From: Nick Porter <nick@portercomputing.co.uk>
Date: Tue, 28 Mar 2023 11:19:04 +0000 (+0100)
Subject: Add state to LDAP authorization ctx
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4893b21cb247bd2714927ef8df638e892f21e2df;p=thirdparty%2Ffreeradius-server.git

Add state to LDAP authorization ctx

To track progress through multiple async LDAP queries
---

diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index 4404972dad..0f93158f0e 100644
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -1526,6 +1526,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod
 	autz_ctx->dlinst = mctx->inst;
 	autz_ctx->inst = inst;
 	autz_ctx->mod_env = mod_env;
+	autz_ctx->status = LDAP_AUTZ_FIND;
 
 	if (unlang_function_push(request, mod_authorize_start, mod_authorize_resume, mod_authorize_cancel,
 				 ~FR_SIGNAL_CANCEL, UNLANG_SUB_FRAME, autz_ctx) < 0) RETURN_MODULE_FAIL;
diff --git a/src/modules/rlm_ldap/rlm_ldap.h b/src/modules/rlm_ldap/rlm_ldap.h
index 026a011ad1..d618e9a4de 100644
--- a/src/modules/rlm_ldap/rlm_ldap.h
+++ b/src/modules/rlm_ldap/rlm_ldap.h
@@ -152,6 +152,21 @@ typedef struct {
 	fr_value_box_t	profile_filter;			//!< Filter to use when searching for profiles.
 } ldap_autz_mod_env_t;
 
+/** State list for resumption of authorization
+ *
+ */
+typedef enum {
+	LDAP_AUTZ_FIND = 0,
+	LDAP_AUTZ_GROUP,
+	LDAP_AUTZ_POST_GROUP,
+#ifdef WITH_EDIR
+	LDAP_AUTZ_POST_EDIR,
+#endif
+	LDAP_AUTZ_POST_DEFAULT_PROFILE,
+	LDAP_AUTZ_USER_PROFILE,
+	LDAP_AUTZ_MAP
+} ldap_autz_status_t;
+
 /** Holds state of in progress async authorization
  *
  */
@@ -163,6 +178,7 @@ typedef struct {
 	fr_ldap_thread_trunk_t	*ttrunk;
 	ldap_autz_mod_env_t	*mod_env;
 	LDAPMessage		*entry;
+	ldap_autz_status_t	status;
 } ldap_autz_ctx_t;
 
 extern HIDDEN fr_dict_attr_t const *attr_cleartext_password;