diff options
author | Alexander Sulfrian <alexander@sulfrian.net> | 2016-11-11 19:50:16 +0100 |
---|---|---|
committer | Alexander Sulfrian <alexander@sulfrian.net> | 2016-11-11 19:50:16 +0100 |
commit | 81fae820815a5f4c217b950ae4fb989f51e5180b (patch) | |
tree | ac90a5ad78da59fecba50134cddff56f31904623 | |
parent | 48f38fb952bf76e0f237d79f23f5a6e01f3f66f9 (diff) | |
download | ldap-plugin-81fae820815a5f4c217b950ae4fb989f51e5180b.tar.gz ldap-plugin-81fae820815a5f4c217b950ae4fb989f51e5180b.tar.bz2 ldap-plugin-81fae820815a5f4c217b950ae4fb989f51e5180b.zip |
is_service: Add possibility to check for gold services
-rw-r--r-- | service_passwords.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/service_passwords.c b/service_passwords.c index 8a572e3..522b468 100644 --- a/service_passwords.c +++ b/service_passwords.c @@ -139,9 +139,11 @@ fail1: * If this is NULL, the function will only check if the DN * is a service account and will not allocate memory for the * service name. + * @param[out] gold_service If not \c NULL, this method will also check, if + * the service requires a \c splineGoldAccount. * @return 0 if the entry is a service account, 1 otherwise. */ -static int is_service(const char *dn, char **service) +static int is_service(const char *dn, char **service, int *gold_service) { Slapi_Entry *entry = NULL; char *attrs[] = { "objectClass", "cn", NULL }; @@ -149,6 +151,10 @@ static int is_service(const char *dn, char **service) struct berval **cn = NULL; int rc = 0; + if (gold_service != NULL) { + *gold_service = 0; + } + rc |= get_entry(dn, attrs, &entry); if (rc != 0 || entry == NULL) { /* dn not found */ @@ -163,6 +169,13 @@ static int is_service(const char *dn, char **service) goto fail1; } + if (gold_service != NULL) { + if (slapi_entry_attr_hasvalue( + entry, "objectClass", "goldServiceAccount") != 0) { + *gold_service = 1; + } + } + rc |= slapi_entry_attr_find(entry, "cn", &attr); if (rc != 0 || attr == NULL) { /* no cn attribute */ @@ -594,7 +607,7 @@ static int pre_entry(Slapi_PBlock *pb) return 0; } - if (is_service(bind_dn, &service) != 0) { + if (is_service(bind_dn, &service, NULL) != 0) { parent_dn = slapi_dn_parent(bind_dn); rc |= is_user(parent_dn, NULL); slapi_ch_free_string(&parent_dn); @@ -690,7 +703,7 @@ static int pre_search(Slapi_PBlock *pb) return 0; } - if (is_service(bind_dn, NULL) != 0) { + if (is_service(bind_dn, NULL, NULL) != 0) { parent_dn = slapi_dn_parent(bind_dn); rc |= is_user(parent_dn, NULL); slapi_ch_free_string(&parent_dn); |