Add state to LDAP authorization ctx

To track progress through multiple async LDAP queries

diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index 4404972dad2864bab3553149a0a8ebed6e072580..0f93158f0ec8a9b570f6570fcc070da4ee74ddfd 100644 (file)
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -1526,6 +1526,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod
        autz_ctx->dlinst = mctx->inst;
        autz_ctx->inst = inst;
        autz_ctx->mod_env = mod_env;
+       autz_ctx->status = LDAP_AUTZ_FIND;
 
        if (unlang_function_push(request, mod_authorize_start, mod_authorize_resume, mod_authorize_cancel,
                                 ~FR_SIGNAL_CANCEL, UNLANG_SUB_FRAME, autz_ctx) < 0) RETURN_MODULE_FAIL;

diff --git a/src/modules/rlm_ldap/rlm_ldap.h b/src/modules/rlm_ldap/rlm_ldap.h
index 026a011ad1604a51a4b859772238ccbdc1afe7e0..d618e9a4de92809225108b78e8abc874b82c6b0e 100644 (file)
--- a/src/modules/rlm_ldap/rlm_ldap.h
+++ b/src/modules/rlm_ldap/rlm_ldap.h
@@ -152,6 +152,21 @@ typedef struct {
        fr_value_box_t  profile_filter;                 //!< Filter to use when searching for profiles.
 } ldap_autz_mod_env_t;
 
+/** State list for resumption of authorization
+ *
+ */
+typedef enum {
+       LDAP_AUTZ_FIND = 0,
+       LDAP_AUTZ_GROUP,
+       LDAP_AUTZ_POST_GROUP,
+#ifdef WITH_EDIR
+       LDAP_AUTZ_POST_EDIR,
+#endif
+       LDAP_AUTZ_POST_DEFAULT_PROFILE,
+       LDAP_AUTZ_USER_PROFILE,
+       LDAP_AUTZ_MAP
+} ldap_autz_status_t;
+
 /** Holds state of in progress async authorization
  *
  */
@@ -163,6 +178,7 @@ typedef struct {
        fr_ldap_thread_trunk_t  *ttrunk;
        ldap_autz_mod_env_t     *mod_env;
        LDAPMessage             *entry;
+       ldap_autz_status_t      status;
 } ldap_autz_ctx_t;
 
 extern HIDDEN fr_dict_attr_t const *attr_cleartext_password;