Blame SOURCES/0075-RESP-Expose-DP-method-getAccountDomain-to-responders.patch

9f2ebf
From cac78825ba2fcb2efcd7ff2e58b562b370bbb28c Mon Sep 17 00:00:00 2001
9f2ebf
From: Jakub Hrozek <jhrozek@redhat.com>
9f2ebf
Date: Mon, 30 Oct 2017 20:51:40 +0100
9f2ebf
Subject: [PATCH 75/83] RESP: Expose DP method getAccountDomain() to responders
9f2ebf
MIME-Version: 1.0
9f2ebf
Content-Type: text/plain; charset=UTF-8
9f2ebf
Content-Transfer-Encoding: 8bit
9f2ebf
9f2ebf
Adds a tevent request that calls the getAccountDomain DP method.
9f2ebf
This request will be used by responders to locate an object's domain.
9f2ebf
9f2ebf
At the moment, only looking up UIDs and GIDs is supported.
9f2ebf
9f2ebf
Internally, until we switch to the rdp_ interface everywhere, this
9f2ebf
interface hooks into the sss_dp_issue_request(). When we switch to
9f2ebf
the rdp_ interface, we'll be able to provide a nicer method parameters
9f2ebf
as well.
9f2ebf
9f2ebf
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
9f2ebf
Reviewed-by: Sumit Bose <sbose@redhat.com>
9f2ebf
(cherry picked from commit 95fd82a4d7b50e64fed6906bc5345f271e8247d9)
9f2ebf
---
9f2ebf
 src/responder/common/responder.h             |  36 +++++++
9f2ebf
 src/responder/common/responder_get_domains.c | 155 +++++++++++++++++++++++++++
9f2ebf
 2 files changed, 191 insertions(+)
9f2ebf
9f2ebf
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
9f2ebf
index 9a57df558994c418d440eabf4a29f69c4a47faa5..9400e4b60d9fc77c23710174e4c00a83f6395985 100644
9f2ebf
--- a/src/responder/common/responder.h
9f2ebf
+++ b/src/responder/common/responder.h
9f2ebf
@@ -375,6 +375,42 @@ struct tevent_req *sss_dp_get_domains_send(TALLOC_CTX *mem_ctx,
9f2ebf
 
9f2ebf
 errno_t sss_dp_get_domains_recv(struct tevent_req *req);
9f2ebf
 
9f2ebf
+/*
9f2ebf
+ * Call a getAccountDomain request
9f2ebf
+ *
9f2ebf
+ * Only requests by ID are supported.
9f2ebf
+ *
9f2ebf
+ * @param   mem_ctx     Parent memory context
9f2ebf
+ * @param   rctx        Responder context
9f2ebf
+ * @param   domain      The SSSD domain we're querying. The response can
9f2ebf
+ *                      be either NULL or come from any of domain's subdomains
9f2ebf
+ *                      or domain itself
9f2ebf
+ * @param   type        Either SSS_DP_USER or SSS_DP_GROUP, other types
9f2ebf
+ *                      are not supported at the moment
9f2ebf
+ * @param   opt_id      The ID number we're trying to locate
9f2ebf
+ *
9f2ebf
+ * @return  A tevent request or NULL if allocating the request fails.
