summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/providers/ipa/ipa_access.c94
-rw-r--r--src/providers/krb5/krb5_auth.c152
-rw-r--r--src/providers/ldap/sdap_async_accounts.c418
-rw-r--r--src/responder/pam/pam_LOCAL_domain.c122
-rw-r--r--src/responder/pam/pamsrv_cmd.c142
5 files changed, 205 insertions, 723 deletions
diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c
index 12c55637..2d47f8b2 100644
--- a/src/providers/ipa/ipa_access.c
+++ b/src/providers/ipa/ipa_access.c
@@ -228,7 +228,6 @@ static void hbac_get_host_info_connect_done(struct tevent_req *subreq);
static void hbac_get_host_memberof(struct tevent_req *req,
struct ldb_message **msgs);
static void hbac_get_host_memberof_done(struct tevent_req *subreq);
-static void hbac_get_host_info_store_trans(struct tevent_req *subreq);
static struct tevent_req *hbac_get_host_info_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
@@ -435,12 +434,13 @@ static void hbac_get_host_memberof(struct tevent_req *req,
{
struct hbac_get_host_info_state *state =
tevent_req_data(req, struct hbac_get_host_info_state);
- struct tevent_req *subreq;
+ bool in_transaction = false;
int ret;
int i;
int v;
struct ldb_message_element *el;
struct hbac_host_info **hhi;
+ char *object_name;
if (state->host_reply_count == 0) {
DEBUG(1, ("No hosts not found in IPA server.\n"));
@@ -567,37 +567,12 @@ static void hbac_get_host_memberof(struct tevent_req *req,
return;
}
- subreq = sysdb_transaction_send(state, state->ev, state->sysdb);
- if (subreq == NULL) {
- DEBUG(1, ("sysdb_transaction_send failed.\n"));
- ret = ENOMEM;
- goto fail;
- }
- tevent_req_set_callback(subreq, hbac_get_host_info_store_trans, req);
- return;
-
-fail:
- tevent_req_error(req, ret);
- return;
-}
-
-static void hbac_get_host_info_store_trans(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct hbac_get_host_info_state *state =
- tevent_req_data(req, struct hbac_get_host_info_state);
- struct ldb_message_element *el;
- char *object_name;
- int ret;
- int i;
-
- ret = sysdb_transaction_recv(subreq, state, &state->handle);
- talloc_zfree(subreq);
+ ret = sysdb_transaction_start(state->sysdb);
if (ret != EOK) {
tevent_req_error(req, ret);
return;
}
+ in_transaction = true;
for (i = 0; i < state->host_reply_count; i++) {
@@ -639,17 +614,20 @@ static void hbac_get_host_info_store_trans(struct tevent_req *subreq)
}
}
- subreq = sysdb_transaction_commit_send(state, state->ev, state->handle);
- if (subreq == NULL) {
- DEBUG(1, ("sysdb_transaction_commit_send failed.\n"));
- ret = ENOMEM;
+ ret = sysdb_transaction_commit(state->sysdb);
+ if (ret) {
+ DEBUG(1, ("sysdb_transaction_commit failed.\n"));
goto fail;
}
- tevent_req_set_callback(subreq, sysdb_transaction_complete, req);
+ in_transaction = false;
+ tevent_req_done(req);
return;
fail:
+ if (in_transaction) {
+ sysdb_transaction_cancel(state->sysdb);
+ }
tevent_req_error(req, ret);
return;
}
@@ -690,7 +668,6 @@ static void hbac_get_rules_connect_done(struct tevent_req *subreq);
static void hbac_rule_get(struct tevent_req *req,
struct ldb_message **msgs);
static void hbac_rule_get_done(struct tevent_req *subreq);
-static void hbac_rule_store_trans(struct tevent_req *subreq);
