|
 |
9f2ebf |
From cac78825ba2fcb2efcd7ff2e58b562b370bbb28c Mon Sep 17 00:00:00 2001
|
|
|
9f2ebf |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
9f2ebf |
Date: Mon, 30 Oct 2017 20:51:40 +0100
|
|
|
9f2ebf |
Subject: [PATCH 75/83] RESP: Expose DP method getAccountDomain() to responders
|
|
|
9f2ebf |
MIME-Version: 1.0
|
|
|
9f2ebf |
Content-Type: text/plain; charset=UTF-8
|
|
|
9f2ebf |
Content-Transfer-Encoding: 8bit
|
|
|
9f2ebf |
|
|
|
9f2ebf |
Adds a tevent request that calls the getAccountDomain DP method.
|
|
|
9f2ebf |
This request will be used by responders to locate an object's domain.
|
|
|
9f2ebf |
|
|
|
9f2ebf |
At the moment, only looking up UIDs and GIDs is supported.
|
|
|
9f2ebf |
|
|
|
9f2ebf |
Internally, until we switch to the rdp_ interface everywhere, this
|
|
|
9f2ebf |
interface hooks into the sss_dp_issue_request(). When we switch to
|
|
|
9f2ebf |
the rdp_ interface, we'll be able to provide a nicer method parameters
|
|
|
9f2ebf |
as well.
|
|
|
9f2ebf |
|
|
|
9f2ebf |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
9f2ebf |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
9f2ebf |
(cherry picked from commit 95fd82a4d7b50e64fed6906bc5345f271e8247d9)
|
|
|
9f2ebf |
---
|
|
|
9f2ebf |
src/responder/common/responder.h | 36 +++++++
|
|
|
9f2ebf |
src/responder/common/responder_get_domains.c | 155 +++++++++++++++++++++++++++
|
|
|
9f2ebf |
2 files changed, 191 insertions(+)
|
|
|
9f2ebf |
|
|
|
9f2ebf |
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
|
|
|
9f2ebf |
index 9a57df558994c418d440eabf4a29f69c4a47faa5..9400e4b60d9fc77c23710174e4c00a83f6395985 100644
|
|
|
9f2ebf |
--- a/src/responder/common/responder.h
|
|
|
9f2ebf |
+++ b/src/responder/common/responder.h
|
|
|
9f2ebf |
@@ -375,6 +375,42 @@ struct tevent_req *sss_dp_get_domains_send(TALLOC_CTX *mem_ctx,
|
|
|
9f2ebf |
|
|
|
9f2ebf |
errno_t sss_dp_get_domains_recv(struct tevent_req *req);
|
|
|
9f2ebf |
|
|
|
9f2ebf |
+/*
|
|
|
9f2ebf |
+ * Call a getAccountDomain request
|
|
|
9f2ebf |
+ *
|
|
|
9f2ebf |
+ * Only requests by ID are supported.
|
|
|
9f2ebf |
+ *
|
|
|
9f2ebf |
+ * @param mem_ctx Parent memory context
|
|
|
9f2ebf |
+ * @param rctx Responder context
|
|
|
9f2ebf |
+ * @param domain The SSSD domain we're querying. The response can
|
|
|
9f2ebf |
+ * be either NULL or come from any of domain's subdomains
|
|
|
9f2ebf |
+ * or domain itself
|
|
|
9f2ebf |
+ * @param type Either SSS_DP_USER or SSS_DP_GROUP, other types
|
|
|
9f2ebf |
+ * are not supported at the moment
|
|
|
9f2ebf |
+ * @param opt_id The ID number we're trying to locate
|
|
|
9f2ebf |
+ *
|
|
|
9f2ebf |
+ * @return A tevent request or NULL if allocating the request fails.
