summaryrefslogtreecommitdiff
path: root/server/nss/nsssrv.c
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2009-02-16 20:25:16 -0500
committerSimo Sorce <idra@samba.org>2009-02-20 18:09:29 -0500
commitb8f07efe5d98071777e3a2863688c8269a7912e4 (patch)
tree66693078c86c7d6ed289bce3f6aebbd9c6125ea7 /server/nss/nsssrv.c
parent2d151b22408e78e4b556000125cfc5abe068c846 (diff)
downloadsssd-b8f07efe5d98071777e3a2863688c8269a7912e4.tar.gz
sssd-b8f07efe5d98071777e3a2863688c8269a7912e4.tar.bz2
sssd-b8f07efe5d98071777e3a2863688c8269a7912e4.zip
Completely rework the nss interface to be able to use 2
types of domains: modern and legacy modern uses member/meberof, legacy uses memberUid for group memberships. Rework the proxy backend to use the legacy style as that's the format the data comes in (trying to convert would require too many transformations and increased the number of queries). Add support for fetching groups in nss. Add support for enumerating users and groups (requires to enable enumeration in config) both in nss and in the proxy provider. Remove confdb_get_domain_basedn() and substitute with generic calls in the nss init function. Store a domain structure in the btree not the basedn so that we can add enumeration flags. Also make sure NSS understand how to make multiple calls on enumerations, also make passing the domian parameter always mandatory, passing in domain=* is not valid anymore. This work fixes also a few memory, degfault, and logic bugs found while testing all nss functions (there are still some to fix that are less critical and much harder to find yet).
Diffstat (limited to 'server/nss/nsssrv.c')
-rw-r--r--server/nss/nsssrv.c60
1 files changed, 53 insertions, 7 deletions
diff --git a/server/nss/nsssrv.c b/server/nss/nsssrv.c
index 5a574b41..b6191cce 100644
--- a/server/nss/nsssrv.c
+++ b/server/nss/nsssrv.c
@@ -388,10 +388,12 @@ static int _domain_comparator(const void *key1, const void *key2)
static int nss_init_domains(struct nss_ctx *nctx)
{
+ char *path;
char **domains;
- char *basedn;
+ char *provider;
TALLOC_CTX *tmp_ctx;
- int ret, i;
+ struct nss_domain_info *info;
+ int ret, i, c;
int retval;
tmp_ctx = talloc_new(nctx);
@@ -402,15 +404,59 @@ static int nss_init_domains(struct nss_ctx *nctx)
}
i = 0;
+ c = 0;
while (domains[i] != NULL) {
DEBUG(3, ("Adding domain %s to the map\n", domains[i]));
- /* Look up the appropriate basedn for this domain */
- ret = confdb_get_domain_basedn(nctx->cdb, tmp_ctx, domains[i], &basedn);
- DEBUG(3, ("BaseDN: %s\n", basedn));
- btreemap_set_value(nctx, &nctx->domain_map, domains[i], basedn, _domain_comparator);
+
+ path = talloc_asprintf(tmp_ctx, "config/domains/%s", domains[i]);
+ if (!path) {
+ retval = ENOMEM;
+ goto done;
+ }
+
+ /* alloc on tmp_ctx, it will be stolen by btreemap_set_value */
+ info = talloc_zero(tmp_ctx, struct nss_domain_info);
+ if (!info) {
+ retval = ENOMEM;
+ goto done;
+ }
+
+ /* Build the basedn for this domain */
+ info->basedn = talloc_asprintf(info, SYSDB_DOM_BASE, domains[i]);
+ DEBUG(3, ("BaseDN: %s\n", info->basedn));
+
+ ret = confdb_get_int(nctx->cdb, tmp_ctx, path,
+ "enumerate", false, &(info->enumerate));
+ if (ret != EOK) {
+ DEBUG(0, ("Failed to fetch enumerate for [%s]!\n", domains[i]));
+ }
+
+ ret = confdb_get_bool(nctx->cdb, tmp_ctx, path,
+ "legacy", false, &(info->legacy));
+ if (ret != EOK) {
+ DEBUG(0, ("Failed to fetch legacy for [%s]!\n", domains[i]));
+ }
+
+ ret = confdb_get_string(nctx->cdb, tmp_ctx, path, "provider",
+ NULL, &provider);
+ if (ret != EOK) {
+ DEBUG(0, ("Failed to fetch provider for [%s]!\n", domains[i]));
+ }
+ if (provider) info->has_provider = true;
+
+ ret = btreemap_set_value(nctx, &nctx->domain_map,
+ domains[i], info,
+ _domain_comparator);
+ if (ret != EOK) {
+ DEBUG(1, ("Failed to store domain info, aborting!\n"));
+ retval = ret;
+ goto done;
+ }
+
i++;
+ c++;
}
- if (i == 0) {
+ if (c == 0) {
/* No domains configured!
* Note: this should never happen, since LOCAL should
* always be configured */