static struct tevent_req *hbac_get_rules_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
@@ -913,10 +890,12 @@ static void hbac_rule_get(struct tevent_req *req,
{
struct hbac_get_rules_state *state =
tevent_req_data(req, struct hbac_get_rules_state);
- struct tevent_req *subreq;
+ bool in_transaction = false;
int ret;
int i;
struct ldb_message_element *el;
+ struct ldb_dn *hbac_base_dn;
+ char *object_name;
if (state->offline) {
ret = msgs2attrs_array(state, state->hbac_reply_count, msgs,
@@ -947,38 +926,12 @@ static void hbac_rule_get(struct tevent_req *req,
return;
}
- subreq = sysdb_transaction_send(state, state->ev, state->sysdb);
- if (subreq == NULL) {
- DEBUG(1, ("sysdb_transaction_send failed.\n"));
- ret = ENOMEM;
- goto fail;
- }
- tevent_req_set_callback(subreq, hbac_rule_store_trans, req);
- return;
-
-fail:
- tevent_req_error(req, ret);
- return;
-}
-
-static void hbac_rule_store_trans(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct hbac_get_rules_state *state =
- tevent_req_data(req, struct hbac_get_rules_state);
- struct ldb_dn *hbac_base_dn;
- struct ldb_message_element *el;
- char *object_name;
- int ret;
- int i;
-
- ret = sysdb_transaction_recv(subreq, state, &state->handle);
- talloc_zfree(subreq);
+ ret = sysdb_transaction_start(state->sysdb);
if (ret != EOK) {
tevent_req_error(req, ret);
return;
}
+ in_transaction = true;
hbac_base_dn = sysdb_custom_subtree_dn(state->sysdb, state,
state->sdap_ctx->be->domain->name,
@@ -1026,17 +979,20 @@ static void hbac_rule_store_trans(struct tevent_req *subreq)
}
}
- subreq = sysdb_transaction_commit_send(state, state->ev, state->handle);
- if (subreq == NULL) {
- DEBUG(1, ("sysdb_transaction_commit_send failed.\n"));
- ret = ENOMEM;
+ ret = sysdb_transaction_commit(state->sysdb);
+ if (ret) {
+ DEBUG(1, ("sysdb_transaction_commit failed.\n"));
goto fail;
}
- tevent_req_set_callback(subreq, sysdb_transaction_complete, req);
+ in_transaction = false;
+ tevent_req_done(req);
return;
fail:
+ if (in_transaction) {
+ sysdb_transaction_cancel(state->sysdb);
+ }
tevent_req_error(req, ret);
return;
}
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 57ce673c..0d5ea5d2 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -174,106 +174,60 @@ static errno_t check_if_ccache_file_is_used(uid_t uid, const char *ccname,
return EOK;
}
-struct krb5_save_ccname_state {
- struct tevent_context *ev;
- struct sysdb_ctx *sysdb;
- struct sysdb_handle *handle;
- struct sss_domain_info *domain;
- const char *name;
- struct sysdb_attrs *attrs;
-};
-
-static void krb5_save_ccname_trans(struct tevent_req *subreq);
-
-static struct tevent_req *krb5_save_ccname_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct sysdb_ctx *sysdb,
- struct sss_domain_info *domain,
- const char *name,
- const char *ccname)
+static int krb5_save_ccname(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *name,
+ const char *ccname)
{
- struct tevent_req *req;
- struct tevent_req *subreq;
- struct krb5_save_ccname_state *state;
+ TALLOC_CTX *tmpctx;
+ struct sysdb_attrs *attrs;
int ret;
if (name == NULL || ccname == NULL) {
DEBUG(1, ("Missing user or ccache name.\n"));
- return NULL;
+ return EINVAL;
}
- req = tevent_req_create(mem_ctx, &state, struct krb5_save_ccname_state);
