|
 |
6cf099 |
From 15dcdcf23bce2423f05c03f7c0aa61f23383d488 Mon Sep 17 00:00:00 2001
|
|
|
6cf099 |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
6cf099 |
Date: Mon, 4 May 2015 12:34:32 +0200
|
|
|
6cf099 |
Subject: [PATCH 04/13] DP: Add DP_WILDCARD and
|
|
|
6cf099 |
SSS_DP_WILDCARD_USER/SSS_DP_WILDCARD_GROUP
|
|
|
6cf099 |
MIME-Version: 1.0
|
|
|
6cf099 |
Content-Type: text/plain; charset=UTF-8
|
|
|
6cf099 |
Content-Transfer-Encoding: 8bit
|
|
|
6cf099 |
|
|
|
6cf099 |
Related:
|
|
|
6cf099 |
https://fedorahosted.org/sssd/ticket/2553
|
|
|
6cf099 |
|
|
|
6cf099 |
Extends the Data Provider interface and the responder<->Data provider
|
|
|
6cf099 |
interface with wildcard lookups.
|
|
|
6cf099 |
|
|
|
6cf099 |
The patch uses a new "wildcard" prefix rather than reusing the existing
|
|
|
6cf099 |
user/group prefixes.
|
|
|
6cf099 |
|
|
|
6cf099 |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
6cf099 |
---
|
|
|
6cf099 |
src/providers/data_provider.h | 4 ++++
|
|
|
6cf099 |
src/providers/data_provider_be.c | 5 +++++
|
|
|
6cf099 |
src/responder/common/responder.h | 4 +++-
|
|
|
6cf099 |
src/responder/common/responder_dp.c | 11 +++++++++++
|
|
|
6cf099 |
4 files changed, 23 insertions(+), 1 deletion(-)
|
|
|
6cf099 |
|
|
|
6cf099 |
diff --git a/src/providers/data_provider.h b/src/providers/data_provider.h
|
|
|
6cf099 |
index 13a700308e9c9d1a80c0310dbb1c17de33607498..510c63ce41c99314ec8fcf11fffb2e66082e8951 100644
|
|
|
6cf099 |
--- a/src/providers/data_provider.h
|
|
|
6cf099 |
+++ b/src/providers/data_provider.h
|
|
|
6cf099 |
@@ -129,6 +129,7 @@
|
|
|
6cf099 |
#define BE_FILTER_SECID 4
|
|
|
6cf099 |
#define BE_FILTER_UUID 5
|
|
|
6cf099 |
#define BE_FILTER_CERT 6
|
|
|
6cf099 |
+#define BE_FILTER_WILDCARD 7
|
|
|
6cf099 |
|
|
|
6cf099 |
#define BE_REQ_USER 0x0001
|
|
|
6cf099 |
#define BE_REQ_GROUP 0x0002
|
|
|
6cf099 |
@@ -153,6 +154,9 @@
|
|
|
6cf099 |
#define DP_SEC_ID_LEN (sizeof(DP_SEC_ID) - 1)
|
|
|
6cf099 |
#define DP_CERT_LEN (sizeof(DP_CERT) - 1)
|
|
|
6cf099 |
|
|
|
6cf099 |
+#define DP_WILDCARD "wildcard"
|
|
|
6cf099 |
+#define DP_WILDCARD_LEN (sizeof(DP_WILDCARD) - 1)
|
|
|
6cf099 |
+
|
|
|
6cf099 |
#define EXTRA_NAME_IS_UPN "U"
|
|
|
6cf099 |
#define EXTRA_INPUT_MAYBE_WITH_VIEW "V"
|
|
|
6cf099 |
|
|
|
6cf099 |
diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
|
|
|
6cf099 |
index f5bdfb676011975defa4c5a734d420c8694f3bdd..d147630248f0a24f5a632760b55b9284a6928e40 100644
|
|
|
6cf099 |
--- a/src/providers/data_provider_be.c
|
|
|
6cf099 |
+++ b/src/providers/data_provider_be.c
|
|
|
6cf099 |
@@ -1204,6 +1204,11 @@ static int be_get_account_info(struct sbus_request *dbus_req, void *user_data)
|
|
|
6cf099 |
ret = split_name_extended(req, &filter[DP_CERT_LEN + 1],
