[PATCH] some cleanups for smbldap.c
Alexander Bokovoy
ab at samba.org
Wed Apr 19 15:39:18 UTC 2017
On ke, 19 huhti 2017, vl at samba.org wrote:
> On Wed, Apr 19, 2017 at 05:41:48PM +0300, Alexander Bokovoy via samba-technical wrote:
> > On ke, 19 huhti 2017, vl--- via samba-technical wrote:
> > > Hi!
> > >
> > > The main focus is to make "struct smbldap_state" private to smbldap.c
> > > for better encapsulation.
> > >
> > > Review appreciated!
> > Looks good to me. This will break ipasam in FreeIPA but I already
> > started moving it to own private struct as 'struct ldapsam_privates' is
> > not accessible anymore and I neeed anyway to implement some more of a
> > backend code that needs own proper private struct. Updating it to use
> > your wrappers is not a problem.
>
> I've pushed the "privatize smbldap_struct" now. This renders the
> bind_callback inaccessible too. What are you using it for? Looking at
> ipa_sam.c I don't get the full picture.
We do SASL GSSAPI authentication against IPA LDAP server. The reason for
that is because cifs/... principal has special rights in LDAP to read
and write keys of TDO objects and ability to set up access to them for
SSSD on IPA master.
Thus, BIND callback is really important to have to FreeIPA.
Would a similar
void smbldap_set_bind_callback(struct smbldap_state*, bindproc, void *binddata);
where bindproc is what we have already
int (*bind_callback)(LDAP *ldap_struct, struct smbldap_state *ldap_state, void *data);
be acceptable?
--
/ Alexander Bokovoy
More information about the samba-technical
mailing list