Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • mika/sssd
  • guillem/debian-pkg-sssd
  • john.veitch/sssd
  • jgullberg/sssd
  • gioele/sssd
  • oktay454/sssd
  • sergiodj/sssd
  • 3v1n0/sssd
  • jfalk-guest/sssd
  • sathieu/sssd
  • dpward/sssd
  • sssd-team/sssd
  • ahasenack/sssd
  • jbicha/sssd
  • yrro-guest/sssd
15 results
Show changes
Commits on Source (2)
sssd (2.5.2-3) UNRELEASED; urgency=medium
sssd (2.5.2-3) unstable; urgency=medium
* rules: Explicitly set sssd-user as root.
* install: Add sssd-pcsc.rules to -common.
* postinst: Correct file/dir permissions and ownership when the daemon
is run as root. (Closes: #994807)
* 0001-ad-fallback-to-ldap-if-cldap-is-not-available-in-lib.patch: Our
libldap is built without LDAP_CONNECTIONLESS, cope with that.
(Closes: #994879)
-- Timo Aaltonen <tjaalton@debian.org> Wed, 22 Sep 2021 09:23:33 +0300
-- Timo Aaltonen <tjaalton@debian.org> Wed, 22 Sep 2021 18:54:07 +0300
sssd (2.5.2-2) unstable; urgency=medium
......
From dfb6594e3ce98c6bd543ceebf739eef70955950d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Wed, 11 Aug 2021 12:29:42 +0200
Subject: [PATCH] ad: fallback to ldap if cldap is not available in libldap
Some distributions do not have cldap support available in libldap. Now
we fallback to ad ping over ldap conditionally during build time.
Resolves: https://github.com/SSSD/sssd/issues/5720
:fixes: AD ping is now sent over `ldap` if `cldap` support is not available
during build. This helps to build SSSD on distributions without `cldap`
support in `libldap`.
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
---
src/external/ldap.m4 | 3 ++-
src/providers/ad/ad_cldap_ping.c | 11 +++++++++--
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/src/external/ldap.m4 b/src/external/ldap.m4
index cd13fde62..f42023cd4 100644
--- a/src/external/ldap.m4
+++ b/src/external/ldap.m4
@@ -67,7 +67,8 @@ LIBS="$LIBS $OPENLDAP_LIBS"
AC_CHECK_FUNCS([ldap_control_create ldap_init_fd \
ldap_create_deref_control_value \
ldap_parse_derefresponse_control \
- ldap_derefresponse_free])
+ ldap_derefresponse_free \
+ ldap_is_ldapc_url])
AC_CHECK_MEMBERS([struct ldap_conncb.lc_arg],
[AC_RUN_IFELSE(
[AC_LANG_PROGRAM(
diff --git a/src/providers/ad/ad_cldap_ping.c b/src/providers/ad/ad_cldap_ping.c
index 7722af98a..889ad420c 100644
--- a/src/providers/ad/ad_cldap_ping.c
+++ b/src/providers/ad/ad_cldap_ping.c
@@ -36,6 +36,12 @@
#include "providers/ldap/sdap_async.h"
#include "db/sysdb.h"
+#ifdef HAVE_LDAP_IS_LDAPC_URL
+#define AD_PING_PROTOCOL "cldap"
+#else
+#define AD_PING_PROTOCOL "ldap"
+#endif
+
struct ad_cldap_ping_dc_state {
struct tevent_context *ev;
struct sdap_options *opts;
@@ -76,8 +82,9 @@ static struct tevent_req *ad_cldap_ping_dc_send(TALLOC_CTX *mem_ctx,
state->ad_domain = ad_domain;
subreq = sdap_connect_host_send(state, ev, opts, be_res->resolv,
- be_res->family_order, host_db, "cldap",
- dc->host, dc->port, false);
+ be_res->family_order, host_db,
+ AD_PING_PROTOCOL, dc->host, dc->port,
+ false);
if (subreq == NULL) {
ret = ENOMEM;
goto done;
--
2.32.0
......@@ -2,3 +2,4 @@ fix-whitespace-test.diff
default-to-socket-activated-services.diff
fix_newer_autoconf.patch
0001-TOOLS-replace-system-with-execvp-to-avoid-execution-.patch
0001-ad-fallback-to-ldap-if-cldap-is-not-available-in-lib.patch