|
|
|
9f2ebf |
+ */
|
|
|
9f2ebf |
+struct tevent_req *sss_dp_get_account_domain_send(TALLOC_CTX *mem_ctx,
|
|
|
9f2ebf |
+ struct resp_ctx *rctx,
|
|
|
9f2ebf |
+ struct sss_domain_info *domain,
|
|
|
9f2ebf |
+ enum sss_dp_acct_type type,
|
|
|
9f2ebf |
+ uint32_t opt_id);
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+/* Receive a getAccountDomain request result
|
|
|
9f2ebf |
+ *
|
|
|
9f2ebf |
+ * @param mem_ctx The memory context that will own the contents of _domain
|
|
|
9f2ebf |
+ * @param req The request that had finished
|
|
|
9f2ebf |
+ * @para _domain Either NULL (the request did not match any domain) or
|
|
|
9f2ebf |
+ * a string that corresponds to either the input domain
|
|
|
9f2ebf |
+ * or any of its subdomains
|
|
|
9f2ebf |
+ *
|
|
|
9f2ebf |
+ * @return EOK on success, errno otherwise
|
|
|
9f2ebf |
+ */
|
|
|
9f2ebf |
+errno_t sss_dp_get_account_domain_recv(TALLOC_CTX *mem_ctx,
|
|
|
9f2ebf |
+ struct tevent_req *req,
|
|
|
9f2ebf |
+ char **_domain);
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
errno_t schedule_get_domains_task(TALLOC_CTX *mem_ctx,
|
|
|
9f2ebf |
struct tevent_context *ev,
|
|
|
9f2ebf |
struct resp_ctx *rctx,
|
|
|
9f2ebf |
diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c
|
|
|
9f2ebf |
index 4955af064040e03372e9a47fb264499d9a23b828..d69bce2300580beb42d3af8e66ff467db890f284 100644
|
|
|
9f2ebf |
--- a/src/responder/common/responder_get_domains.c
|
|
|
9f2ebf |
+++ b/src/responder/common/responder_get_domains.c
|
|
|
9f2ebf |
@@ -642,3 +642,158 @@ errno_t sss_parse_inp_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
|
|
|
9f2ebf |
|
|
|
9f2ebf |
return state->error;
|
|
|
9f2ebf |
}
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+/* ========== Get domain of an ccount ================= */
|
|
|
9f2ebf |
+struct sss_dp_get_account_domain_info {
|
|
|
9f2ebf |
+ struct sss_domain_info *dom;
|
|
|
9f2ebf |
+ enum sss_dp_acct_type type;
|
|
|
9f2ebf |
+ uint32_t opt_id;
|
|
|
9f2ebf |
+};
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+static DBusMessage *sss_dp_get_account_domain_msg(void *pvt);
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+struct tevent_req *sss_dp_get_account_domain_send(TALLOC_CTX *mem_ctx,
|
|
|
9f2ebf |
+ struct resp_ctx *rctx,
|
|
|
9f2ebf |
+ struct sss_domain_info *dom,
|
|
|
9f2ebf |
+ enum sss_dp_acct_type type,
|
|
|
9f2ebf |
+ uint32_t opt_id)
|
|
|
9f2ebf |
+{
|
|
|
9f2ebf |
+ struct tevent_req *req;
|
|
|
9f2ebf |
+ struct sss_dp_get_account_domain_info *info;
|
|
|
9f2ebf |
+ struct sss_dp_req_state *state;
|
|
|
9f2ebf |
+ char *key;
|
|
|
9f2ebf |
+ errno_t ret;
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ req = tevent_req_create(mem_ctx, &state, struct sss_dp_req_state);
|
|
|
9f2ebf |
+ if (!req) {
|
|
|
9f2ebf |
+ return NULL;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ info = talloc_zero(state, struct sss_dp_get_account_domain_info);
|
|
|
9f2ebf |
+ if (info == NULL) {
|
|
|
9f2ebf |
+ ret = ENOMEM;
|
|
|
9f2ebf |
+ goto immediately;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+ info->type = type;
|
|
|
9f2ebf |
+ info->opt_id = opt_id;
|
|
|
9f2ebf |
+ info->dom = dom;
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ key = talloc_asprintf(state, "%d: %"SPRIuid"@%s", type, opt_id, dom->name);
|
|
|
9f2ebf |
+ if (key == NULL) {
|
|
|
9f2ebf |
+ ret = ENOMEM;
|
|
|
9f2ebf |
+ goto immediately;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ ret = sss_dp_issue_request(state, rctx, key, dom,
|
|
|
9f2ebf |
+ sss_dp_get_account_domain_msg,
|
|
|
9f2ebf |
+ info, req);
|
|
|
9f2ebf |
+ talloc_free(key);
|
|
|
9f2ebf |
+ if (ret != EOK) {
|
|
|
9f2ebf |
+ DEBUG(SSSDBG_OP_FAILURE,
|
|
|
9f2ebf |
+ "Could not issue DP request [%d]: %s\n",
|
|
|
9f2ebf |
+ ret, sss_strerror(ret));
|
|
|
9f2ebf |
+ goto immediately;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ return req;
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+immediately:
