From 15dcdcf23bce2423f05c03f7c0aa61f23383d488 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Mon, 4 May 2015 12:34:32 +0200 Subject: [PATCH 04/13] DP: Add DP_WILDCARD and SSS_DP_WILDCARD_USER/SSS_DP_WILDCARD_GROUP MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Related: https://fedorahosted.org/sssd/ticket/2553 Extends the Data Provider interface and the responder<->Data provider interface with wildcard lookups. The patch uses a new "wildcard" prefix rather than reusing the existing user/group prefixes. Reviewed-by: Pavel Březina --- src/providers/data_provider.h | 4 ++++ src/providers/data_provider_be.c | 5 +++++ src/responder/common/responder.h | 4 +++- src/responder/common/responder_dp.c | 11 +++++++++++ 4 files changed, 23 insertions(+), 1 deletion(-) diff --git a/src/providers/data_provider.h b/src/providers/data_provider.h index 13a700308e9c9d1a80c0310dbb1c17de33607498..510c63ce41c99314ec8fcf11fffb2e66082e8951 100644 --- a/src/providers/data_provider.h +++ b/src/providers/data_provider.h @@ -129,6 +129,7 @@ #define BE_FILTER_SECID 4 #define BE_FILTER_UUID 5 #define BE_FILTER_CERT 6 +#define BE_FILTER_WILDCARD 7 #define BE_REQ_USER 0x0001 #define BE_REQ_GROUP 0x0002 @@ -153,6 +154,9 @@ #define DP_SEC_ID_LEN (sizeof(DP_SEC_ID) - 1) #define DP_CERT_LEN (sizeof(DP_CERT) - 1) +#define DP_WILDCARD "wildcard" +#define DP_WILDCARD_LEN (sizeof(DP_WILDCARD) - 1) + #define EXTRA_NAME_IS_UPN "U" #define EXTRA_INPUT_MAYBE_WITH_VIEW "V" diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index f5bdfb676011975defa4c5a734d420c8694f3bdd..d147630248f0a24f5a632760b55b9284a6928e40 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -1204,6 +1204,11 @@ static int be_get_account_info(struct sbus_request *dbus_req, void *user_data) ret = split_name_extended(req, &filter[DP_CERT_LEN + 1], &req->filter_value, &req->extra_value); + } else if (strncmp(filter, DP_WILDCARD"=", DP_WILDCARD_LEN + 1) == 0) { + req->filter_type = BE_FILTER_WILDCARD; + ret = split_name_extended(req, &filter[DP_WILDCARD_LEN + 1], + &req->filter_value, + &req->extra_value); } else if (strcmp(filter, ENUM_INDICATOR) == 0) { req->filter_type = BE_FILTER_ENUM; req->filter_value = NULL; diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h index bd0250d52aae1efdac3bc0847f692542c6cfb6d2..4d927cfe321bf3ad240b7c175568081ea73ab652 100644 --- a/src/responder/common/responder.h +++ b/src/responder/common/responder.h @@ -282,7 +282,9 @@ enum sss_dp_acct_type { SSS_DP_SERVICES, SSS_DP_SECID, SSS_DP_USER_AND_GROUP, - SSS_DP_CERT + SSS_DP_CERT, + SSS_DP_WILDCARD_USER, + SSS_DP_WILDCARD_GROUP, }; struct tevent_req * diff --git a/src/responder/common/responder_dp.c b/src/responder/common/responder_dp.c index f752c94c37fd0efa0d072ef8c567bd875a08e6f7..f7f8df04e80439d2d02df3e4d2aa4f3576997f36 100644 --- a/src/responder/common/responder_dp.c +++ b/src/responder/common/responder_dp.c @@ -528,9 +528,11 @@ sss_dp_get_account_msg(void *pvt) switch (info->type) { case SSS_DP_USER: + case SSS_DP_WILDCARD_USER: be_type = BE_REQ_USER; break; case SSS_DP_GROUP: + case SSS_DP_WILDCARD_GROUP: be_type = BE_REQ_GROUP; break; case SSS_DP_INITGROUPS: @@ -574,6 +576,15 @@ sss_dp_get_account_msg(void *pvt) filter = talloc_asprintf(info, "%s=%s", DP_CERT, info->opt_name); } + } else if (info->type == SSS_DP_WILDCARD_USER || + info->type == SSS_DP_WILDCARD_GROUP) { + if (info->extra) { + filter = talloc_asprintf(info, "%s=%s:%s", DP_WILDCARD, + info->opt_name, info->extra); + } else { + filter = talloc_asprintf(info, "%s=%s", DP_WILDCARD, + info->opt_name); + } } else { if (info->extra) { filter = talloc_asprintf(info, "name=%s:%s", -- 2.4.3