9f2ebf
+ */
9f2ebf
+struct tevent_req *sss_dp_get_account_domain_send(TALLOC_CTX *mem_ctx,
9f2ebf
+                                                  struct resp_ctx *rctx,
9f2ebf
+                                                  struct sss_domain_info *domain,
9f2ebf
+                                                  enum sss_dp_acct_type type,
9f2ebf
+                                                  uint32_t opt_id);
9f2ebf
+
9f2ebf
+/* Receive a getAccountDomain request result
9f2ebf
+ *
9f2ebf
+ * @param   mem_ctx     The memory context that will own the contents of _domain
9f2ebf
+ * @param   req         The request that had finished
9f2ebf
+ * @para    _domain     Either NULL (the request did not match any domain) or
9f2ebf
+ *                      a string that corresponds to either the input domain
9f2ebf
+ *                      or any of its subdomains
9f2ebf
+ *
9f2ebf
+ * @return EOK on success, errno otherwise
9f2ebf
+ */
9f2ebf
+errno_t sss_dp_get_account_domain_recv(TALLOC_CTX *mem_ctx,
9f2ebf
+                                       struct tevent_req *req,
9f2ebf
+                                       char **_domain);
9f2ebf
+
9f2ebf
 errno_t schedule_get_domains_task(TALLOC_CTX *mem_ctx,
9f2ebf
                                   struct tevent_context *ev,
9f2ebf
                                   struct resp_ctx *rctx,
9f2ebf
diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c
9f2ebf
index 4955af064040e03372e9a47fb264499d9a23b828..d69bce2300580beb42d3af8e66ff467db890f284 100644
9f2ebf
--- a/src/responder/common/responder_get_domains.c
9f2ebf
+++ b/src/responder/common/responder_get_domains.c
9f2ebf
@@ -642,3 +642,158 @@ errno_t sss_parse_inp_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
9f2ebf
 
9f2ebf
     return state->error;
9f2ebf
 }
9f2ebf
+
9f2ebf
+/* ========== Get domain of an ccount ================= */
9f2ebf
+struct sss_dp_get_account_domain_info {
9f2ebf
+    struct sss_domain_info *dom;
9f2ebf
+    enum sss_dp_acct_type type;
9f2ebf
+    uint32_t opt_id;
9f2ebf
+};
9f2ebf
+
9f2ebf
+static DBusMessage *sss_dp_get_account_domain_msg(void *pvt);
9f2ebf
+
9f2ebf
+struct tevent_req *sss_dp_get_account_domain_send(TALLOC_CTX *mem_ctx,
9f2ebf
+                                                  struct resp_ctx *rctx,
9f2ebf
+                                                  struct sss_domain_info *dom,
9f2ebf
+                                                  enum sss_dp_acct_type type,
9f2ebf
+                                                  uint32_t opt_id)
9f2ebf
+{
9f2ebf
+    struct tevent_req *req;
9f2ebf
+    struct sss_dp_get_account_domain_info *info;
9f2ebf
+    struct sss_dp_req_state *state;
9f2ebf
+    char *key;
9f2ebf
+    errno_t ret;
9f2ebf
+
9f2ebf
+    req = tevent_req_create(mem_ctx, &state, struct sss_dp_req_state);
9f2ebf
+    if (!req) {
9f2ebf
+        return NULL;
9f2ebf
+    }
9f2ebf
+
9f2ebf
+    info = talloc_zero(state, struct sss_dp_get_account_domain_info);
9f2ebf
+    if (info == NULL) {
9f2ebf
+        ret = ENOMEM;
9f2ebf
+        goto immediately;
9f2ebf
+    }
9f2ebf
+    info->type = type;
9f2ebf
+    info->opt_id = opt_id;
9f2ebf
+    info->dom = dom;
9f2ebf
+
9f2ebf
+    key = talloc_asprintf(state, "%d: %"SPRIuid"@%s", type, opt_id, dom->name);
9f2ebf
+    if (key == NULL) {
9f2ebf
+        ret = ENOMEM;
9f2ebf
+        goto immediately;
9f2ebf
+    }
9f2ebf
+
9f2ebf
+    ret = sss_dp_issue_request(state, rctx, key, dom,
9f2ebf
+                               sss_dp_get_account_domain_msg,
9f2ebf
+                               info, req);
9f2ebf
+    talloc_free(key);
9f2ebf
+    if (ret != EOK) {
9f2ebf
+        DEBUG(SSSDBG_OP_FAILURE,
9f2ebf
+              "Could not issue DP request [%d]: %s\n",
9f2ebf