- if (req == NULL) {
- DEBUG(1, ("tevent_req_create failed.\n"));
- return NULL;
+ tmpctx = talloc_new(mem_ctx);
+ if (!tmpctx) {
+ return ENOMEM;
}
- state->ev = ev;
- state->sysdb = sysdb;
- state->handle = NULL;
- state->domain = domain;
- state->name = name;
+ attrs = sysdb_new_attrs(mem_ctx);
+ if (!attrs) {
+ ret = ENOMEM;
+ goto done;
+ }
- state->attrs = sysdb_new_attrs(state);
- ret = sysdb_attrs_add_string(state->attrs, SYSDB_CCACHE_FILE, ccname);
+ ret = sysdb_attrs_add_string(attrs, SYSDB_CCACHE_FILE, ccname);
if (ret != EOK) {
DEBUG(1, ("sysdb_attrs_add_string failed.\n"));
- goto failed;
- }
-
- subreq = sysdb_transaction_send(state, ev, sysdb);
- if (subreq == NULL) {
- goto failed;
+ goto done;
}
- tevent_req_set_callback(subreq, krb5_save_ccname_trans, req);
-
- return req;
-failed:
- talloc_free(req);
- return NULL;
-}
-
-static void krb5_save_ccname_trans(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct krb5_save_ccname_state *state = tevent_req_data(req,
- struct krb5_save_ccname_state);
- int ret;
-
- ret = sysdb_transaction_recv(subreq, state, &state->handle);
- talloc_zfree(subreq);
+ ret = sysdb_transaction_start(sysdb);
if (ret != EOK) {
- DEBUG(6, ("Error: %d (%s)\n", ret, strerror(ret)));
- tevent_req_error(req, ret);
- return;
+ DEBUG(6, ("Error %d starting transaction (%s)\n", ret, strerror(ret)));
+ goto done;
}
- ret = sysdb_set_user_attr(state, sysdb_handle_get_ctx(state->handle),
- state->domain, state->name,
- state->attrs, SYSDB_MOD_REP);
+ ret = sysdb_set_user_attr(tmpctx, sysdb,
+ domain, name, attrs, SYSDB_MOD_REP);
if (ret != EOK) {
DEBUG(6, ("Error: %d (%s)\n", ret, strerror(ret)));
- tevent_req_error(req, ret);
- return;
+ sysdb_transaction_cancel(sysdb);
+ goto done;
}
- subreq = sysdb_transaction_commit_send(state, state->ev, state->handle);
- if (subreq == NULL) {
- DEBUG(6, ("Error: Out of memory\n"));
- tevent_req_error(req, ENOMEM);
- return;
+ ret = sysdb_transaction_commit(sysdb);
+ if (ret != EOK) {
+ DEBUG(1, ("Failed to commit transaction!\n"));
}
- tevent_req_set_callback(subreq, sysdb_transaction_complete, req);
- return;
-}
-int krb5_save_ccname_recv(struct tevent_req *req)
-{
- TEVENT_REQ_RETURN_ON_ERROR(req);
-
- return EOK;
+done:
+ talloc_zfree(tmpctx);
+ return ret;
}
errno_t create_send_buffer(struct krb5child_req *kr, struct io_buffer **io_buf)
@@ -660,7 +614,7 @@ static void get_user_attr_done(void *pvt, int err, struct ldb_result *res);
static void krb5_resolve_kdc_done(struct tevent_req *req);
static void krb5_resolve_kpasswd_done(struct tevent_req *req);
static void krb5_find_ccache_step(struct krb5child_req *kr);
-static void krb5_save_ccname_done(struct tevent_req *req);
+static void krb5_save_ccname_done(struct krb5child_req *kr);
static void krb5_child_done(struct tevent_req *req);
void krb5_pam_handler(struct be_req *be_req)
@@ -998,16 +952,15 @@ static void krb5_find_ccache_step(struct krb5child_req *kr)
pd->authtok_size = 0;
if (kr->active_ccache_present) {
- req = krb5_save_ccname_send(kr, be_req->be_ctx->ev,
- be_req->be_ctx->sysdb,
- be_req->be_ctx->domain, pd->user,
- kr->ccname);
- if (req == NULL) {
- DEBUG(1, ("krb5_save_ccname_send failed.\n"));
