diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-01-19 20:38:40 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-01-21 12:47:57 -0500 |
commit | 0c7aa697991ea9df960fae14fd567ebdda3b4ff4 (patch) | |
tree | e61deb65296375cf381ef780c4bea12fe07d0589 /src | |
parent | 91d521779424409646649a84a99a20f8e8e159df (diff) | |
download | sssd-0c7aa697991ea9df960fae14fd567ebdda3b4ff4.tar.gz sssd-0c7aa697991ea9df960fae14fd567ebdda3b4ff4.tar.bz2 sssd-0c7aa697991ea9df960fae14fd567ebdda3b4ff4.zip |
RESPONDER: Extend sss_dp_account_send() to include extra data
Some NSS maps such as 'services' require more values to be passed
to the data provider than just the name or ID. In these cases, we
will amend an optional component to filter value to pass to the
data provider backend.
Diffstat (limited to 'src')
-rw-r--r-- | src/responder/common/responder.h | 3 | ||||
-rw-r--r-- | src/responder/common/responder_dp.c | 31 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 8 | ||||
-rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 2 | ||||
-rw-r--r-- | src/responder/sudo/sudosrv_get_sudorules.c | 2 |
5 files changed, 32 insertions, 14 deletions
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h index cbac67b5..c27de311 100644 --- a/src/responder/common/responder.h +++ b/src/responder/common/responder.h @@ -192,7 +192,8 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx, bool fast_reply, int type, const char *opt_name, - uint32_t opt_id); + uint32_t opt_id, + const char *extra); errno_t sss_dp_get_account_recv(TALLOC_CTX *mem_ctx, struct tevent_req *req, diff --git a/src/responder/common/responder_dp.c b/src/responder/common/responder_dp.c index f51e2496..6bc086c2 100644 --- a/src/responder/common/responder_dp.c +++ b/src/responder/common/responder_dp.c @@ -247,7 +247,8 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx, bool fast_reply, int type, const char *opt_name, - uint32_t opt_id) + uint32_t opt_id, + const char *extra) { errno_t ret; int hret; @@ -312,13 +313,29 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx, state->key->type = HASH_KEY_STRING; if (opt_name) { - filter = talloc_asprintf(state, "name=%s", opt_name); - state->key->str = talloc_asprintf(state->key, "%d:%s@%s", - type, opt_name, dom->name); + if (extra) { + filter = talloc_asprintf(state, "name=%s:%s", + opt_name, extra); + state->key->str = talloc_asprintf(state->key, "%d:%s:%s@%s", + type, opt_name, + extra, dom->name); + } else { + filter = talloc_asprintf(state, "name=%s", opt_name); + state->key->str = talloc_asprintf(state->key, "%d:%s@%s", + type, opt_name, dom->name); + } } else if (opt_id) { - filter = talloc_asprintf(state, "idnumber=%u", opt_id); - state->key->str = talloc_asprintf(state->key, "%d:%d@%s", - type, opt_id, dom->name); + if (extra) { + filter = talloc_asprintf(state, "idnumber=%u:%s", + opt_id, extra); + state->key->str = talloc_asprintf(state->key, "%d:%d:%s@%s", + type, opt_id, + extra, dom->name); + } else { + filter = talloc_asprintf(state, "idnumber=%u", opt_id); + state->key->str = talloc_asprintf(state->key, "%d:%d@%s", + type, opt_id, dom->name); + } } else { filter = talloc_strdup(state, ENUM_INDICATOR); state->key->str = talloc_asprintf(state->key, "%d:*@%s", diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index abed7a88..dec7f305 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -649,7 +649,7 @@ errno_t check_cache(struct nss_dom_ctx *dctx, * immediately. */ req = sss_dp_get_account_send(cctx, cctx->rctx, dctx->domain, true, - req_type, opt_name, opt_id); + req_type, opt_name, opt_id, NULL); if (!req) { DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory sending out-of-band data provider " @@ -678,7 +678,7 @@ errno_t check_cache(struct nss_dom_ctx *dctx, } req = sss_dp_get_account_send(cctx, cctx->rctx, dctx->domain, true, - req_type, opt_name, opt_id); + req_type, opt_name, opt_id, NULL); if (!req) { DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory sending data provider request\n")); @@ -1413,7 +1413,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) dctx->check_provider = false; dpreq = sss_dp_get_account_send(step_ctx, rctx, dctx->domain, true, - SSS_DP_USER, NULL, 0); + SSS_DP_USER, NULL, 0, NULL); if (!dpreq) { DEBUG(SSSDBG_MINOR_FAILURE, ("Enum Cache refresh for domain [%s] failed." @@ -2720,7 +2720,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) step_ctx->returned_to_mainloop = true; /* Only do this once per provider */ dpreq = sss_dp_get_account_send(step_ctx, rctx, dctx->domain, true, - SSS_DP_USER, NULL, 0); + SSS_DP_USER, NULL, 0, NULL); if (!dpreq) { DEBUG(SSSDBG_MINOR_FAILURE, ("Enum Cache refresh for domain [%s] failed." diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index 4a98dd63..8cb64221 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -953,7 +953,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) dpreq = sss_dp_get_account_send(preq, preq->cctx->rctx, dom, false, SSS_DP_INITGROUPS, - name, 0); + name, 0, NULL); if (!dpreq) { DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory sending data provider request\n")); diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index fca6257d..b1c3fa5e 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -136,7 +136,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) cache_expire < time(NULL)) { dpreq = sss_dp_get_account_send(cli_ctx, cli_ctx->rctx, dom, false, SSS_DP_INITGROUPS, - cmd_ctx->username, 0); + cmd_ctx->username, 0, NULL); if (!dpreq) { DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory sending data provider request\n")); |