>From aca947cee4089406e38e02bd2d87c293ee74e6b0 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 21 Aug 2013 16:27:50 +0200 Subject: [PATCH 12/12] NSS: Descend into subdomains if enumerate=true Since we now store the enumerate flag in sysdb for subdomains, we can always descend to all available subdomains and if they do not allow enumeration, simply skip them. --- src/responder/nss/nsssrv_cmd.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 7c35a7b3121dae9ba53135d79d1f7619be1e810b..18ccdeacca0d3a0314526e7728b3ffe42e42245a 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -1597,8 +1597,8 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) { - if (dom->enumerate != 0) break; + for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -1710,7 +1710,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == 0) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } if (!dom) break; @@ -1768,13 +1768,13 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) if (ret != EOK) { DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } if (res->count == 0) { DEBUG(4, ("Domain [%s] has no users, skipping.\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } @@ -1792,7 +1792,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) nctx->pctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } /* We've finished all our lookups @@ -2818,8 +2818,8 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx, } /* check if enumeration is enabled in any domain */ - for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, false)) { - if (dom->enumerate != 0) break; + for (dom = client->rctx->domains; dom; dom = get_next_domain(dom, true)) { + if (dom->enumerate == true) break; } state->dctx->domain = dom; @@ -2931,7 +2931,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) while (dom) { while (dom && dom->enumerate == 0) { - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } if (!dom) break; @@ -2989,13 +2989,13 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) if (ret != EOK) { DEBUG(1, ("Enum from cache failed, skipping domain [%s]\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } if (res->count == 0) { DEBUG(4, ("Domain [%s] has no groups, skipping.\n", dom->name)); - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); continue; } @@ -3013,7 +3013,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) nctx->gctx->num++; /* do not reply until all domain searches are done */ - dom = get_next_domain(dom, false); + dom = get_next_domain(dom, true); } /* We've finished all our lookups -- 1.8.3.1