+ ret = krb5_save_ccname(kr, be_req->be_ctx->sysdb,
+ be_req->be_ctx->domain, pd->user,
+ kr->ccname);
+ if (ret) {
+ DEBUG(1, ("krb5_save_ccname failed.\n"));
goto done;
}
- tevent_req_set_callback(req, krb5_save_ccname_done, kr);
+ krb5_save_ccname_done(kr);
return;
}
}
@@ -1136,25 +1089,25 @@ static void krb5_child_done(struct tevent_req *req)
goto done;
}
- req = krb5_save_ccname_send(kr, be_req->be_ctx->ev, be_req->be_ctx->sysdb,
- be_req->be_ctx->domain, pd->user, kr->ccname);
- if (req == NULL) {
+ ret = krb5_save_ccname(kr, be_req->be_ctx->sysdb,
+ be_req->be_ctx->domain,
+ pd->user, kr->ccname);
+ if (ret) {
DEBUG(1, ("krb5_save_ccname_send failed.\n"));
goto done;
}
- tevent_req_set_callback(req, krb5_save_ccname_done, kr);
+ krb5_save_ccname_done(kr);
return;
+
done:
talloc_free(kr);
pd->pam_status = pam_status;
krb_reply(be_req, dp_err, pd->pam_status);
}
-static void krb5_save_ccname_done(struct tevent_req *req)
+static void krb5_save_ccname_done(struct krb5child_req *kr)
{
- struct krb5child_req *kr = tevent_req_callback_data(req,
- struct krb5child_req);
struct pam_data *pd = kr->pd;
struct be_req *be_req = kr->req;
struct krb5_ctx *krb5_ctx = kr->krb5_ctx;
@@ -1167,22 +1120,15 @@ static void krb5_save_ccname_done(struct tevent_req *req)
ret = add_krb5_env(krb5_ctx->opts, kr->ccname, pd);
if (ret != EOK) {
DEBUG(1, ("add_krb5_env failed.\n"));
- goto failed;
+ goto done;
}
}
- ret = krb5_save_ccname_recv(req);
- talloc_zfree(req);
- if (ret != EOK) {
- DEBUG(1, ("Saving ccache name failed.\n"));
- goto failed;
- }
-
if (kr->is_offline) {
DEBUG(4, ("Backend is marked offline, retry later!\n"));
pam_status = PAM_AUTHINFO_UNAVAIL;
dp_err = DP_ERR_OFFLINE;
- goto failed;
+ goto done;
}
if (be_req->be_ctx->domain->cache_credentials == TRUE) {
@@ -1213,7 +1159,7 @@ static void krb5_save_ccname_done(struct tevent_req *req)
if (password == NULL) {
DEBUG(0, ("password not available, offline auth may not work.\n"));
- goto failed;
+ goto done;
}
talloc_set_destructor((TALLOC_CTX *)password, password_destructor);
@@ -1230,7 +1176,7 @@ static void krb5_save_ccname_done(struct tevent_req *req)
pam_status = PAM_SUCCESS;
dp_err = DP_ERR_OK;
-failed:
+done:
talloc_free(kr);
pd->pam_status = pam_status;
diff --git a/src/providers/ldap/sdap_async_accounts.c b/src/providers/ldap/sdap_async_accounts.c
index 0385c8f8..9dca9eb0 100644
--- a/src/providers/ldap/sdap_async_accounts.c
+++ b/src/providers/ldap/sdap_async_accounts.c
@@ -278,80 +278,35 @@ fail:
/* ==Generic-Function-to-save-multiple-users============================= */
-struct sdap_save_users_state {
- struct tevent_context *ev;
- struct sysdb_ctx *sysdb;
- struct sdap_options *opts;
- struct sss_domain_info *dom;
-
- struct sysdb_attrs **users;
- int count;
-
- struct sysdb_handle *handle;
-
- char *higher_timestamp;
-};
-
-static void sdap_save_users_trans(struct tevent_req *subreq);
-struct tevent_req *sdap_save_users_send(TALLOC_CTX *memctx,
- struct tevent_context *ev,
- struct sss_domain_info *dom,
- struct sysdb_ctx *sysdb,
- struct sdap_options *opts,
- struct sysdb_attrs **users,
- int num_users)
-{
- struct tevent_req *req, *subreq;
- struct sdap_save_users_state *state;
-
- req = tevent_req_create(memctx, &state, struct sdap_save_users_state);
