From 79bf37920f20f327e40b638c4d0c2fe892bae589 Mon Sep 17 00:00:00 2001
From: Petr Cech <pcech@redhat.com>
Date: Fri, 13 May 2016 08:49:43 -0400
Subject: [PATCH 2/5] AD_PROVIDER: Initializing of ad_enabled_domains

We add ad_enabled_domains into ad_subdomains_ctx.

Resolves:
https://fedorahosted.org/sssd/ticket/2828
---
 src/providers/ad/ad_init.c       | 93 +++++++++++++++++++++++++++++++++++++++-
 src/providers/ad/ad_subdomains.c |  3 ++
 src/providers/ad/ad_subdomains.h |  1 +
 3 files changed, 96 insertions(+), 1 deletion(-)

diff --git a/src/providers/ad/ad_init.c b/src/providers/ad/ad_init.c
index b17a9f50a3a0e8788196691055faf956a5f6a464..5a64c2afde8f8d7c53af60948d210cd175a62ff1 100644
--- a/src/providers/ad/ad_init.c
+++ b/src/providers/ad/ad_init.c
@@ -533,6 +533,88 @@ ad_shutdown(struct be_req *req)
     sdap_handler_done(req, DP_ERR_OK, EOK, NULL);
 }
 
+static int get_enabled_domains(TALLOC_CTX *mem_ctx, const char *ad_domain,
+                               char ***_ad_enabled_domains)
+{
+    int ret;
+    char *str;
+    char **domains = NULL;
+    char **list = NULL;
+    int count;
+    bool is_ad_in_domains;
+    TALLOC_CTX *tmp_ctx = NULL;
+
+    tmp_ctx = talloc_new(NULL);
+    if (tmp_ctx == NULL) {
+        return ENOMEM;
+    }
+
+    str = dp_opt_get_string(ad_options->basic, AD_ENABLED_DOMAINS);
+    if (str == NULL) {
+        _ad_enabled_domains = NULL;
+        ret = EOK;
+        goto done;
+    }
+
+    count = 0;
+    ret = split_on_separator(tmp_ctx, str, ',', true, true, &domains, &count);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE, "Failed to parse option [%s], [%i] [%s]!\n",
+                                 ad_options->basic[AD_ENABLED_DOMAINS].opt_name,
+                                 ret, sss_strerror(ret));
+        ret = EINVAL;
+        goto done;
+    }
+
+    list = talloc_array_size(tmp_ctx, sizeof(char*), count);
+    if (list == NULL) {
+        ret = ENOMEM;
+        goto done;
+    }
+
+    is_ad_in_domains = false;
+    for (int i = 0; i < count; i++) {
+        list[i] = talloc_strdup(list, domains[i]);
+        if (list[i] == NULL) {
+            ret = ENOMEM;
+            goto done;
+        }
+
+        is_ad_in_domains += strcmp(ad_domain, domains[i]) == 0 ? true : false;
+    }
+
+    if (is_ad_in_domains == false) {
+        list = talloc_realloc(tmp_ctx, list, char*, count + 1);
+        if (list == NULL) {
+            ret = ENOMEM;
+            goto done;
+        }
+
+        list[count] = talloc_strdup(list, ad_domain);
+        if (list[count] == NULL) {
+            ret = ENOMEM;
+            goto done;
+        }
+
+        count++;
+    }
+
+    list = talloc_realloc(tmp_ctx, list, char*, count + 1);
+    if (list == NULL) {
+        ret = ENOMEM;
+        goto done;
+    }
+    list[count] = NULL;
+    count++;
+
+    *_ad_enabled_domains = talloc_steal(mem_ctx, list);
+    ret = EOK;
+
+done:
+    talloc_free(tmp_ctx);
+    return ret;
+}
+
 int sssm_ad_subdomains_init(struct be_ctx *bectx,
                             struct bet_ops **ops,
                             void **pvt_data)
@@ -540,6 +622,7 @@ int sssm_ad_subdomains_init(struct be_ctx *bectx,
     int ret;
     struct ad_id_ctx *id_ctx;
     const char *ad_domain;
+    char **ad_enabled_domains = NULL;
 
     ret = sssm_ad_id_init(bectx, ops, (void **) &id_ctx);
     if (ret != EOK) {
@@ -554,7 +637,15 @@ int sssm_ad_subdomains_init(struct be_ctx *bectx,
 
     ad_domain = dp_opt_get_cstring(ad_options->basic, AD_DOMAIN);
 
-    ret = ad_subdom_init(bectx, id_ctx, ad_domain, ops, pvt_data);
+    ret = get_enabled_domains(bectx, ad_domain, &ad_enabled_domains);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_CRIT_FAILURE, "Failed to parse option [%s]!\n",
+                                ad_options->basic[AD_ENABLED_DOMAINS].opt_name);
+        return EINVAL;
+    }
+
+    ret = ad_subdom_init(bectx, id_ctx, ad_domain, ad_enabled_domains,
+                         ops, pvt_data);
     if (ret != EOK) {
         DEBUG(SSSDBG_CRIT_FAILURE, "ad_subdom_init failed.\n");
         return ret;
diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c
index 4bdd2a7adbf104354a33fd382eb175d9c315d356..a30199912db52d97da8fb94d42cb323c3950c957 100644
--- a/src/providers/ad/ad_subdomains.c
+++ b/src/providers/ad/ad_subdomains.c
@@ -63,6 +63,7 @@ struct ad_subdomains_ctx {
     struct sdap_id_conn_ctx *ldap_ctx;
     struct sss_idmap_ctx *idmap_ctx;
     char *domain_name;
+    char **ad_enabled_domains;
 
     time_t last_refreshed;
     struct tevent_timer *timer_event;
@@ -1179,6 +1180,7 @@ struct bet_ops ad_subdomains_ops = {
 int ad_subdom_init(struct be_ctx *be_ctx,
                    struct ad_id_ctx *id_ctx,
                    const char *ad_domain,
+                   char **ad_enabled_domains,
                    struct bet_ops **ops,
                    void **pvt_data)
 {
@@ -1201,6 +1203,7 @@ int ad_subdom_init(struct be_ctx *be_ctx,
         DEBUG(SSSDBG_OP_FAILURE, "talloc_strdup failed.\n");
         return ENOMEM;
     }
+    ctx->ad_enabled_domains = ad_enabled_domains;
     ctx->ad_id_ctx = id_ctx;
     *ops = &ad_subdomains_ops;
     *pvt_data = ctx;
diff --git a/src/providers/ad/ad_subdomains.h b/src/providers/ad/ad_subdomains.h
index da93af37943bd27313b69cd35b4242f07822608f..8922bd6859e49441f2ca06bc3e6fd0949348d729 100644
--- a/src/providers/ad/ad_subdomains.h
+++ b/src/providers/ad/ad_subdomains.h
@@ -31,6 +31,7 @@
 int ad_subdom_init(struct be_ctx *be_ctx,
                    struct ad_id_ctx *id_ctx,
                    const char *ad_domain,
+                   char **ad_enabled_domains,
                    struct bet_ops **ops,
                    void **pvt_data);
 
-- 
2.5.5