summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2009-05-08 09:53:35 +0200
committerSimo Sorce <ssorce@redhat.com>2009-05-15 19:09:45 -0400
commitab691765dc8d727d01f061d846e7c765e89fb299 (patch)
tree086f4077b66eb3834eb6254db82eaa59fbd96dd0
parentca2fa90f8e7a9399c7c44781f1a032fe10f98cdc (diff)
downloadsssd-ab691765dc8d727d01f061d846e7c765e89fb299.tar.gz
sssd-ab691765dc8d727d01f061d846e7c765e89fb299.tar.bz2
sssd-ab691765dc8d727d01f061d846e7c765e89fb299.zip
added more flexible handling of client protocol
- allow different protocol versions for PAM and NSS - support more than one protocol version in the responder
-rw-r--r--server/responder/common/responder.h8
-rw-r--r--server/responder/common/responder_cmd.c34
-rw-r--r--server/responder/nss/nsssrv_cmd.c10
-rw-r--r--server/responder/pam/pamsrv_cmd.c13
-rw-r--r--sss_client/common.c22
-rw-r--r--sss_client/sss_cli.h3
6 files changed, 83 insertions, 7 deletions
diff --git a/server/responder/common/responder.h b/server/responder/common/responder.h
index f5d5246f..946418c8 100644
--- a/server/responder/common/responder.h
+++ b/server/responder/common/responder.h
@@ -43,6 +43,12 @@ struct cli_request {
struct sss_packet *out;
};
+struct cli_protocol_version {
+ uint32_t version;
+ char *date;
+ char *description;
+};
+
struct sss_names_ctx {
char *re_pattern;
char *fq_fmt;
@@ -83,6 +89,7 @@ struct cli_ctx {
struct tevent_fd *cfde;
struct sockaddr_un addr;
struct cli_request *creq;
+ struct cli_protocol_version *cli_protocol_version;
int priv;
};
@@ -111,6 +118,7 @@ int sss_parse_name(TALLOC_CTX *memctx,
int sss_cmd_execute(struct cli_ctx *cctx, struct sss_cmd_table *sss_cmds);
void sss_cmd_done(struct cli_ctx *cctx, void *freectx);
int sss_cmd_get_version(struct cli_ctx *cctx);
+struct cli_protocol_version *register_cli_protocol_version(void);
/* responder_dp.c */
int sss_dp_init(struct resp_ctx *rctx, struct sbus_method dp_methods[]);
diff --git a/server/responder/common/responder_cmd.c b/server/responder/common/responder_cmd.c
index 33caa032..cab8b694 100644
--- a/server/responder/common/responder_cmd.c
+++ b/server/responder/common/responder_cmd.c
@@ -36,9 +36,39 @@ void sss_cmd_done(struct cli_ctx *cctx, void *freectx)
int sss_cmd_get_version(struct cli_ctx *cctx)
{
+ uint8_t *req_body;
+ size_t req_blen;
uint8_t *body;
size_t blen;
int ret;
+ uint32_t client_version;
+ int i;
+ static struct cli_protocol_version *cli_protocol_version = NULL;
+
+ cctx->cli_protocol_version = NULL;
+
+ if (cli_protocol_version == NULL) {
+ cli_protocol_version = register_cli_protocol_version();
+ }
+
+ if (cli_protocol_version != NULL) {
+ cctx->cli_protocol_version = &cli_protocol_version[0];
+
+ sss_packet_get_body(cctx->creq->in, &req_body, &req_blen);
+ if (req_blen == sizeof(uint32_t)) {
+ client_version = (uint32_t ) *req_body;
+ DEBUG(4, ("Received client version [%d].\n", client_version));
+
+ i=0;
+ while(cli_protocol_version[i].version>0) {
+ if (cli_protocol_version[i].version == client_version) {
+ cctx->cli_protocol_version = &cli_protocol_version[i];
+ break;
+ }
+ i++;
+ }
+ }
+ }
/* create response packet */
ret = sss_packet_new(cctx->creq, sizeof(uint32_t),
@@ -48,7 +78,9 @@ int sss_cmd_get_version(struct cli_ctx *cctx)
return ret;
}
sss_packet_get_body(cctx->creq->out, &body, &blen);
- ((uint32_t *)body)[0] = SSS_PROTOCOL_VERSION;
+ ((uint32_t *)body)[0] = cctx->cli_protocol_version!=NULL ?