- if (!req) return NULL;
-
- state->ev = ev;
- state->opts = opts;
- state->sysdb = sysdb;
- state->dom = dom;
- state->users = users;
- state->count = num_users;
- state->handle = NULL;
- state->higher_timestamp = NULL;
-
- subreq = sysdb_transaction_send(state, state->ev, state->sysdb);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- tevent_req_post(req, ev);
- return req;
- }
- tevent_req_set_callback(subreq, sdap_save_users_trans, req);
-
- return req;
-}
-
-static void sdap_save_users_trans(struct tevent_req *subreq)
+static int sdap_save_users(TALLOC_CTX *memctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *dom,
+ struct sdap_options *opts,
+ struct sysdb_attrs **users,
+ int num_users,
+ char **_timestamp)
{
- struct tevent_req *req;
- struct sdap_save_users_state *state;
+ TALLOC_CTX *tmpctx;
+ char *higher_timestamp = NULL;
char *timestamp;
int ret;
int i;
- req = tevent_req_callback_data(subreq, struct tevent_req);
- state = tevent_req_data(req, struct sdap_save_users_state);
+ tmpctx = talloc_new(memctx);
+ if (!tmpctx) {
+ return ENOMEM;
+ }
- ret = sysdb_transaction_recv(subreq, state, &state->handle);
- talloc_zfree(subreq);
+ ret = sysdb_transaction_start(sysdb);
if (ret) {
- tevent_req_error(req, ret);
- return;
+ goto done;
}
- for (i = 0; i < state->count; i++) {
+ for (i = 0; i < num_users; i++) {
timestamp = NULL;
- ret = sdap_save_user(state, state->sysdb,
- state->opts, state->dom,
- state->users[i],
- false, &timestamp);
+ ret = sdap_save_user(tmpctx, sysdb, opts, dom,
+ users[i], false, &timestamp);
/* Do not fail completely on errors.
* Just report the failure to save and go on */
@@ -362,42 +317,32 @@ static void sdap_save_users_trans(struct tevent_req *subreq)
}
if (timestamp) {
- if (state->higher_timestamp) {
- if (strcmp(timestamp, state->higher_timestamp) > 0) {
- talloc_zfree(state->higher_timestamp);
- state->higher_timestamp = timestamp;
+ if (higher_timestamp) {
+ if (strcmp(timestamp, higher_timestamp) > 0) {
+ talloc_zfree(higher_timestamp);
+ higher_timestamp = timestamp;
} else {
talloc_zfree(timestamp);
}
} else {
- state->higher_timestamp = timestamp;
+ higher_timestamp = timestamp;
}
}
}
- subreq = sysdb_transaction_commit_send(state, state->ev,
- state->handle);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- return;
+ ret = sysdb_transaction_commit(sysdb);
+ if (ret) {
+ DEBUG(1, ("Failed to commit transaction!\n"));
+ goto done;
}
- /* sysdb_transaction_complete will call tevent_req_done(req) */
- tevent_req_set_callback(subreq, sysdb_transaction_complete, req);
-}
-
-static int sdap_save_users_recv(struct tevent_req *req,
- TALLOC_CTX *mem_ctx, char **timestamp)
-{
- struct sdap_save_users_state *state = tevent_req_data(req,
- struct sdap_save_users_state);
- TEVENT_REQ_RETURN_ON_ERROR(req);
-
- if (timestamp) {
- *timestamp = talloc_steal(mem_ctx, state->higher_timestamp);
+ if (_timestamp) {
+ *_timestamp = talloc_steal(memctx, higher_timestamp);
}
- return EOK;
+done:
+ talloc_zfree(tmpctx);
+ return ret;
}
@@ -418,7 +363,6 @@ struct sdap_get_users_state {
};
static void sdap_get_users_process(struct tevent_req *subreq);
-static void sdap_get_users_done(struct tevent_req *subreq);
