diff options
author | Sumit Bose <sbose@redhat.com> | 2009-10-14 17:42:28 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-10-14 15:24:54 -0400 |
commit | c4f19342a55bbbaa09e126013b8976cb2dd31b94 (patch) | |
tree | f42de0f661cf556627f4c9d179d5921e9dcc1416 /server/providers/ldap/ldap_id.c | |
parent | 74cc8eb40a55f07431ec9dac0ecc63af850a34a7 (diff) | |
download | sssd-c4f19342a55bbbaa09e126013b8976cb2dd31b94.tar.gz sssd-c4f19342a55bbbaa09e126013b8976cb2dd31b94.tar.bz2 sssd-c4f19342a55bbbaa09e126013b8976cb2dd31b94.zip |
make sdap_id_connect_* independent of sdap_id_ctx
The sdap_id_connect_* request tries to bind to an LDAP server with
the default credentials. Only the opts component of the sdap_id_ctx
context is used. A new request sdap_cli_connect_* is created which
expects only the opts pointer as parameter and not the whole context.
This makes it reusable by other providers.
Diffstat (limited to 'server/providers/ldap/ldap_id.c')
-rw-r--r-- | server/providers/ldap/ldap_id.c | 190 |
1 files changed, 10 insertions, 180 deletions
diff --git a/server/providers/ldap/ldap_id.c b/server/providers/ldap/ldap_id.c index 271eaea1..41950632 100644 --- a/server/providers/ldap/ldap_id.c +++ b/server/providers/ldap/ldap_id.c @@ -92,176 +92,6 @@ static bool connected(struct sdap_id_ctx *ctx) return false; } -struct sdap_id_connect_state { - struct tevent_context *ev; - struct sdap_id_ctx *ctx; - - struct sdap_handle *sh; -}; - -static void sdap_id_connect_done(struct tevent_req *subreq); -static void sdap_id_kinit_done(struct tevent_req *subreq); -static void sdap_id_bind_done(struct tevent_req *subreq); - -static struct tevent_req *sdap_id_connect_send(TALLOC_CTX *memctx, - struct tevent_context *ev, - struct sdap_id_ctx *ctx) -{ - struct tevent_req *req, *subreq; - struct sdap_id_connect_state *state; - - req = tevent_req_create(memctx, &state, struct sdap_id_connect_state); - if (!req) return NULL; - - state->ev = ev; - state->ctx = ctx; - - subreq = sdap_connect_send(state, ev, ctx->opts, - sdap_go_get_bool(ctx->opts->basic, SDAP_ID_TLS)); - if (!subreq) { - talloc_zfree(req); - return NULL; - } - tevent_req_set_callback(subreq, sdap_id_connect_done, req); - - return req; -} - -static void sdap_id_connect_done(struct tevent_req *subreq) -{ - struct tevent_req *req = tevent_req_callback_data(subreq, - struct tevent_req); - struct sdap_id_connect_state *state = tevent_req_data(req, - struct sdap_id_connect_state); - const char *sasl_mech; - int ret; - - ret = sdap_connect_recv(subreq, state, &state->sh); - talloc_zfree(subreq); - if (ret) { - tevent_req_error(req, ret); - return; - } - - sasl_mech = sdap_go_get_string(state->ctx->opts->basic, SDAP_SASL_MECH); - if (sasl_mech && (strcasecmp(sasl_mech, "GSSAPI") == 0)) { - if (sdap_go_get_bool(state->ctx->opts->basic, SDAP_KRB5_KINIT)) { - subreq = sdap_kinit_send(state, state->ev, state->sh, - sdap_go_get_string(state->ctx->opts->basic, - SDAP_KRB5_KEYTAB), - sdap_go_get_string(state->ctx->opts->basic, - SDAP_SASL_AUTHID), - sdap_go_get_string(state->ctx->opts->basic, - SDAP_KRB5_REALM)); - if (!subreq) { - tevent_req_error(req, ENOMEM); - return; - } - tevent_req_set_callback(subreq, sdap_id_kinit_done, req); - return; - } - } - - subreq = sdap_auth_send(state, - state->ev, - state->sh, - sasl_mech, - sdap_go_get_string(state->ctx->opts->basic, - SDAP_SASL_AUTHID), - sdap_go_get_string(state->ctx->opts->basic, - SDAP_DEFAULT_BIND_DN), - sdap_go_get_string(state->ctx->opts->basic, - SDAP_DEFAULT_AUTHTOK_TYPE), - sdap_go_get_blob(state->ctx->opts->basic, - SDAP_DEFAULT_AUTHTOK)); - if (!subreq) { - tevent_req_error(req, ENOMEM); - return; - } - tevent_req_set_callback(subreq, sdap_id_bind_done, req); -} - -static void sdap_id_kinit_done(struct tevent_req *subreq) -{ - struct tevent_req *req = tevent_req_callback_data(subreq, - struct tevent_req); - struct sdap_id_connect_state *state = tevent_req_data(req, - struct sdap_id_connect_state); - enum sdap_result result; - int ret; - - ret = sdap_kinit_recv(subreq, &result); - talloc_zfree(subreq); - if (ret) { - tevent_req_error(req, ret); - return; - } - if (result != SDAP_AUTH_SUCCESS) { - tevent_req_error(req, EACCES); - return; - } - - subreq = sdap_auth_send(state, - state->ev, - state->sh, - sdap_go_get_string(state->ctx->opts->basic, - SDAP_SASL_MECH), - sdap_go_get_string(state->ctx->opts->basic, - SDAP_SASL_AUTHID), - sdap_go_get_string(state->ctx->opts->basic, - SDAP_DEFAULT_BIND_DN), - sdap_go_get_string(state->ctx->opts->basic, - SDAP_DEFAULT_AUTHTOK_TYPE), - sdap_go_get_blob(state->ctx->opts->basic, - SDAP_DEFAULT_AUTHTOK)); - if (!subreq) { - tevent_req_error(req, ENOMEM); - return; - } - tevent_req_set_callback(subreq, sdap_id_bind_done, req); -} - -static void sdap_id_bind_done(struct tevent_req *subreq) -{ - struct tevent_req *req = tevent_req_callback_data(subreq, - struct tevent_req); - enum sdap_result result; - int ret; - - ret = sdap_auth_recv(subreq, &result); - talloc_zfree(subreq); - if (ret) { - tevent_req_error(req, ret); - return; - } - if (result != SDAP_AUTH_SUCCESS) { - tevent_req_error(req, EACCES); - return; - } - - tevent_req_done(req); -} - -static int sdap_id_connect_recv(struct tevent_req *req) -{ - struct sdap_id_connect_state *state = tevent_req_data(req, - struct sdap_id_connect_state); - enum tevent_req_state tstate; - uint64_t err; - - if (tevent_req_is_error(req, &tstate, &err)) { - if (err) return err; - return EIO; - } - - state->ctx->gsh = talloc_steal(state->ctx, state->sh); - if (!state->ctx->gsh) { - return ENOMEM; - } - return EOK; -} - - /* =Users-Related-Functions-(by-name,by-uid)============================== */ struct users_get_state { @@ -325,7 +155,7 @@ static struct tevent_req *users_get_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ - subreq = sdap_id_connect_send(state, ev, ctx); + subreq = sdap_cli_connect_send(state, ev, ctx->opts); if (!subreq) { ret = ENOMEM; goto fail; @@ -363,7 +193,7 @@ static void users_get_connect_done(struct tevent_req *subreq) struct users_get_state); int ret; - ret = sdap_id_connect_recv(subreq); + ret = sdap_cli_connect_recv(subreq, state->ctx, &state->ctx->gsh); talloc_zfree(subreq); if (ret) { tevent_req_error(req, ret); @@ -488,7 +318,7 @@ static struct tevent_req *groups_get_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ - subreq = sdap_id_connect_send(state, ev, ctx); + subreq = sdap_cli_connect_send(state, ev, ctx->opts); if (!subreq) { ret = ENOMEM; goto fail; @@ -526,7 +356,7 @@ static void groups_get_connect_done(struct tevent_req *subreq) struct groups_get_state); int ret; - ret = sdap_id_connect_recv(subreq); + ret = sdap_cli_connect_recv(subreq, state->ctx, &state->ctx->gsh); talloc_zfree(subreq); if (ret) { tevent_req_error(req, ret); @@ -625,7 +455,7 @@ static struct tevent_req *groups_by_user_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ - subreq = sdap_id_connect_send(state, ev, ctx); + subreq = sdap_cli_connect_send(state, ev, ctx->opts); if (!subreq) { ret = ENOMEM; goto fail; @@ -663,7 +493,7 @@ static void groups_by_user_connect_done(struct tevent_req *subreq) struct groups_by_user_state); int ret; - ret = sdap_id_connect_recv(subreq); + ret = sdap_cli_connect_recv(subreq, state->ctx, &state->ctx->gsh); talloc_zfree(subreq); if (ret) { tevent_req_error(req, ret); @@ -1079,7 +909,7 @@ static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ - subreq = sdap_id_connect_send(state, ev, ctx); + subreq = sdap_cli_connect_send(state, ev, ctx->opts); if (!subreq) { ret = ENOMEM; goto fail; @@ -1118,7 +948,7 @@ static void enum_users_connect_done(struct tevent_req *subreq) struct enum_users_state); int ret; - ret = sdap_id_connect_recv(subreq); + ret = sdap_cli_connect_recv(subreq, state->ctx, &state->ctx->gsh); talloc_zfree(subreq); if (ret) { tevent_req_error(req, ret); @@ -1226,7 +1056,7 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ - subreq = sdap_id_connect_send(state, ev, ctx); + subreq = sdap_cli_connect_send(state, ev, ctx->opts); if (!subreq) { ret = ENOMEM; goto fail; @@ -1264,7 +1094,7 @@ static void enum_groups_connect_done(struct tevent_req *subreq) struct enum_groups_state); int ret; - ret = sdap_id_connect_recv(subreq); + ret = sdap_cli_connect_recv(subreq, state->ctx, &state->ctx->gsh); talloc_zfree(subreq); if (ret) { tevent_req_error(req, ret); |