diff options
| author | Simo Sorce <ssorce@redhat.com> | 2009-09-12 20:03:57 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2009-09-14 12:08:23 -0400 |
| commit | 30cd03bbbb9e5d8ca6b2014c4b1daceaf75a7397 (patch) | |
| tree | a956c14108126d6318d63302f5030e8bcd0fd2ec /server/providers/ldap/ldap_id.c | |
| parent | a0b02295b0e0c55174b37ad3b231d28e0e1d1f50 (diff) | |
| download | sssd-30cd03bbbb9e5d8ca6b2014c4b1daceaf75a7397.tar.gz sssd-30cd03bbbb9e5d8ca6b2014c4b1daceaf75a7397.tar.bz2 sssd-30cd03bbbb9e5d8ca6b2014c4b1daceaf75a7397.zip | |
Turn ldap driver options into multitype
This patch makes basic options multiype, the init function assigns
a type from the initialization array, and processes values fetched
from confdb accordingly.
4 types are supported so far: string, number, blob and boolean
Also convert defines into enums where appropriate.
Add fetch functions that check the requested type.
Diffstat (limited to 'server/providers/ldap/ldap_id.c')
| -rw-r--r-- | server/providers/ldap/ldap_id.c | 80 |
1 files changed, 50 insertions, 30 deletions
diff --git a/server/providers/ldap/ldap_id.c b/server/providers/ldap/ldap_id.c index 1984582d..72caf966 100644 --- a/server/providers/ldap/ldap_id.c +++ b/server/providers/ldap/ldap_id.c @@ -98,7 +98,7 @@ struct sdap_id_connect_state { bool use_start_tls; char *defaultBindDn; char *defaultAuthtokType; - char *defaultAuthtok; + struct sdap_blob defaultAuthtok; struct sdap_handle *sh; }; @@ -106,13 +106,13 @@ struct sdap_id_connect_state { static void sdap_id_connect_done(struct tevent_req *subreq); static void sdap_id_bind_done(struct tevent_req *subreq); -struct tevent_req *sdap_id_connect_send(TALLOC_CTX *memctx, - struct tevent_context *ev, - struct sdap_id_ctx *ctx, - bool use_start_tls, - char *defaultBindDn, - char *defaultAuthtokType, - char *defaultAuthtok) +static struct tevent_req *sdap_id_connect_send(TALLOC_CTX *memctx, + struct tevent_context *ev, + struct sdap_id_ctx *ctx, + bool use_start_tls, + char *defaultBindDn, + char *defaultAuthtokType, + struct sdap_blob defaultAuthtok) { struct tevent_req *req, *subreq; struct sdap_id_connect_state *state; @@ -268,9 +268,12 @@ static struct tevent_req *users_get_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ subreq = sdap_id_connect_send(state, ev, ctx, false, - ctx->opts->basic[SDAP_DEFAULT_BIND_DN].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK_TYPE].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK].value); + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_BIND_DN), + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK_TYPE), + sdap_go_get_blob(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK)); if (!subreq) { ret = ENOMEM; goto fail; @@ -434,9 +437,12 @@ static struct tevent_req *groups_get_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ subreq = sdap_id_connect_send(state, ev, ctx, false, - ctx->opts->basic[SDAP_DEFAULT_BIND_DN].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK_TYPE].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK].value); + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_BIND_DN), + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK_TYPE), + sdap_go_get_blob(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK)); if (!subreq) { ret = ENOMEM; goto fail; @@ -574,9 +580,12 @@ static struct tevent_req *groups_by_user_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ subreq = sdap_id_connect_send(state, ev, ctx, false, - ctx->opts->basic[SDAP_DEFAULT_BIND_DN].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK_TYPE].