diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2011-12-12 16:35:22 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-12-16 14:46:16 -0500 |
| commit | b3b42c49656e192787a983aaa8b9ec744ba4cb9d (patch) | |
| tree | c0fd6415e043835c499ecf0bf0322ab4cb187e0d /src/responder/common | |
| parent | df5adbad4f5e938a000aee6527628ad63a0bd4c3 (diff) | |
| download | sssd-b3b42c49656e192787a983aaa8b9ec744ba4cb9d.tar.gz sssd-b3b42c49656e192787a983aaa8b9ec744ba4cb9d.tar.bz2 sssd-b3b42c49656e192787a983aaa8b9ec744ba4cb9d.zip | |
Use the case sensitivity flag in responders
Diffstat (limited to 'src/responder/common')
| -rw-r--r-- | src/responder/common/negcache.c | 135 | ||||
| -rw-r--r-- | src/responder/common/negcache.h | 10 | ||||
| -rw-r--r-- | src/responder/common/responder_common.c | 1 |
3 files changed, 122 insertions, 24 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index 3926574a..0b25baf5 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -21,6 +21,7 @@ #include "util/util.h" #include "confdb/confdb.h" +#include "responder/common/responder.h" #include <fcntl.h> #include <time.h> #include "tdb.h" @@ -158,8 +159,8 @@ done: return ret; } -int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl, - const char *domain, const char *name) +static int sss_ncache_check_user_int(struct sss_nc_ctx *ctx, int ttl, + const char *domain, const char *name) { char *str; int ret; @@ -175,8 +176,8 @@ int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl, return ret; } -int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl, - const char *domain, const char *name) +static int sss_ncache_check_group_int(struct sss_nc_ctx *ctx, int ttl, + const char *domain, const char *name) { char *str; int ret; @@ -192,8 +193,8 @@ int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl, return ret; } -int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl, - const char *domain, const char *name) +static int sss_ncache_check_netgr_int(struct sss_nc_ctx *ctx, int ttl, + const char *domain, const char *name) { char *str; int ret; @@ -209,6 +210,49 @@ int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl, return ret; } +typedef int (*ncache_check_byname_fn_t)(struct sss_nc_ctx *, int, + const char *, const char *); + +static int sss_cache_check_ent(struct sss_nc_ctx *ctx, int ttl, + struct sss_domain_info *dom, const char *name, + ncache_check_byname_fn_t checker) +{ + char *lower; + errno_t ret; + + if (dom->case_sensitive == false) { + lower = sss_tc_utf8_str_tolower(ctx, name); + if (!lower) return ENOMEM; + ret = checker(ctx, ttl, dom->name, lower); + talloc_free(lower); + } else { + ret = checker(ctx, ttl, dom->name, name); + } + + return ret; +} + +int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl, + struct sss_domain_info *dom, const char *name) +{ + return sss_cache_check_ent(ctx, ttl, dom, name, + sss_ncache_check_user_int); +} + +int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl, + struct sss_domain_info *dom, const char *name) +{ + return sss_cache_check_ent(ctx, ttl, dom, name, + sss_ncache_check_group_int); +} + +int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl, + struct sss_domain_info *dom, const char *name) +{ + return sss_cache_check_ent(ctx, ttl, dom, name, + sss_ncache_check_netgr_int); +} + int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, uid_t uid) { char *str; @@ -237,8 +281,8 @@ int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, gid_t gid) return ret; } -int sss_ncache_set_user(struct sss_nc_ctx *ctx, bool permanent, - const char *domain, const char *name) +static int sss_ncache_set_user_int(struct sss_nc_ctx *ctx, bool permanent, + const char *domain, const char *name) { char *str; int ret; @@ -254,8 +298,8 @@ int sss_ncache_set_user(struct sss_nc_ctx *ctx, bool permanent, return ret; } -int sss_ncache_set_group(struct sss_nc_ctx *ctx, bool permanent, - const char *domain, const char *name) +static int sss_ncache_set_group_int(struct sss_nc_ctx *ctx, bool permanent, + const char *domain, const char *name) { char *str; int ret; @@ -271,8 +315,8 @@ int sss_ncache_set_group(struct sss_nc_ctx *ctx, bool permanent, return ret; } -int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent, - const char *domain, const char *name) +static int sss_ncache_set_netgr_int(struct sss_nc_ctx *ctx, bool permanent, + const char *domain, const char *name) { char *str; int ret; @@ -288,6 +332,47 @@ int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent, return ret; } +typedef int (*ncache_set_byname_fn_t)(struct sss_nc_ctx *, bool, + const char *, const char *); + +static int sss_ncache_set_ent(struct sss_nc_ctx *ctx, bool permanent, + struct sss_domain_info *dom, const char *name, + ncache_set_byname_fn_t setter) +{ + char *lower; + errno_t ret; + + if (dom->case_sensitive == false) { + lower = sss_tc_utf8_str_tolower(ctx, name); + if (!lower) return ENOMEM; + ret = setter(ctx, permanent, dom->name, lower); + talloc_free(lower); + } else { + ret = setter(ctx, permanent, dom->name, name); + } + + return ret; +} + + +int sss_ncache_set_user(struct sss_nc_ctx *ctx, bool permanent, + struct sss_domain_info *dom, const char *name) +{ + return sss_ncache_set_ent(ctx, permanent, dom, name, sss_ncache_set_user_int); +} + +int sss_ncache_set_group(struct sss_nc_ctx *ctx, bool permanent, + struct sss_domain_info *dom, const char *name) +{ + return sss_ncache_set_ent(ctx, permanent, dom, name, sss_ncache_set_group_int); +} + +int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent, + struct sss_domain_info *dom, const char *name) +{ + return sss_ncache_set_ent(ctx, permanent, dom, name, sss_ncache_set_netgr_int); +} + int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, uid_t uid) { char *str; @@ -409,7 +494,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } - ret = sss_ncache_set_user(ncache, true, dom->name, name); + ret = sss_ncache_set_user(ncache, true, dom, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent user filter for [%s]" " (%d [%s])\n", filter_list[i], @@ -447,7 +532,14 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } if (domainname) { - ret = sss_ncache_set_user(ncache, true, domainname, name); + dom = responder_get_domain(domain_list, domainname); + if (!dom) { + DEBUG(SSSDBG_CRIT_FAILURE, + ("Invalid domain name [%s]\n", domainname)); + continue; + } + + ret = sss_ncache_set_user(ncache, true, dom, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent user filter for [%s]" " (%d [%s])\n", filter_list[i], @@ -456,7 +548,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, } } else { for (dom = domain_list; dom; dom = dom->next) { - ret = sss_ncache_set_user(ncache, true, dom->name, name); + ret = sss_ncache_set_user(ncache, true, dom, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent user filter for" " [%s:%s] (%d [%s])\n", @@ -499,7 +591,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } - ret = sss_ncache_set_group(ncache, true, dom->name, name); + ret = sss_ncache_set_group(ncache, true, dom, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent group filter for [%s]" " (%d [%s])\n", filter_list[i], @@ -537,7 +629,14 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } if (domainname) { - ret = sss_ncache_set_group(ncache, true, domainname, name); + dom = responder_get_domain(domain_list, domainname); + if (!dom) { + DEBUG(SSSDBG_CRIT_FAILURE, + ("Invalid domain name [%s]\n", domainname)); + continue; + } + + ret = sss_ncache_set_group(ncache, true, dom, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent group filter for" " [%s] (%d [%s])\n", filter_list[i], @@ -546,7 +645,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, } } else { for (dom = domain_list; dom; dom = dom->next) { - ret = sss_ncache_set_group(ncache, true, dom->name, name); + ret = sss_ncache_set_group(ncache, true, dom, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent group filter for" " [%s:%s] (%d [%s])\n", diff --git a/src/responder/common/negcache.h b/src/responder/common/negcache.h index fc857fce..72b99c96 100644 --- a/src/responder/common/negcache.h +++ b/src/responder/common/negcache.h @@ -29,9 +29,9 @@ int sss_ncache_init(TALLOC_CTX *memctx, struct sss_nc_ctx **_ctx); /* check if the user is expired according to the passed in time to live */ int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl, - const char *domain, const char *name); + struct sss_domain_info *dom, const char *name); int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl, - const char *domain, const char *name); + struct sss_domain_info *dom, const char *name); int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl, const char *domain, const char *name); int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, uid_t uid); @@ -42,11 +42,11 @@ int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, gid_t gid); * and the negative cache never expires (used to permanently filter out * users and groups) */ int sss_ncache_set_user(struct sss_nc_ctx *ctx, bool permanent, - const char *domain, const char *name); + struct sss_domain_info *dom, const char *name); int sss_ncache_set_group(struct sss_nc_ctx *ctx, bool permanent, - const char *domain, const char *name); + struct sss_domain_info *dom, const char *name); int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent, - const char *domain, const char *name); + struct sss_domain_info *dom, const char *name); int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, uid_t uid); int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent, gid_t gid); diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 99b1a23a..a48ac556 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -33,7 +33,6 @@ #include <errno.h> #include <popt.h> #include "util/util.h" -#include "util/sss_utf8.h" #include "db/sysdb.h" #include "confdb/confdb.h" #include "dbus/dbus.h" |