#include "smbldap.h"
-static char *idmap_fetch_secret(const char *backend, bool alloc,
+static char *idmap_fetch_secret(const char *backend,
const char *domain, const char *identity)
{
char *tmp, *ret;
int r;
- if (alloc) {
- r = asprintf(&tmp, "IDMAP_ALLOC_%s", backend);
- } else {
- r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
- }
+ r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
if (r < 0)
return NULL;
return ret;
}
-struct idmap_ldap_alloc_context {
- struct smbldap_state *smbldap_state;
- char *url;
- char *suffix;
- char *user_dn;
-};
-
struct idmap_ldap_context {
struct smbldap_state *smbldap_state;
char *url;
if ( tmp ) {
if (!dom) {
- /* only the alloc backend can pass in a NULL dom */
- secret = idmap_fetch_secret("ldap", True,
- NULL, tmp);
+ DEBUG(0, ("get_credentials: Invalid domain 'NULL' "
+ "encountered for user DN %s\n",
+ tmp));
+ ret = NT_STATUS_UNSUCCESSFUL;
+ goto done;
} else {
- secret = idmap_fetch_secret("ldap", False,
- dom->name, tmp);
+ secret = idmap_fetch_secret("ldap", dom->name, tmp);
}
if (!secret) {
Allocate a new uid or gid
********************************/
-static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom,
- struct unixid *xid)
+static NTSTATUS idmap_ldap_allocate_id_internal(struct idmap_domain *dom,
+ struct unixid *xid)
{
TALLOC_CTX *mem_ctx;
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
* For now this is for the default idmap domain only.
* Should be extended later on.
*/
-static NTSTATUS idmap_ldap_get_new_id(struct idmap_domain *dom,
- struct unixid *id)
+static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom,
+ struct unixid *id)
{
NTSTATUS ret;
if (!strequal(dom->name, "*")) {
- DEBUG(3, ("idmap_ldap_get_new_id: "
+ DEBUG(3, ("idmap_ldap_allocate_id: "
"Refusing allocation of a new unixid for domain'%s'. "
- "Currently only supported for the default "
+ "This is only supported for the default "
"domain \"*\".\n",
dom->name));
return NT_STATUS_NOT_IMPLEMENTED;
}
- ret = idmap_ldap_allocate_id(dom, id);
+ ret = idmap_ldap_allocate_id_internal(dom, id);
return ret;
}
static NTSTATUS idmap_ldap_set_mapping(struct idmap_domain *dom,
const struct id_map *map);
-static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom,
- const char *params)
+static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom)
{
NTSTATUS ret;
struct idmap_ldap_context *ctx = NULL;
return NT_STATUS_FILE_IS_OFFLINE;
}
- ctx = TALLOC_ZERO_P(dom, struct idmap_ldap_context);
+ ctx = talloc_zero(dom, struct idmap_ldap_context);
if ( ! ctx) {
DEBUG(0, ("Out of memory!\n"));
return NT_STATUS_NO_MEMORY;
}
- if (strequal(dom->name, "*")) {
- /* more specific configuration can go here */
- } else {
- config_option = talloc_asprintf(ctx, "idmap config %s", dom->name);
- if ( ! config_option) {
- DEBUG(0, ("Out of memory!\n"));
- ret = NT_STATUS_NO_MEMORY;
- goto done;
- }
+ config_option = talloc_asprintf(ctx, "idmap config %s", dom->name);
+ if (!config_option) {
+ DEBUG(0, ("Out of memory!\n"));
+ ret = NT_STATUS_NO_MEMORY;
+ goto done;
}
- if (params != NULL) {
- /* assume location is the only parameter */
- ctx->url = talloc_strdup(ctx, params);
- } else {
- tmp = lp_parm_const_string(-1, config_option, "ldap_url", NULL);
+ tmp = lp_parm_const_string(-1, config_option, "ldap_url", NULL);
- if ( ! tmp) {
- DEBUG(1, ("ERROR: missing idmap ldap url\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- ctx->url = talloc_strdup(ctx, tmp);
+ if ( ! tmp) {
+ DEBUG(1, ("ERROR: missing idmap ldap url\n"));
+ ret = NT_STATUS_UNSUCCESSFUL;
+ goto done;
}
- CHECK_ALLOC_DONE(ctx->url);
+
+ ctx->url = talloc_strdup(ctx, tmp);
trim_char(ctx->url, '\"', '\"');
ctx->rw_ops = talloc_zero(ctx, struct idmap_rw_ops);
CHECK_ALLOC_DONE(ctx->rw_ops);
- ctx->rw_ops->get_new_id = idmap_ldap_get_new_id;
+ ctx->rw_ops->get_new_id = idmap_ldap_allocate_id_internal;
ctx->rw_ops->set_mapping = idmap_ldap_set_mapping;
ret = smbldap_init(ctx, winbind_event_context(), ctx->url,
goto done;
}
- /* set the destructor on the context, so that resource are properly
- freed if the contexts is released */
-
+ /*
+ * Set the destructor on the context, so that resources are
+ * properly freed when the context is released.
+ */
talloc_set_destructor(ctx, idmap_ldap_close_destructor);
dom->private_data = ctx;
Close the idmap ldap instance
**********************************/
-static NTSTATUS idmap_ldap_close(struct idmap_domain *dom)
-{
- struct idmap_ldap_context *ctx;
-
- if (dom->private_data) {
- ctx = talloc_get_type(dom->private_data,
- struct idmap_ldap_context);
-
- talloc_free(ctx);
- dom->private_data = NULL;
- }
-
- return NT_STATUS_OK;
-}
-
static struct idmap_methods idmap_ldap_methods = {
.init = idmap_ldap_db_init,
.unixids_to_sids = idmap_ldap_unixids_to_sids,
.sids_to_unixids = idmap_ldap_sids_to_unixids,
- .allocate_id = idmap_ldap_get_new_id,
- .close_fn = idmap_ldap_close
+ .allocate_id = idmap_ldap_allocate_id,
};
NTSTATUS idmap_ldap_init(void);