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK].value); + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_BIND_DN), + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK_TYPE), + sdap_go_get_blob(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK)); if (!subreq) { ret = ENOMEM; goto fail; @@ -789,6 +798,7 @@ static void ldap_id_enumerate(struct tevent_context *ev, struct sdap_id_ctx *ctx = talloc_get_type(pvt, struct sdap_id_ctx); struct tevent_timer *timeout; struct tevent_req *req; + int ert; if (be_is_offline(ctx->be)) { DEBUG(4, ("Backend is marked offline, retry later!\n")); @@ -811,7 +821,8 @@ static void ldap_id_enumerate(struct tevent_context *ev, /* if enumeration takes so long, either we try to enumerate too * frequently, or something went seriously wrong */ tv = tevent_timeval_current(); - tv = tevent_timeval_add(&tv, ctx->opts->enum_refresh_timeout, 0); + ert = sdap_go_get_int(ctx->opts->basic, SDAP_ENUM_REFRESH_TIMEOUT); + tv = tevent_timeval_add(&tv, ert, 0); timeout = tevent_add_timer(ctx->be->ev, req, tv, ldap_id_enumerate_timeout, req); return; @@ -824,9 +835,10 @@ static void ldap_id_enumerate_timeout(struct tevent_context *ev, struct tevent_req *req = talloc_get_type(pvt, struct tevent_req); struct sdap_id_ctx *ctx = tevent_req_callback_data(req, struct sdap_id_ctx); + int ert; - DEBUG(1, ("Enumeration timed out! Timeout too small? (%ds)!\n", - ctx->opts->enum_refresh_timeout)); + ert = sdap_go_get_int(ctx->opts->basic, SDAP_ENUM_REFRESH_TIMEOUT); + DEBUG(1, ("Enumeration timed out! Timeout too small? (%ds)!\n", ert)); ldap_id_enumerate_set_timer(ctx, tevent_timeval_current()); talloc_zfree(req); @@ -855,8 +867,10 @@ static void ldap_id_enumerate_set_timer(struct sdap_id_ctx *ctx, struct timeval tv) { struct tevent_timer *enum_task; + int ert; - tv = tevent_timeval_add(&tv, ctx->opts->enum_refresh_timeout, 0); + ert = sdap_go_get_int(ctx->opts->basic, SDAP_ENUM_REFRESH_TIMEOUT); + tv = tevent_timeval_add(&tv, ert, 0); enum_task = tevent_add_timer(ctx->be->ev, ctx, tv, ldap_id_enumerate, ctx); if (!enum_task) { DEBUG(0, ("FATAL: failed to setup enumeration task!\n")); @@ -965,6 +979,7 @@ fail: tevent_req_done(req); } + /* ==User-Enumeration===================================================== */ struct enum_users_state { @@ -1025,9 +1040,12 @@ static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ subreq = sdap_id_connect_send(state, ev, ctx, false, - ctx->opts->basic[SDAP_DEFAULT_BIND_DN].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK_TYPE].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK].value); + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_BIND_DN), + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK_TYPE), + sdap_go_get_blob(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK)); if (!subreq) { ret = ENOMEM; goto fail; @@ -1175,9 +1193,12 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, /* FIXME: add option to decide if tls should be used * or SASL/GSSAPI, etc ... */ subreq = sdap_id_connect_send(state, ev, ctx, false, - ctx->opts->basic[SDAP_DEFAULT_BIND_DN].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK_TYPE].value, - ctx->opts->basic[SDAP_DEFAULT_AUTHTOK].value); + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_BIND_DN), + sdap_go_get_string(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK_TYPE), + sdap_go_get_blob(ctx->opts->basic, + SDAP_DEFAULT_AUTHTOK)); if (!subreq) { ret = ENOMEM; goto fail; @@ -1291,10 +1312,9 @@ int sssm_ldap_init(struct be_ctx *bectx, ctx->be = bectx; - ret = sdap_get_options(ctx, bectx->cdb, bectx->conf_path, - &ctx->opts); + ret = sdap_get_options(ctx, bectx->cdb, bectx->conf_path, &ctx->opts); - tls_reqcert = ctx->opts->basic[SDAP_TLS_REQCERT].value; + tls_reqcert = sdap_go_get_string(ctx->opts->basic, SDAP_TLS_REQCERT); if (tls_reqcert) { if (strcasecmp(tls_reqcert, "never") == 0) { ldap_opt_x_tls_require_cert = LDAP_OPT_X_TLS_NEVER; |