; - domain = get_next_domain(domain, false)) { + domain = get_next_domain(domain, 0)) { domain_count++; } @@ -286,7 +286,7 @@ errno_t get_confdb_sections(TALLOC_CTX *ctx, struct confdb_ctx *confdb, for (domain = domain_list; domain; - domain = get_next_domain(domain, false), i++) { + domain = get_next_domain(domain, 0), i++) { sections[i] = talloc_asprintf(tmp_ctx, CONFDB_DOMAIN_PATH_TMPL, domain->name); if (sections[i] == NULL) { diff --git a/src/tools/sss_override.c b/src/tools/sss_override.c index cf19e82..9106788 100644 --- a/src/tools/sss_override.c +++ b/src/tools/sss_override.c @@ -1283,7 +1283,7 @@ static int override_user_export(struct sss_cmdline *cmdline, /* All overrides are under the same subtree, so we don't want to * descent into subdomains. */ - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } while (dom != NULL); exit = EXIT_SUCCESS; @@ -1484,7 +1484,7 @@ static int override_group_export(struct sss_cmdline *cmdline, /* All overrides are under the same subtree, so we don't want to * descent into subdomains. */ - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } while (dom != NULL); exit = EXIT_SUCCESS; diff --git a/src/util/domain_info_utils.c b/src/util/domain_info_utils.c index ffbb947..d8865a1 100644 --- a/src/util/domain_info_utils.c +++ b/src/util/domain_info_utils.c @@ -35,9 +35,11 @@ struct sss_domain_info *get_domains_head(struct sss_domain_info *domain) } struct sss_domain_info *get_next_domain(struct sss_domain_info *domain, - bool descend) + uint32_t gnd_flags) { struct sss_domain_info *dom; + bool descend = gnd_flags & SSS_GND_DESCEND; + bool include_disabled = gnd_flags & SSS_GND_INCLUDE_DISABLED; dom = domain; while (dom) { @@ -51,8 +53,14 @@ struct sss_domain_info *get_next_domain(struct sss_domain_info *domain, dom = NULL; } - if (dom && sss_domain_get_state(dom) != DOM_DISABLED) { - break; + if (dom) { + if (sss_domain_get_state(dom) == DOM_DISABLED + && !include_disabled) { + continue; + } else { + /* Next domain found. */ + break; + } } } @@ -95,7 +103,7 @@ struct sss_domain_info *find_domain_by_name(struct sss_domain_info *domain, } while (dom && sss_domain_get_state(dom) == DOM_DISABLED) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } while (dom) { if (strcasecmp(dom->name, name) == 0 || @@ -103,7 +111,7 @@ struct sss_domain_info *find_domain_by_name(struct sss_domain_info *domain, (strcasecmp(dom->flat_name, name) == 0))) { return dom; } - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } return NULL; @@ -123,7 +131,7 @@ struct sss_domain_info *find_domain_by_sid(struct sss_domain_info *domain, sid_len = strlen(sid); while (dom && sss_domain_get_state(dom) == DOM_DISABLED) { - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } while (dom) { @@ -144,7 +152,7 @@ struct sss_domain_info *find_domain_by_sid(struct sss_domain_info *domain, } } - dom = get_next_domain(dom, true); + dom = get_next_domain(dom, SSS_GND_DESCEND); } return NULL; @@ -347,9 +355,9 @@ sss_write_domain_mappings(struct sss_domain_info *domain) goto done; } - for (dom = get_next_domain(domain, true); + for (dom = get_next_domain(domain, SSS_GND_DESCEND); dom && IS_SUBDOMAIN(dom); /* if we get back to a parent, stop */ - dom = get_next_domain(dom, false)) { + dom = get_next_domain(dom, 0)) { ret = fprintf(fstream, ".%s = %s\n%s = %s\n", dom->name, dom->realm, dom->name, dom->realm); if (ret < 0) { @@ -366,9 +374,9 @@ sss_write_domain_mappings(struct sss_domain_info *domain) goto done; } - for (dom = get_next_domain(domain, true); + for (dom = get_next_domain(domain, SSS_GND_DESCEND); dom && IS_SUBDOMAIN(dom); /* if we get back to a parent, stop */ - dom = get_next_domain(dom, false)) { + dom = get_next_domain(dom, 0)) { if (dom->forest == NULL) { continue; @@ -482,7 +490,7 @@ errno_t get_dom_names(TALLOC_CTX *mem_ctx, dom = start_dom; while (dom) { count++; - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); } dom_names = talloc_array(tmp_ctx, char*, count); @@ -500,7 +508,7 @@ errno_t get_dom_names(TALLOC_CTX *mem_ctx, ret = ENOMEM; goto done; } - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, 0); i++; } diff --git a/src/util/usertools.c b/src/util/usertools.c index ccbf7a0..18639d9 100644 --- a/src/util/usertools.c +++ b/src/util/usertools.c @@ -423,7 +423,7 @@ int sss_parse_name_for_domains(TALLOC_CTX *memctx, rname = NULL; rdomain = NULL; - for (dom = domains; dom != NULL; dom = get_next_domain(dom, false)) { + for (dom = domains; dom != NULL; dom = get_next_domain(dom, 0)) { ret = sss_parse_name(tmp_ctx, dom->names, orig, &dmatch, &nmatch); if (ret == EOK) { /* @@ -481,7 +481,7 @@ int sss_parse_name_for_domains(TALLOC_CTX *memctx, goto done; } - for (dom = domains; dom != NULL; dom = get_next_domain(dom, false)) { + for (dom = domains; dom != NULL; dom = get_next_domain(dom, 0)) { match = match_any_domain_or_subdomain_name(dom, rdomain); if (match != NULL) { break; diff --git a/src/util/util.h b/src/util/util.h index f9fe1ca..fed62cc 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -559,8 +559,11 @@ void to_sized_string(struct sized_string *out, const char *in); /* from domain_info.c */ struct sss_domain_info *get_domains_head(struct sss_domain_info *domain); +#define SSS_GND_DESCEND 0x01 +#define SSS_GND_INCLUDE_DISABLED 0x02 +#define SSS_GND_ALL_DOMAINS (SSS_GND_DESCEND | SSS_GND_INCLUDE_DISABLED) struct sss_domain_info *get_next_domain(struct sss_domain_info *domain, - bool descend); + uint32_t gnd_flags); struct sss_domain_info *find_domain_by_name(struct sss_domain_info *domain, const char *name, bool match_any);