#include <ldap.h>
#include "smbldap.h"
-
-static char *idmap_fetch_secret(const char *backend,
- const char *domain, const char *identity)
-{
- char *tmp, *ret;
- int r;
-
- r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
-
- if (r < 0)
- return NULL;
-
- strupper_m(tmp); /* make sure the key is case insensitive */
- ret = secrets_fetch_generic(tmp, identity);
-
- SAFE_FREE(tmp);
-
- return ret;
-}
+#include "passdb/pdb_ldap_schema.h"
struct idmap_ldap_context {
struct smbldap_state *smbldap_state;
goto done;
}
- talloc_autofree_ldapmsg(mem_ctx, result);
+ smbldap_talloc_autofree_ldapmsg(mem_ctx, result);
count = ldap_count_entries(ctx->smbldap_state->ldap_struct, result);
if (count != 1) {
tmp = lp_parm_const_string(-1, config_option, "ldap_base_dn", NULL);
if ( ! tmp || ! *tmp) {
- tmp = lp_ldap_idmap_suffix();
+ tmp = lp_ldap_idmap_suffix(talloc_tos());
if ( ! tmp) {
DEBUG(1, ("ERROR: missing idmap ldap suffix\n"));
ret = NT_STATUS_UNSUCCESSFUL;
ctx->rw_ops->get_new_id = idmap_ldap_allocate_id_internal;
ctx->rw_ops->set_mapping = idmap_ldap_set_mapping;
+ /* get_credentials deals with setting up creds */
+
ret = smbldap_init(ctx, winbind_event_context(), ctx->url,
- &ctx->smbldap_state);
+ false, NULL, NULL, &ctx->smbldap_state);
if (!NT_STATUS_IS_OK(ret)) {
DEBUG(1, ("ERROR: smbldap_init (%s) failed!\n", ctx->url));
goto done;
return ret;
}
-
-/* max number of ids requested per batch query */
-#define IDMAP_LDAP_MAX_IDS 30
-
/**********************************
lookup a set of unix ids.
**********************************/
-/* this function searches up to IDMAP_LDAP_MAX_IDS entries
- * in maps for a match */
-static struct id_map *find_map_by_id(struct id_map **maps,
- enum id_type type,
- uint32_t id)
-{
- int i;
-
- for (i = 0; i < IDMAP_LDAP_MAX_IDS; i++) {
- if (maps[i] == NULL) { /* end of the run */
- return NULL;
- }
- if ((maps[i]->xid.type == type) && (maps[i]->xid.id == id)) {
- return maps[i];
- }
- }
-
- return NULL;
-}
-
static NTSTATUS idmap_ldap_unixids_to_sids(struct idmap_domain *dom,
struct id_map **ids)
{
}
TALLOC_FREE(tmp);
- map = find_map_by_id(&ids[bidx], type, id);
+ map = idmap_find_map_by_id(&ids[bidx], type, id);
if (!map) {
DEBUG(2, ("WARNING: couldn't match sid (%s) "
"with requested ids\n", sidstr));
lookup a set of sids.
**********************************/
-/* this function searches up to IDMAP_LDAP_MAX_IDS entries
- * in maps for a match */
-static struct id_map *find_map_by_sid(struct id_map **maps, struct dom_sid *sid)
-{
- int i;
-
- for (i = 0; i < IDMAP_LDAP_MAX_IDS; i++) {
- if (maps[i] == NULL) { /* end of the run */
- return NULL;
- }
- if (dom_sid_equal(maps[i]->sid, sid)) {
- return maps[i];
- }
- }
-
- return NULL;
-}
-
static NTSTATUS idmap_ldap_sids_to_unixids(struct idmap_domain *dom,
struct id_map **ids)
{
continue;
}
- map = find_map_by_sid(&ids[bidx], &sid);
+ map = idmap_find_map_by_sid(&ids[bidx], &sid);
if (!map) {
DEBUG(2, ("WARNING: couldn't find entry sid (%s) "
"in ids", sidstr));