+              ret, sss_strerror(ret));
9f2ebf
+        goto immediately;
9f2ebf
+    }
9f2ebf
+
9f2ebf
+    return req;
9f2ebf
+
9f2ebf
+immediately:
9f2ebf
+    if (ret == EOK) {
9f2ebf
+        tevent_req_done(req);
9f2ebf
+    } else {
9f2ebf
+        tevent_req_error(req, ret);
9f2ebf
+    }
9f2ebf
+    tevent_req_post(req, rctx->ev);
9f2ebf
+    return req;
9f2ebf
+}
9f2ebf
+
9f2ebf
+static DBusMessage *
9f2ebf
+sss_dp_get_account_domain_msg(void *pvt)
9f2ebf
+{
9f2ebf
+    DBusMessage *msg;
9f2ebf
+    dbus_bool_t dbret;
9f2ebf
+    struct sss_dp_get_account_domain_info *info;
9f2ebf
+    uint32_t entry_type;
9f2ebf
+    char *filter;
9f2ebf
+
9f2ebf
+    info = talloc_get_type(pvt, struct sss_dp_get_account_domain_info);
9f2ebf
+
9f2ebf
+    switch (info->type) {
9f2ebf
+    case SSS_DP_USER:
9f2ebf
+        entry_type = BE_REQ_USER;
9f2ebf
+        break;
9f2ebf
+    case SSS_DP_GROUP:
9f2ebf
+        entry_type = BE_REQ_GROUP;
9f2ebf
+        break;
9f2ebf
+    case SSS_DP_USER_AND_GROUP:
9f2ebf
+        entry_type = BE_REQ_USER_AND_GROUP;
9f2ebf
+        break;
9f2ebf
+    default:
9f2ebf
+        DEBUG(SSSDBG_OP_FAILURE,
9f2ebf
+              "Unsupported lookup type %X for this request\n", info->type);
9f2ebf
+        return NULL;
9f2ebf
+    }
9f2ebf
+
9f2ebf
+    filter = talloc_asprintf(info, "idnumber=%u", info->opt_id);
9f2ebf
+    if (!filter) {
9f2ebf
+        DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory?!\n");
9f2ebf
+        return NULL;
9f2ebf
+    }
9f2ebf
+
9f2ebf
+    msg = dbus_message_new_method_call(NULL,
9f2ebf
+                                       DP_PATH,
9f2ebf
+                                       IFACE_DP,
9f2ebf
+                                       IFACE_DP_GETACCOUNTDOMAIN);
9f2ebf
+    if (msg == NULL) {
9f2ebf
+        talloc_free(filter);
9f2ebf
+        DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory?!\n");
9f2ebf
+        return NULL;
9f2ebf
+    }
9f2ebf
+
9f2ebf
+    /* create the message */
9f2ebf
+    DEBUG(SSSDBG_TRACE_FUNC,
9f2ebf
+          "Creating request for [%s][%#x][%s][%s:-]\n",
9f2ebf
+          info->dom->name, entry_type, be_req2str(entry_type), filter);
9f2ebf
+
9f2ebf
+    dbret = dbus_message_append_args(msg,
9f2ebf
+                                     DBUS_TYPE_UINT32, &entry_type,
9f2ebf
+                                     DBUS_TYPE_STRING, &filter,
9f2ebf
+                                     DBUS_TYPE_INVALID);
9f2ebf
+    talloc_free(filter);
9f2ebf
+    if (!dbret) {
9f2ebf
+        DEBUG(SSSDBG_CRIT_FAILURE, "Failed to build message\n");
9f2ebf
+        dbus_message_unref(msg);
9f2ebf
+        return NULL;
9f2ebf
+    }
9f2ebf
+
9f2ebf
+    return msg;
9f2ebf
+}
9f2ebf
+
9f2ebf
+errno_t sss_dp_get_account_domain_recv(TALLOC_CTX *mem_ctx,
9f2ebf
+                                       struct tevent_req *req,
9f2ebf
+                                       char **_domain)
9f2ebf
+{
9f2ebf
+    errno_t ret;
9f2ebf
+    dbus_uint16_t err_maj;
9f2ebf
+    dbus_uint32_t err_min;
9f2ebf
+    char *msg;
9f2ebf
+
9f2ebf
+    ret = sss_dp_req_recv(mem_ctx, req, &err_maj, &err_min, &msg;;
9f2ebf
+    if (ret != EOK) {
9f2ebf
+        DEBUG(SSSDBG_OP_FAILURE,
9f2ebf
+              "Could not get account info [%d]: %s\n",
9f2ebf
+              ret, sss_strerror(ret));
9f2ebf
+        return ret;
9f2ebf
+    }
9f2ebf
+
9f2ebf
+    if (err_maj != DP_ERR_OK) {
9f2ebf
+        DEBUG(SSSDBG_OP_FAILURE,
9f2ebf
+              "Data Provider Error: %u, %u\n",
9f2ebf
+              (unsigned int)err_maj, (unsigned int)err_min);
9f2ebf
+        talloc_free(msg);
9f2ebf
+        return err_min ? err_min : EIO;
9f2ebf
+    }
9f2ebf
+
9f2ebf
+    *_domain = msg;
9f2ebf
+    return EOK;
9f2ebf
+}
9f2ebf
-- 
9f2ebf
2.14.3
9f2ebf