struct tevent_req *sdap_get_users_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
@@ -484,34 +428,18 @@ static void sdap_get_users_process(struct tevent_req *subreq)
return;
}
- subreq = sdap_save_users_send(state, state->ev, state->dom,
- state->sysdb, state->opts,
- state->users, state->count);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- return;
- }
- tevent_req_set_callback(subreq, sdap_get_users_done, req);
-}
-
-static void sdap_get_users_done(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct sdap_get_users_state *state = tevent_req_data(req,
- struct sdap_get_users_state);
- int ret;
-
- DEBUG(9, ("Saving %d Users - Done\n", state->count));
-
- ret = sdap_save_users_recv(subreq, state, &state->higher_timestamp);
- talloc_zfree(subreq);
+ ret = sdap_save_users(state, state->sysdb,
+ state->dom, state->opts,
+ state->users, state->count,
+ &state->higher_timestamp);
if (ret) {
DEBUG(2, ("Failed to store users.\n"));
tevent_req_error(req, ret);
return;
}
+ DEBUG(9, ("Saving %d Users - Done\n", state->count));
+
tevent_req_done(req);
}
@@ -872,101 +800,53 @@ fail:
/* ==Generic-Function-to-save-multiple-groups============================= */
-struct sdap_save_groups_state {
- struct tevent_context *ev;
- struct sysdb_ctx *sysdb;
- struct sdap_options *opts;
- struct sss_domain_info *dom;
-
- struct sysdb_attrs **groups;
- int count;
- int cur;
- bool twopass;
-
- struct sysdb_handle *handle;
-
- char *higher_timestamp;
-};
-
-static void sdap_save_groups_trans(struct tevent_req *subreq);
-struct tevent_req *sdap_save_groups_send(TALLOC_CTX *memctx,
- struct tevent_context *ev,
- struct sss_domain_info *dom,
- struct sysdb_ctx *sysdb,
- struct sdap_options *opts,
- struct sysdb_attrs **groups,
- int num_groups)
+static int sdap_save_groups(TALLOC_CTX *memctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *dom,
+ struct sdap_options *opts,
+ struct sysdb_attrs **groups,
+ int num_groups,
+ char **_timestamp)
{
- struct tevent_req *req, *subreq;
- struct sdap_save_groups_state *state;
-
- req = tevent_req_create(memctx, &state, struct sdap_save_groups_state);
- if (!req) return NULL;
-
- state->ev = ev;
- state->opts = opts;
- state->sysdb = sysdb;
- state->dom = dom;
- state->groups = groups;
- state->count = num_groups;
- state->cur = 0;
- state->handle = NULL;
- state->higher_timestamp = NULL;
+ TALLOC_CTX *tmpctx;
+ char *higher_timestamp = NULL;
+ char *timestamp;
+ bool twopass;
+ int ret;
+ int i;
switch (opts->schema_type) {
case SDAP_SCHEMA_RFC2307:
- state->twopass = false;
+ twopass = false;
break;
case SDAP_SCHEMA_RFC2307BIS:
case SDAP_SCHEMA_IPA_V1:
case SDAP_SCHEMA_AD:
- state->twopass = true;
+ twopass = true;
break;
default:
- tevent_req_error(req, EINVAL);
- tevent_req_post(req, ev);
- return req;
+ return EINVAL;
}
- subreq = sysdb_transaction_send(state, state->ev, state->sysdb);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- tevent_req_post(req, ev);
- return req;
+ tmpctx = talloc_new(memctx);
+ if (!tmpctx) {
+ return ENOMEM;
}
- tevent_req_set_callback(subreq, sdap_save_groups_trans, req);
-
- return req;
-}
-
-static void sdap_save_groups_trans(struct tevent_req *subreq)
-{
- struct tevent_req *req;
