summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2012-01-19 20:38:40 -0500
committerStephen Gallagher <sgallagh@redhat.com>2012-01-21 12:47:57 -0500
commit0c7aa697991ea9df960fae14fd567ebdda3b4ff4 (patch)
treee61deb65296375cf381ef780c4bea12fe07d0589 /src
parent91d521779424409646649a84a99a20f8e8e159df (diff)
downloadsssd-0c7aa697991ea9df960fae14fd567ebdda3b4ff4.tar.gz
sssd-0c7aa697991ea9df960fae14fd567ebdda3b4ff4.tar.bz2
sssd-0c7aa697991ea9df960fae14fd567ebdda3b4ff4.zip
RESPONDER: Extend sss_dp_account_send() to include extra data
Some NSS maps such as 'services' require more values to be passed to the data provider than just the name or ID. In these cases, we will amend an optional component to filter value to pass to the data provider backend.
Diffstat (limited to 'src')
-rw-r--r--src/responder/common/responder.h3
-rw-r--r--src/responder/common/responder_dp.c31
-rw-r--r--src/responder/nss/nsssrv_cmd.c8
-rw-r--r--src/responder/pam/pamsrv_cmd.c2
-rw-r--r--src/responder/sudo/sudosrv_get_sudorules.c2
5 files changed, 32 insertions, 14 deletions
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
index cbac67b5..c27de311 100644
--- a/src/responder/common/responder.h
+++ b/src/responder/common/responder.h
@@ -192,7 +192,8 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx,
bool fast_reply,
int type,
const char *opt_name,
- uint32_t opt_id);
+ uint32_t opt_id,
+ const char *extra);
errno_t
sss_dp_get_account_recv(TALLOC_CTX *mem_ctx,
struct tevent_req *req,
diff --git a/src/responder/common/responder_dp.c b/src/responder/common/responder_dp.c
index f51e2496..6bc086c2 100644
--- a/src/responder/common/responder_dp.c
+++ b/src/responder/common/responder_dp.c
@@ -247,7 +247,8 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx,
bool fast_reply,
int type,
const char *opt_name,
- uint32_t opt_id)
+ uint32_t opt_id,
+ const char *extra)
{
errno_t ret;
int hret;
@@ -312,13 +313,29 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx,
state->key->type = HASH_KEY_STRING;
if (opt_name) {
- filter = talloc_asprintf(state, "name=%s", opt_name);
- state->key->str = talloc_asprintf(state->key, "%d:%s@%s",
- type, opt_name, dom->name);
+ if (extra) {
+ filter = talloc_asprintf(state, "name=%s:%s",
+ opt_name, extra);
+ state->key->str = talloc_asprintf(state->key, "%d:%s:%s@%s",
+ type, opt_name,
+ extra, dom->name);
+ } else {
+ filter = talloc_asprintf(state, "name=%s", opt_name);
+ state->key->str = talloc_asprintf(state->key, "%d:%s@%s",
+ type, opt_name, dom->name);
+ }
} else if (opt_id) {
- filter = talloc_asprintf(state, "idnumber=%u", opt_id);
- state->key->str = talloc_asprintf(state->key, "%d:%d@%s",
- type, opt_id, dom->name);
+ if (extra) {
+ filter = talloc_asprintf(state, "idnumber=%u:%s",
+ opt_id, extra);
+ state->key->str = talloc_asprintf(state->key, "%d:%d:%s@%s",
+ type, opt_id,
+ extra, dom->name);
+ } else {
+ filter = talloc_asprintf(state, "idnumber=%u", opt_id);
+ state->key->str = talloc_asprintf(state->key, "%d:%d@%s",
+ type, opt_id, dom->name);
+ }
} else {
filter = talloc_strdup(state, ENUM_INDICATOR);
state->key->str = talloc_asprintf(state->key, "%d:*@%s",
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index abed7a88..dec7f305 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -649,7 +649,7 @@ errno_t check_cache(struct nss_dom_ctx *dctx,
* immediately.
*/
req = sss_dp_get_account_send(cctx, cctx->rctx, dctx->domain, true,
- req_type, opt_name, opt_id);
+ req_type, opt_name, opt_id, NULL);
if (!req) {
DEBUG(SSSDBG_CRIT_FAILURE,
("Out of memory sending out-of-band data provider "
@@ -678,7 +678,7 @@ errno_t check_cache(struct nss_dom_ctx *dctx,
}
req = sss_dp_get_account_send(cctx, cctx->rctx, dctx->domain, true,
- req_type, opt_name, opt_id);
+ req_type, opt_name, opt_id, NULL);
if (!req) {
DEBUG(SSSDBG_CRIT_FAILURE,
("Out of memory sending data provider request\n"));
@@ -1413,7 +1413,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx)
dctx->check_provider = false;
dpreq = sss_dp_get_account_send(step_ctx, rctx, dctx->domain, true,
- SSS_DP_USER, NULL, 0);
+ SSS_DP_USER, NULL, 0, NULL);
if (!dpreq) {
DEBUG(SSSDBG_MINOR_FAILURE,
("Enum Cache refresh for domain [%s] failed."
@@ -2720,7 +2720,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx)
step_ctx->returned_to_mainloop = true;
/* Only do this once per provider */
dpreq = sss_dp_get_account_send(step_ctx, rctx, dctx->domain, true,
- SSS_DP_USER, NULL, 0);
+ SSS_DP_USER, NULL, 0, NULL);
if (!dpreq) {
DEBUG(SSSDBG_MINOR_FAILURE,
("Enum Cache refresh for domain [%s] failed."
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index 4a98dd63..8cb64221 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -953,7 +953,7 @@ static int pam_check_user_search(struct pam_auth_req *preq)
dpreq = sss_dp_get_account_send(preq, preq->cctx->rctx,
dom, false, SSS_DP_INITGROUPS,
- name, 0);
+ name, 0, NULL);
if (!dpreq) {
DEBUG(SSSDBG_CRIT_FAILURE,
("Out of memory sending data provider request\n"));
diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c
index fca6257d..b1c3fa5e 100644
--- a/src/responder/sudo/sudosrv_get_sudorules.c
+++ b/src/responder/sudo/sudosrv_get_sudorules.c
@@ -136,7 +136,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)
cache_expire < time(NULL)) {
dpreq = sss_dp_get_account_send(cli_ctx, cli_ctx->rctx,
dom, false, SSS_DP_INITGROUPS,
- cmd_ctx->username, 0);
+ cmd_ctx->username, 0, NULL);
if (!dpreq) {
DEBUG(SSSDBG_CRIT_FAILURE,
("Out of memory sending data provider request\n"));