diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2012-01-19 10:00:47 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-01-27 09:02:02 -0500 |
commit | 3b09b74bf65867d882af87ec60e2a517b15264a6 (patch) | |
tree | 3b11a36cd95cc7ea7a8d7e736e32ee041ab5df3f | |
parent | 627d83dff183219826489949cb55ef71945e94ab (diff) | |
download | sssd-3b09b74bf65867d882af87ec60e2a517b15264a6.tar.gz sssd-3b09b74bf65867d882af87ec60e2a517b15264a6.tar.bz2 sssd-3b09b74bf65867d882af87ec60e2a517b15264a6.zip |
SUDO: Provide a sudo DP request based on the internal_req
-rw-r--r-- | src/providers/data_provider.h | 1 | ||||
-rw-r--r-- | src/responder/sudo/sudosrv_dp.c | 125 | ||||
-rw-r--r-- | src/responder/sudo/sudosrv_private.h | 19 |
3 files changed, 145 insertions, 0 deletions
diff --git a/src/providers/data_provider.h b/src/providers/data_provider.h index fb61c730..eb4f98cf 100644 --- a/src/providers/data_provider.h +++ b/src/providers/data_provider.h @@ -137,6 +137,7 @@ #define BE_REQ_INITGROUPS 0x0003 #define BE_REQ_NETGROUP 0x0004 #define BE_REQ_SERVICES 0x0005 +#define BE_REQ_SUDO 0x0006 #define BE_REQ_FAST 0x1000 /* AUTH related common data and functions */ diff --git a/src/responder/sudo/sudosrv_dp.c b/src/responder/sudo/sudosrv_dp.c index 27f01f92..a5f2fdda 100644 --- a/src/responder/sudo/sudosrv_dp.c +++ b/src/responder/sudo/sudosrv_dp.c @@ -220,3 +220,128 @@ errno_t sudosrv_dp_refresh_recv(struct tevent_req *req, TEVENT_REQ_RETURN_ON_ERROR(req); return EOK; } + +struct sss_dp_get_sudoers_info { + struct sss_domain_info *dom; + + bool fast_reply; + enum sss_dp_type type; + const char *name; +}; + +static DBusMessage * +sss_dp_get_sudoers_msg(void *pvt); + +struct tevent_req * +sss_dp_get_sudoers_send(TALLOC_CTX *mem_ctx, + struct resp_ctx *rctx, + struct sss_domain_info *dom, + bool fast_reply, + enum sss_dp_type type, + const char *name) +{ + struct tevent_req *req; + struct sss_dp_req_state *state; + struct sss_dp_get_sudoers_info *info; + errno_t ret; + char *key; + + req = tevent_req_create(mem_ctx, &state, struct sss_dp_req_state); + if (!req) { + ret = ENOMEM; + goto error; + } + + if (!dom) { + ret = EINVAL; + goto error; + } + + info = talloc_zero(state, struct sss_dp_get_sudoers_info); + info->fast_reply = fast_reply; + info->type = type; + info->name = name; + info->dom = dom; + + key = talloc_asprintf(state, "%d:%s@%s", type, name, dom->name); + if (!key) { + ret = ENOMEM; + goto error; + } + + ret = sss_dp_issue_request(state, rctx, key, dom, sss_dp_get_sudoers_msg, + info, req); + talloc_free(key); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + ("Could not issue DP request [%d]: %s\n", + ret, strerror(ret))); + goto error; + } + + return req; + +error: + tevent_req_error(req, ret); + tevent_req_post(req, rctx->ev); + return req; +} + +static DBusMessage * +sss_dp_get_sudoers_msg(void *pvt) +{ + DBusMessage *msg; + dbus_bool_t dbret; + struct sss_dp_get_sudoers_info *info; + uint32_t be_type = BE_REQ_SUDO; + char *filter; + + info = talloc_get_type(pvt, struct sss_dp_get_sudoers_info); + + if (info->fast_reply) { + be_type |= BE_REQ_FAST; + } + + filter = talloc_asprintf(info, "name=%s", info->name); + if (!filter) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory?!\n")); + return NULL; + } + + msg = dbus_message_new_method_call(NULL, + DP_PATH, + DP_INTERFACE, + DP_METHOD_SUDOHANDLER); + if (msg == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory?!\n")); + return NULL; + } + + /* create the message */ + DEBUG(SSSDBG_TRACE_FUNC, + ("Creating SUDOers request for [%s][%u][%s]\n", + info->dom->name, be_type, filter)); + + dbret = dbus_message_append_args(msg, + DBUS_TYPE_UINT32, &be_type, + DBUS_TYPE_STRING, &filter, + DBUS_TYPE_INVALID); + talloc_free(filter); + if (!dbret) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to build message\n")); + dbus_message_unref(msg); + return NULL; + } + + return msg; +} + +errno_t +sss_dp_get_sudoers_recv(TALLOC_CTX *mem_ctx, + struct tevent_req *req, + dbus_uint16_t *dp_err, + dbus_uint32_t *dp_ret, + char **err_msg) +{ + return sss_dp_req_recv(mem_ctx, req, dp_err, dp_ret, err_msg); +} diff --git a/src/responder/sudo/sudosrv_private.h b/src/responder/sudo/sudosrv_private.h index 7401570c..82948fdc 100644 --- a/src/responder/sudo/sudosrv_private.h +++ b/src/responder/sudo/sudosrv_private.h @@ -106,4 +106,23 @@ int sudosrv_response_append_attr(TALLOC_CTX *mem_ctx, uint8_t **_response_body, size_t *_response_len); +enum sss_dp_type { + SSS_DP_SUDO +}; + +struct tevent_req * +sss_dp_get_sudoers_send(TALLOC_CTX *mem_ctx, + struct resp_ctx *rctx, + struct sss_domain_info *dom, + bool fast_reply, + enum sss_dp_type type, + const char *name); + +errno_t +sss_dp_get_sudoers_recv(TALLOC_CTX *mem_ctx, + struct tevent_req *req, + dbus_uint16_t *err_maj, + dbus_uint32_t *err_min, + char **err_msg); + #endif /* _SUDOSRV_PRIVATE_H_ */ |