- struct sdap_save_groups_state *state;
- char *timestamp;
- int ret;
- int i;
-
- req = tevent_req_callback_data(subreq, struct tevent_req);
- state = tevent_req_data(req, struct sdap_save_groups_state);
- ret = sysdb_transaction_recv(subreq, state, &state->handle);
- talloc_zfree(subreq);
+ ret = sysdb_transaction_start(sysdb);
if (ret) {
- tevent_req_error(req, ret);
- return;
+ goto done;
}
- for (i = 0; i < state->count; i++) {
+ for (i = 0; i < num_groups; i++) {
timestamp = NULL;
/* if 2 pass savemembers = false */
- ret = sdap_save_group(state, sysdb_handle_get_ctx(state->handle),
- state->opts, state->dom,
- state->groups[i],
- (!state->twopass), &timestamp);
+ ret = sdap_save_group(tmpctx, sysdb,
+ opts, dom, groups[i],
+ (!twopass), &timestamp);
/* Do not fail completely on errors.
* Just report the failure to save and go on */
@@ -977,27 +857,24 @@ static void sdap_save_groups_trans(struct tevent_req *subreq)
}
if (timestamp) {
- if (state->higher_timestamp) {
- if (strcmp(timestamp, state->higher_timestamp) > 0) {
- talloc_zfree(state->higher_timestamp);
- state->higher_timestamp = timestamp;
+ if (higher_timestamp) {
+ if (strcmp(timestamp, higher_timestamp) > 0) {
+ talloc_zfree(higher_timestamp);
+ higher_timestamp = timestamp;
} else {
talloc_zfree(timestamp);
}
} else {
- state->higher_timestamp = timestamp;
+ higher_timestamp = timestamp;
}
}
}
- if (state->twopass) {
+ if (twopass) {
- for (i = 0; i < state->count; i++) {
+ for (i = 0; i < num_groups; i++) {
- ret = sdap_save_grpmem(state,
- sysdb_handle_get_ctx(state->handle),
- state->opts, state->dom,
- state->groups[i]);
+ ret = sdap_save_grpmem(tmpctx, sysdb, opts, dom, groups[i]);
/* Do not fail completely on errors.
* Just report the failure to save and go on */
if (ret) {
@@ -1008,29 +885,19 @@ static void sdap_save_groups_trans(struct tevent_req *subreq)
}
}
- subreq = sysdb_transaction_commit_send(state, state->ev,
- state->handle);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- return;
+ ret = sysdb_transaction_commit(sysdb);
+ if (ret) {
+ DEBUG(1, ("Failed to commit transaction!\n"));
+ goto done;
}
- /* sysdb_transaction_complete will call tevent_req_done(req) */
- tevent_req_set_callback(subreq, sysdb_transaction_complete, req);
-}
-
-static int sdap_save_groups_recv(struct tevent_req *req,
- TALLOC_CTX *mem_ctx, char **timestamp)
-{
- struct sdap_save_groups_state *state = tevent_req_data(req,
- struct sdap_save_groups_state);
-
- TEVENT_REQ_RETURN_ON_ERROR(req);
- if (timestamp) {
- *timestamp = talloc_steal(mem_ctx, state->higher_timestamp);
+ if (_timestamp) {
+ *_timestamp = talloc_steal(memctx, higher_timestamp);
}
- return EOK;
+done:
+ talloc_zfree(tmpctx);
+ return ret;
}
@@ -1051,7 +918,6 @@ struct sdap_get_groups_state {
};
static void sdap_get_groups_process(struct tevent_req *subreq);
-static void sdap_get_groups_done(struct tevent_req *subreq);
struct tevent_req *sdap_get_groups_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
@@ -1117,34 +983,18 @@ static void sdap_get_groups_process(struct tevent_req *subreq)
return;
}
- subreq = sdap_save_groups_send(state, state->ev, state->dom,
- state->sysdb, state->opts,
