[Freeipa-devel] [PATCH 0158] Extend ipa-range-check DS plugin to handle range types

Alexander Bokovoy abokovoy at redhat.com
Tue Apr 1 08:40:16 UTC 2014 

On Tue, 01 Apr 2014, Tomas Babej wrote:
>From 736b3f747188696fd4a46ca63d91a6cca942fd56 Mon Sep 17 00:00:00 2001
>From: Tomas Babej <tbabej at redhat.com>
>Date: Wed, 5 Mar 2014 12:28:18 +0100
>Subject: [PATCH] Extend ipa-range-check DS plugin to handle range types
>
>The ipa-range-check plugin used to determine the range type depending
>on the value of the attributes such as RID or secondary RID base. This
>approached caused variety of issues since the portfolio of ID range
>types expanded.
>
>The patch makes sure the following rules are implemented:
>    * No ID range pair can overlap on base ranges, with exception
>      of two ipa-ad-trust-posix ranges belonging to the same forest
>    * For any ID range pair of ranges belonging to the same domain:
>        * Both ID ranges must be of the same type
>        * For ranges of ipa-ad-trust type or ipa-local type:
>            * Primary RID ranges can not overlap
>        * For ranges of ipa-local type:
>            * Primary and secondary RID ranges can not overlap
>            * Secondary RID ranges cannot overlap
>
>For the implementation part, the plugin was extended with a domain ID
>to forest root domain ID mapping derivation capabilities.
>
>https://fedorahosted.org/freeipa/ticket/4137
> 
>-static int slapi_entry_to_range_info(struct slapi_entry *entry,
>+struct domain_info {
>+    char *domain_id;
>+    char *forest_root_id;
>+    struct domain_info *next;
>+};
>+
>+static void free_domain_info(struct domain_info *info) {
>+    if (info != NULL) {
>+        slapi_ch_free_string(&(info->domain_id));
>+        slapi_ch_free_string(&(info->forest_root_id));
>+        free_domain_info(info->next);
>+        free(info);
>+    }
>+}
Please, don't use recursion in the freeing part, there is really no
pressing need to do so. Just use while() like you do in
get_forest_root_id():

>+/* Searches for the domain_info struct with the specified domain_id
>+ * in the linked list. Returns the forest root domain's ID, or NULL for
>+ * local ranges. */
>+
>+static char* get_forest_root_id(struct domain_info *head, char* domain_id) {
>+
>+    /* For local ranges there is no forest root domain,
>+     * so consider only ranges with domain_id set */
>+    if (domain_id != NULL) {
>+        while(head) {
>+            if (strcasecmp(head->domain_id, domain_id) == 0) {
>+                return head->forest_root_id;
>+            }
>+            head = head->next;
>+        }
>+     }
>+
>+    return NULL;
>+}
>+


-- 
/ Alexander Bokovoy

More information about the Freeipa-devel mailing list