+ cctx->cli_protocol_version->version : 0;
+ DEBUG(4, ("Offered version [%d].\n", ((uint32_t *)body)[0]));
sss_cmd_done(cctx, NULL);
return EOK;
diff --git a/server/responder/nss/nsssrv_cmd.c b/server/responder/nss/nsssrv_cmd.c
index cf491ccf..a8a3c686 100644
--- a/server/responder/nss/nsssrv_cmd.c
+++ b/server/responder/nss/nsssrv_cmd.c
@@ -3105,6 +3105,16 @@ done:
return EOK;
}
+struct cli_protocol_version *register_cli_protocol_version(void)
+{
+ static struct cli_protocol_version nss_cli_protocol_version[] = {
+ {1, "2008-09-05", "initial version, \\0 terminated strings"},
+ {0, NULL, NULL}
+ };
+
+ return nss_cli_protocol_version;
+}
+
static struct sss_cmd_table nss_cmds[] = {
{SSS_GET_VERSION, sss_cmd_get_version},
{SSS_NSS_GETPWNAM, nss_cmd_getpwnam},
diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c
index df0cba45..02b52138 100644
--- a/server/responder/pam/pamsrv_cmd.c
+++ b/server/responder/pam/pamsrv_cmd.c
@@ -656,7 +656,18 @@ static int pam_cmd_chauthtok(struct cli_ctx *cctx) {
return pam_forwarder(cctx, SSS_PAM_CHAUTHTOK);
}
-struct sss_cmd_table *register_sss_cmds(void) {
+struct cli_protocol_version *register_cli_protocol_version(void)
+{
+ static struct cli_protocol_version pam_cli_protocol_version[] = {
+ {1, "2008-09-05", "initial version, \\0 terminated strings"},
+ {0, NULL, NULL}
+ };
+
+ return pam_cli_protocol_version;
+}
+
+struct sss_cmd_table *register_sss_cmds(void)
+{
static struct sss_cmd_table sss_cmds[] = {
{SSS_GET_VERSION, sss_cmd_get_version},
{SSS_PAM_AUTHENTICATE, pam_cmd_authenticate},
diff --git a/sss_client/common.c b/sss_client/common.c
index d0fb0118..91b65cdc 100644
--- a/sss_client/common.c
+++ b/sss_client/common.c
@@ -295,15 +295,29 @@ static enum nss_status sss_nss_make_request_nochecks(
* 0-3: 32bit unsigned version number
*/
-static int sss_nss_check_version(void)
+static int sss_nss_check_version(const char *socket_name)
{
uint8_t *repbuf;
size_t replen;
enum nss_status nret;
int errnop;
int res = NSS_STATUS_UNAVAIL;
+ uint32_t expected_version;
+ struct sss_cli_req_data req;
+
+ if (strcmp(socket_name, SSS_NSS_SOCKET_NAME) == 0) {
+ expected_version = SSS_NSS_PROTOCOL_VERSION;
+ } else if (strcmp(socket_name, SSS_PAM_SOCKET_NAME) == 0 ||
+ strcmp(socket_name, SSS_PAM_PRIV_SOCKET_NAME) == 0) {
+ expected_version = SSS_PAM_PROTOCOL_VERSION;
+ } else {
+ return NSS_STATUS_UNAVAIL;
+ }
+
+ req.len = sizeof(expected_version);
+ req.data = &expected_version;
- nret = sss_nss_make_request_nochecks(SSS_GET_VERSION, NULL,
+ nret = sss_nss_make_request_nochecks(SSS_GET_VERSION, &req,
&repbuf, &replen, &errnop);
if (nret != NSS_STATUS_SUCCESS) {
return nret;
@@ -313,7 +327,7 @@ static int sss_nss_check_version(void)
return res;
}
- if (((uint32_t *)repbuf)[0] == SSS_PROTOCOL_VERSION) {
+ if (((uint32_t *)repbuf)[0] == expected_version) {
res = NSS_STATUS_SUCCESS;
}
@@ -555,7 +569,7 @@ static enum sss_status sss_cli_check_socket(int *errnop, const char *socket_name
sss_cli_sd = mysd;
- if (sss_nss_check_version()) {
+ if (sss_nss_check_version(socket_name) == NSS_STATUS_SUCCESS) {
return SSS_STATUS_SUCCESS;
}
diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h
index 17749af8..ba412fd0 100644
--- a/sss_client/sss_cli.h
+++ b/sss_client/sss_cli.h
@@ -21,7 +21,8 @@
#define SSS_PAM_SOCKET_NAME "/var/lib/sss/pipes/pam"
#define SSS_PAM_PRIV_SOCKET_NAME "/var/lib/sss/pipes/private/pam"
-#define SSS_PROTOCOL_VERSION 1
+#define SSS_NSS_PROTOCOL_VERSION 1
+#define SSS_PAM_PROTOCOL_VERSION 1
enum sss_cli_command {
/* null */