summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2012-01-19 10:00:47 +0100
committerStephen Gallagher <sgallagh@redhat.com>2012-01-27 09:02:02 -0500
commit3b09b74bf65867d882af87ec60e2a517b15264a6 (patch)
tree3b11a36cd95cc7ea7a8d7e736e32ee041ab5df3f
parent627d83dff183219826489949cb55ef71945e94ab (diff)
downloadsssd-3b09b74bf65867d882af87ec60e2a517b15264a6.tar.gz
sssd-3b09b74bf65867d882af87ec60e2a517b15264a6.tar.bz2
sssd-3b09b74bf65867d882af87ec60e2a517b15264a6.zip
SUDO: Provide a sudo DP request based on the internal_req
-rw-r--r--src/providers/data_provider.h1
-rw-r--r--src/responder/sudo/sudosrv_dp.c125
-rw-r--r--src/responder/sudo/sudosrv_private.h19
3 files changed, 145 insertions, 0 deletions
diff --git a/src/providers/data_provider.h b/src/providers/data_provider.h
index fb61c730..eb4f98cf 100644
--- a/src/providers/data_provider.h
+++ b/src/providers/data_provider.h
@@ -137,6 +137,7 @@
#define BE_REQ_INITGROUPS 0x0003
#define BE_REQ_NETGROUP 0x0004
#define BE_REQ_SERVICES 0x0005
+#define BE_REQ_SUDO 0x0006
#define BE_REQ_FAST 0x1000
/* AUTH related common data and functions */
diff --git a/src/responder/sudo/sudosrv_dp.c b/src/responder/sudo/sudosrv_dp.c
index 27f01f92..a5f2fdda 100644
--- a/src/responder/sudo/sudosrv_dp.c
+++ b/src/responder/sudo/sudosrv_dp.c
@@ -220,3 +220,128 @@ errno_t sudosrv_dp_refresh_recv(struct tevent_req *req,
TEVENT_REQ_RETURN_ON_ERROR(req);
return EOK;
}
+
+struct sss_dp_get_sudoers_info {
+ struct sss_domain_info *dom;
+
+ bool fast_reply;
+ enum sss_dp_type type;
+ const char *name;
+};
+
+static DBusMessage *
+sss_dp_get_sudoers_msg(void *pvt);
+
+struct tevent_req *
+sss_dp_get_sudoers_send(TALLOC_CTX *mem_ctx,
+ struct resp_ctx *rctx,
+ struct sss_domain_info *dom,
+ bool fast_reply,
+ enum sss_dp_type type,
+ const char *name)
+{
+ struct tevent_req *req;
+ struct sss_dp_req_state *state;
+ struct sss_dp_get_sudoers_info *info;
+ errno_t ret;
+ char *key;
+
+ req = tevent_req_create(mem_ctx, &state, struct sss_dp_req_state);
+ if (!req) {
+ ret = ENOMEM;
+ goto error;
+ }
+
+ if (!dom) {
+ ret = EINVAL;
+ goto error;
+ }
+
+ info = talloc_zero(state, struct sss_dp_get_sudoers_info);
+ info->fast_reply = fast_reply;
+ info->type = type;
+ info->name = name;
+ info->dom = dom;
+
+ key = talloc_asprintf(state, "%d:%s@%s", type, name, dom->name);
+ if (!key) {
+ ret = ENOMEM;
+ goto error;
+ }
+
+ ret = sss_dp_issue_request(state, rctx, key, dom, sss_dp_get_sudoers_msg,
+ info, req);
+ talloc_free(key);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ ("Could not issue DP request [%d]: %s\n",
+ ret, strerror(ret)));
+ goto error;
+ }
+
+ return req;
+
+error:
+ tevent_req_error(req, ret);
+ tevent_req_post(req, rctx->ev);
+ return req;
+}
+
+static DBusMessage *
+sss_dp_get_sudoers_msg(void *pvt)
+{
+ DBusMessage *msg;
+ dbus_bool_t dbret;
+ struct sss_dp_get_sudoers_info *info;
+ uint32_t be_type = BE_REQ_SUDO;
+ char *filter;
+
+ info = talloc_get_type(pvt, struct sss_dp_get_sudoers_info);
+
+ if (info->fast_reply) {
+ be_type |= BE_REQ_FAST;
+ }
+
+ filter = talloc_asprintf(info, "name=%s", info->name);
+ if (!filter) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory?!\n"));
+ return NULL;
+ }
+
+ msg = dbus_message_new_method_call(NULL,
+ DP_PATH,
+ DP_INTERFACE,
+ DP_METHOD_SUDOHANDLER);
+ if (msg == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory?!\n"));
+ return NULL;
+ }
+
+ /* create the message */
+ DEBUG(SSSDBG_TRACE_FUNC,
+ ("Creating SUDOers request for [%s][%u][%s]\n",
+ info->dom->name, be_type, filter));
+
+ dbret = dbus_message_append_args(msg,
+ DBUS_TYPE_UINT32, &be_type,
+ DBUS_TYPE_STRING, &filter,
+ DBUS_TYPE_INVALID);
+ talloc_free(filter);
+ if (!dbret) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to build message\n"));
+ dbus_message_unref(msg);
+ return NULL;
+ }
+
+ return msg;
+}
+
+errno_t
+sss_dp_get_sudoers_recv(TALLOC_CTX *mem_ctx,
+ struct tevent_req *req,
+ dbus_uint16_t *dp_err,
+ dbus_uint32_t *dp_ret,
+ char **err_msg)
+{
+ return sss_dp_req_recv(mem_ctx, req, dp_err, dp_ret, err_msg);
+}
diff --git a/src/responder/sudo/sudosrv_private.h b/src/responder/sudo/sudosrv_private.h
index 7401570c..82948fdc 100644
--- a/src/responder/sudo/sudosrv_private.h
+++ b/src/responder/sudo/sudosrv_private.h
@@ -106,4 +106,23 @@ int sudosrv_response_append_attr(TALLOC_CTX *mem_ctx,
uint8_t **_response_body,
size_t *_response_len);
+enum sss_dp_type {
+ SSS_DP_SUDO
+};
+
+struct tevent_req *
+sss_dp_get_sudoers_send(TALLOC_CTX *mem_ctx,
+ struct resp_ctx *rctx,
+ struct sss_domain_info *dom,
+ bool fast_reply,
+ enum sss_dp_type type,
+ const char *name);
+
+errno_t
+sss_dp_get_sudoers_recv(TALLOC_CTX *mem_ctx,
+ struct tevent_req *req,
+ dbus_uint16_t *err_maj,
+ dbus_uint32_t *err_min,
+ char **err_msg);
+
#endif /* _SUDOSRV_PRIVATE_H_ */