|
|
|
9f2ebf |
+ if (ret == EOK) {
|
|
|
9f2ebf |
+ tevent_req_done(req);
|
|
|
9f2ebf |
+ } else {
|
|
|
9f2ebf |
+ tevent_req_error(req, ret);
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+ tevent_req_post(req, rctx->ev);
|
|
|
9f2ebf |
+ return req;
|
|
|
9f2ebf |
+}
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+static DBusMessage *
|
|
|
9f2ebf |
+sss_dp_get_account_domain_msg(void *pvt)
|
|
|
9f2ebf |
+{
|
|
|
9f2ebf |
+ DBusMessage *msg;
|
|
|
9f2ebf |
+ dbus_bool_t dbret;
|
|
|
9f2ebf |
+ struct sss_dp_get_account_domain_info *info;
|
|
|
9f2ebf |
+ uint32_t entry_type;
|
|
|
9f2ebf |
+ char *filter;
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ info = talloc_get_type(pvt, struct sss_dp_get_account_domain_info);
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ switch (info->type) {
|
|
|
9f2ebf |
+ case SSS_DP_USER:
|
|
|
9f2ebf |
+ entry_type = BE_REQ_USER;
|
|
|
9f2ebf |
+ break;
|
|
|
9f2ebf |
+ case SSS_DP_GROUP:
|
|
|
9f2ebf |
+ entry_type = BE_REQ_GROUP;
|
|
|
9f2ebf |
+ break;
|
|
|
9f2ebf |
+ case SSS_DP_USER_AND_GROUP:
|
|
|
9f2ebf |
+ entry_type = BE_REQ_USER_AND_GROUP;
|
|
|
9f2ebf |
+ break;
|
|
|
9f2ebf |
+ default:
|
|
|
9f2ebf |
+ DEBUG(SSSDBG_OP_FAILURE,
|
|
|
9f2ebf |
+ "Unsupported lookup type %X for this request\n", info->type);
|
|
|
9f2ebf |
+ return NULL;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ filter = talloc_asprintf(info, "idnumber=%u", info->opt_id);
|
|
|
9f2ebf |
+ if (!filter) {
|
|
|
9f2ebf |
+ DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory?!\n");
|
|
|
9f2ebf |
+ return NULL;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ msg = dbus_message_new_method_call(NULL,
|
|
|
9f2ebf |
+ DP_PATH,
|
|
|
9f2ebf |
+ IFACE_DP,
|
|
|
9f2ebf |
+ IFACE_DP_GETACCOUNTDOMAIN);
|
|
|
9f2ebf |
+ if (msg == NULL) {
|
|
|
9f2ebf |
+ talloc_free(filter);
|
|
|
9f2ebf |
+ DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory?!\n");
|
|
|
9f2ebf |
+ return NULL;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ /* create the message */
|
|
|
9f2ebf |
+ DEBUG(SSSDBG_TRACE_FUNC,
|
|
|
9f2ebf |
+ "Creating request for [%s][%#x][%s][%s:-]\n",
|
|
|
9f2ebf |
+ info->dom->name, entry_type, be_req2str(entry_type), filter);
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ dbret = dbus_message_append_args(msg,
|
|
|
9f2ebf |
+ DBUS_TYPE_UINT32, &entry_type,
|
|
|
9f2ebf |
+ DBUS_TYPE_STRING, &filter,
|
|
|
9f2ebf |
+ DBUS_TYPE_INVALID);
|
|
|
9f2ebf |
+ talloc_free(filter);
|
|
|
9f2ebf |
+ if (!dbret) {
|
|
|
9f2ebf |
+ DEBUG(SSSDBG_CRIT_FAILURE, "Failed to build message\n");
|
|
|
9f2ebf |
+ dbus_message_unref(msg);
|
|
|
9f2ebf |
+ return NULL;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ return msg;
|
|
|
9f2ebf |
+}
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+errno_t sss_dp_get_account_domain_recv(TALLOC_CTX *mem_ctx,
|
|
|
9f2ebf |
+ struct tevent_req *req,
|
|
|
9f2ebf |
+ char **_domain)
|
|
|
9f2ebf |
+{
|
|
|
9f2ebf |
+ errno_t ret;
|
|
|
9f2ebf |
+ dbus_uint16_t err_maj;
|
|
|
9f2ebf |
+ dbus_uint32_t err_min;
|
|
|
9f2ebf |
+ char *msg;
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ ret = sss_dp_req_recv(mem_ctx, req, &err_maj, &err_min, &msg;;
|
|
|
9f2ebf |
+ if (ret != EOK) {
|
|
|
9f2ebf |
+ DEBUG(SSSDBG_OP_FAILURE,
|
|
|
9f2ebf |
+ "Could not get account info [%d]: %s\n",
|
|
|
9f2ebf |
+ ret, sss_strerror(ret));
|
|
|
9f2ebf |
+ return ret;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ if (err_maj != DP_ERR_OK) {
|
|
|
9f2ebf |
+ DEBUG(SSSDBG_OP_FAILURE,
|
|
|
9f2ebf |
+ "Data Provider Error: %u, %u\n",
|
|
|
9f2ebf |
+ (unsigned int)err_maj, (unsigned int)err_min);
|
|
|
9f2ebf |
+ talloc_free(msg);
|
|
|
9f2ebf |
+ return err_min ? err_min : EIO;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ *_domain = msg;
|
|
|
9f2ebf |
+ return EOK;
|
|
|
9f2ebf |
+}
|
|
|
9f2ebf |
--
|
|
|
9f2ebf |
2.14.3
|
|
|
9f2ebf |
|