2nd patch)
+/*
=Copy-Option-From-Subdomain-If-Allowed================================= */
Should
be Copy-Option-From-Parent?
+void dp_option_inherit(const struct sss_domain_info *parent_dom,
Sorry for late notice, but would it be a good idea to pass
parent_dom->sd_inherit instead of parent_dom? I mean it's better to pass
only input data needed by function directly and I guess testing would be
a little shorter, but since it's already done I really don't insist. I'm
just proposing.
+ int option,
+ struct dp_option *parent_opts,
+ struct dp_option *subdom_opts)
+{
5th patch)
+static void sdap_inherit_user_options(struct sss_domain_info
*parent_dom,
+ struct sdap_attr_map
*parent_user_map,
+ struct sdap_attr_map
*child_user_map)
+{
+ int inherit_options[] = {
+ SDAP_AT_USER_PRINC,
+ SDAP_OPTS_USER /* sentinel */
+ };
+ int i;
+
+ for (i = 0; inherit_options[i] != SDAP_OPTS_USER; i++) {
Shouldn't we
check inherit_option here as well otherwise
SDAP_AT_USER_PRINC gets inherited always.
+ sdap_copy_map_entry(parent_user_map,
+ child_user_map,
+ inherit_options[i]);
+ }
+}