|
|
|
6cf099 |
&req->filter_value,
|
|
|
6cf099 |
&req->extra_value);
|
|
|
6cf099 |
+ } else if (strncmp(filter, DP_WILDCARD"=", DP_WILDCARD_LEN + 1) == 0) {
|
|
|
6cf099 |
+ req->filter_type = BE_FILTER_WILDCARD;
|
|
|
6cf099 |
+ ret = split_name_extended(req, &filter[DP_WILDCARD_LEN + 1],
|
|
|
6cf099 |
+ &req->filter_value,
|
|
|
6cf099 |
+ &req->extra_value);
|
|
|
6cf099 |
} else if (strcmp(filter, ENUM_INDICATOR) == 0) {
|
|
|
6cf099 |
req->filter_type = BE_FILTER_ENUM;
|
|
|
6cf099 |
req->filter_value = NULL;
|
|
|
6cf099 |
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
|
|
|
6cf099 |
index bd0250d52aae1efdac3bc0847f692542c6cfb6d2..4d927cfe321bf3ad240b7c175568081ea73ab652 100644
|
|
|
6cf099 |
--- a/src/responder/common/responder.h
|
|
|
6cf099 |
+++ b/src/responder/common/responder.h
|
|
|
6cf099 |
@@ -282,7 +282,9 @@ enum sss_dp_acct_type {
|
|
|
6cf099 |
SSS_DP_SERVICES,
|
|
|
6cf099 |
SSS_DP_SECID,
|
|
|
6cf099 |
SSS_DP_USER_AND_GROUP,
|
|
|
6cf099 |
- SSS_DP_CERT
|
|
|
6cf099 |
+ SSS_DP_CERT,
|
|
|
6cf099 |
+ SSS_DP_WILDCARD_USER,
|
|
|
6cf099 |
+ SSS_DP_WILDCARD_GROUP,
|
|
|
6cf099 |
};
|
|
|
6cf099 |
|
|
|
6cf099 |
struct tevent_req *
|
|
|
6cf099 |
diff --git a/src/responder/common/responder_dp.c b/src/responder/common/responder_dp.c
|
|
|
6cf099 |
index f752c94c37fd0efa0d072ef8c567bd875a08e6f7..f7f8df04e80439d2d02df3e4d2aa4f3576997f36 100644
|
|
|
6cf099 |
--- a/src/responder/common/responder_dp.c
|
|
|
6cf099 |
+++ b/src/responder/common/responder_dp.c
|
|
|
6cf099 |
@@ -528,9 +528,11 @@ sss_dp_get_account_msg(void *pvt)
|
|
|
6cf099 |
|
|
|
6cf099 |
switch (info->type) {
|
|
|
6cf099 |
case SSS_DP_USER:
|
|
|
6cf099 |
+ case SSS_DP_WILDCARD_USER:
|
|
|
6cf099 |
be_type = BE_REQ_USER;
|
|
|
6cf099 |
break;
|
|
|
6cf099 |
case SSS_DP_GROUP:
|
|
|
6cf099 |
+ case SSS_DP_WILDCARD_GROUP:
|
|
|
6cf099 |
be_type = BE_REQ_GROUP;
|
|
|
6cf099 |
break;
|
|
|
6cf099 |
case SSS_DP_INITGROUPS:
|
|
|
6cf099 |
@@ -574,6 +576,15 @@ sss_dp_get_account_msg(void *pvt)
|
|
|
6cf099 |
filter = talloc_asprintf(info, "%s=%s", DP_CERT,
|
|
|
6cf099 |
info->opt_name);
|
|
|
6cf099 |
}
|
|
|
6cf099 |
+ } else if (info->type == SSS_DP_WILDCARD_USER ||
|
|
|
6cf099 |
+ info->type == SSS_DP_WILDCARD_GROUP) {
|
|
|
6cf099 |
+ if (info->extra) {
|
|
|
6cf099 |
+ filter = talloc_asprintf(info, "%s=%s:%s", DP_WILDCARD,
|
|
|
6cf099 |
+ info->opt_name, info->extra);
|
|
|
6cf099 |
+ } else {
|
|
|
6cf099 |
+ filter = talloc_asprintf(info, "%s=%s", DP_WILDCARD,
|
|
|
6cf099 |
+ info->opt_name);
|
|
|
6cf099 |
+ }
|
|
|
6cf099 |
} else {
|
|
|
6cf099 |
if (info->extra) {
|
|
|
6cf099 |
filter = talloc_asprintf(info, "name=%s:%s",
|
|
|
6cf099 |
--
|
|
|
6cf099 |
2.4.3
|
|
|
6cf099 |
|