diff options
author | Simo Sorce <idra@samba.org> | 2009-02-16 20:25:16 -0500 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2009-02-20 18:09:29 -0500 |
commit | b8f07efe5d98071777e3a2863688c8269a7912e4 (patch) | |
tree | 66693078c86c7d6ed289bce3f6aebbd9c6125ea7 /server/nss/nsssrv.c | |
parent | 2d151b22408e78e4b556000125cfc5abe068c846 (diff) | |
download | sssd-b8f07efe5d98071777e3a2863688c8269a7912e4.tar.gz sssd-b8f07efe5d98071777e3a2863688c8269a7912e4.tar.bz2 sssd-b8f07efe5d98071777e3a2863688c8269a7912e4.zip |
Completely rework the nss interface to be able to use 2
types of domains: modern and legacy
modern uses member/meberof, legacy uses memberUid for group
memberships.
Rework the proxy backend to use the legacy style as that's the
format the data comes in (trying to convert would require too
many transformations and increased the number of queries).
Add support for fetching groups in nss.
Add support for enumerating users and groups (requires to enable enumeration
in config) both in nss and in the proxy provider.
Remove confdb_get_domain_basedn() and substitute with generic calls in
the nss init function.
Store a domain structure in the btree not the basedn so that we can add
enumeration flags.
Also make sure NSS understand how to make multiple calls on
enumerations, also make passing the domian parameter always
mandatory, passing in domain=* is not valid anymore.
This work fixes also a few memory, degfault, and logic bugs
found while testing all nss functions (there are still some to
fix that are less critical and much harder to find yet).
Diffstat (limited to 'server/nss/nsssrv.c')
-rw-r--r-- | server/nss/nsssrv.c | 60 |
1 files changed, 53 insertions, 7 deletions
diff --git a/server/nss/nsssrv.c b/server/nss/nsssrv.c index 5a574b41..b6191cce 100644 --- a/server/nss/nsssrv.c +++ b/server/nss/nsssrv.c @@ -388,10 +388,12 @@ static int _domain_comparator(const void *key1, const void *key2) static int nss_init_domains(struct nss_ctx *nctx) { + char *path; char **domains; - char *basedn; + char *provider; TALLOC_CTX *tmp_ctx; - int ret, i; + struct nss_domain_info *info; + int ret, i, c; int retval; tmp_ctx = talloc_new(nctx); @@ -402,15 +404,59 @@ static int nss_init_domains(struct nss_ctx *nctx) } i = 0; + c = 0; while (domains[i] != NULL) { DEBUG(3, ("Adding domain %s to the map\n", domains[i])); - /* Look up the appropriate basedn for this domain */ - ret = confdb_get_domain_basedn(nctx->cdb, tmp_ctx, domains[i], &basedn); - DEBUG(3, ("BaseDN: %s\n", basedn)); - btreemap_set_value(nctx, &nctx->domain_map, domains[i], basedn, _domain_comparator); + + path = talloc_asprintf(tmp_ctx, "config/domains/%s", domains[i]); + if (!path) { + retval = ENOMEM; + goto done; + } + + /* alloc on tmp_ctx, it will be stolen by btreemap_set_value */ + info = talloc_zero(tmp_ctx, struct nss_domain_info); + if (!info) { + retval = ENOMEM; + goto done; + } + + /* Build the basedn for this domain */ + info->basedn = talloc_asprintf(info, SYSDB_DOM_BASE, domains[i]); + DEBUG(3, ("BaseDN: %s\n", info->basedn)); + + ret = confdb_get_int(nctx->cdb, tmp_ctx, path, + "enumerate", false, &(info->enumerate)); + if (ret != EOK) { + DEBUG(0, ("Failed to fetch enumerate for [%s]!\n", domains[i])); + } + + ret = confdb_get_bool(nctx->cdb, tmp_ctx, path, + "legacy", false, &(info->legacy)); + if (ret != EOK) { + DEBUG(0, ("Failed to fetch legacy for [%s]!\n", domains[i])); + } + + ret = confdb_get_string(nctx->cdb, tmp_ctx, path, "provider", + NULL, &provider); + if (ret != EOK) { + DEBUG(0, ("Failed to fetch provider for [%s]!\n", domains[i])); + } + if (provider) info->has_provider = true; + + ret = btreemap_set_value(nctx, &nctx->domain_map, + domains[i], info, + _domain_comparator); + if (ret != EOK) { + DEBUG(1, ("Failed to store domain info, aborting!\n")); + retval = ret; + goto done; + } + i++; + c++; } - if (i == 0) { + if (c == 0) { /* No domains configured! * Note: this should never happen, since LOCAL should * always be configured */ |