Hi,
currently the sdap interface is only used by the ID provider and consequently only offers special search for users and groups. This patch adds a generic search, i.e. the caller can specify the search base and and an attribute list. This will be used by the IPA access provider to load HABC rules from the IPA server.
bye, Sumit
On Fri, 2009-10-16 at 11:58 +0200, Sumit Bose wrote:
Hi,
currently the sdap interface is only used by the ID provider and consequently only offers special search for users and groups. This patch adds a generic search, i.e. the caller can specify the search base and and an attribute list. This will be used by the IPA access provider to load HABC rules from the IPA server.
Mostly ok but I have a few remarks.
1. please move sdap_parse_generic_entry() in another section, only forward function declarations should stay between the state structure and the _send() function.
2. In _send() make sure you set to 0 any structure member that is not initialized with a value as tevent_req_create() does not zero the state structure, therefore you may find uninitialized values.
3. Use SDAP_NETWORK_TIMEOUT with dp_opt_get_int for the timeouts, no FIXMEs please :)
4. Why do you return a list of reply_item structures instead of an array of sysdb_attrs and and a counter ?
Simo.
On Fri, Oct 16, 2009 at 02:47:38PM -0400, Simo Sorce wrote:
On Fri, 2009-10-16 at 11:58 +0200, Sumit Bose wrote:
Hi,
currently the sdap interface is only used by the ID provider and consequently only offers special search for users and groups. This patch adds a generic search, i.e. the caller can specify the search base and and an attribute list. This will be used by the IPA access provider to load HABC rules from the IPA server.
Mostly ok but I have a few remarks.
- please move sdap_parse_generic_entry() in another section, only
forward function declarations should stay between the state structure and the _send() function.
moved to sdap.h
- In _send() make sure you set to 0 any structure member that is not
initialized with a value as tevent_req_create() does not zero the state structure, therefore you may find uninitialized values.
done
- Use SDAP_NETWORK_TIMEOUT with dp_opt_get_int for the timeouts, no
FIXMEs please :)
done
- Why do you return a list of reply_item structures instead of an array
of sysdb_attrs and and a counter ?
done, new patch attached.
bye, Sumit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10/20/2009 07:38 PM, Simo Sorce wrote:
On Mon, 2009-10-19 at 14:45 +0200, Sumit Bose wrote:
done, new patch attached.
ack
Simo.
sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
Pushed to master.
- -- Stephen Gallagher RHCE 804006346421761
Looking to carve out IT costs? www.redhat.com/carveoutcosts/
sssd-devel@lists.fedorahosted.org
-
Simo Sorce -
Stephen Gallagher -
Sumit Bose