- state->groups, state->count);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- return;
- }
- tevent_req_set_callback(subreq, sdap_get_groups_done, req);
-}
-
-static void sdap_get_groups_done(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct sdap_get_groups_state *state = tevent_req_data(req,
- struct sdap_get_groups_state);
- int ret;
-
- DEBUG(9, ("Saving %d Groups - Done\n", state->count));
-
- ret = sdap_save_groups_recv(subreq, state, &state->higher_timestamp);
- talloc_zfree(subreq);
+ ret = sdap_save_groups(state, state->sysdb,
+ state->dom, state->opts,
+ state->groups, state->count,
+ &state->higher_timestamp);
if (ret) {
DEBUG(2, ("Failed to store groups.\n"));
tevent_req_error(req, ret);
return;
}
+ DEBUG(9, ("Saving %d Groups - Done\n", state->count));
+
tevent_req_done(req);
}
@@ -1177,7 +1027,6 @@ struct sdap_initgr_rfc2307_state {
};
static void sdap_initgr_rfc2307_process(struct tevent_req *subreq);
-static void sdap_initgr_rfc2307_done(struct tevent_req *subreq);
struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
struct sdap_options *opts,
@@ -1246,25 +1095,9 @@ static void sdap_initgr_rfc2307_process(struct tevent_req *subreq)
return;
}
- subreq = sdap_save_groups_send(state, state->ev, state->dom,
- state->sysdb, state->opts,
- groups, count);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- return;
- }
- tevent_req_set_callback(subreq, sdap_initgr_rfc2307_done, req);
-}
-
-static void sdap_initgr_rfc2307_done(struct tevent_req *subreq)
-{
- struct tevent_req *req;
- int ret;
-
- req = tevent_req_callback_data(subreq, struct tevent_req);
-
- ret = sdap_save_groups_recv(subreq, NULL, NULL);
- talloc_zfree(subreq);
+ ret = sdap_save_groups(state, state->sysdb,
+ state->dom, state->opts,
+ groups, count, NULL);
if (ret) {
tevent_req_error(req, ret);
return;
@@ -1305,7 +1138,6 @@ struct sdap_initgr_nested_state {
static void sdap_initgr_nested_search(struct tevent_req *subreq);
static void sdap_initgr_nested_store(struct tevent_req *req);
-static void sdap_initgr_nested_done(struct tevent_req *subreq);
static struct tevent_req *sdap_initgr_nested_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
struct sdap_options *opts,
@@ -1435,30 +1267,13 @@ static void sdap_initgr_nested_search(struct tevent_req *subreq)
static void sdap_initgr_nested_store(struct tevent_req *req)
{
- struct tevent_req *subreq;
struct sdap_initgr_nested_state *state;
-
- state = tevent_req_data(req, struct sdap_initgr_nested_state);
-
- subreq = sdap_save_groups_send(state, state->ev, state->dom,
- state->sysdb, state->opts,
- state->groups, state->groups_cur);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- return;
- }
- tevent_req_set_callback(subreq, sdap_initgr_nested_done, req);
-}
-
-static void sdap_initgr_nested_done(struct tevent_req *subreq)
-{
- struct tevent_req *req;
int ret;
- req = tevent_req_callback_data(subreq, struct tevent_req);
+ state = tevent_req_data(req, struct sdap_initgr_nested_state);
- ret = sdap_save_groups_recv(subreq, NULL, NULL);
- talloc_zfree(subreq);
+ ret = sdap_save_groups(state, state->sysdb, state->dom, state->opts,
+ state->groups, state->groups_cur, NULL);
if (ret) {
tevent_req_error(req, ret);
return;
@@ -1492,8 +1307,6 @@ struct sdap_get_initgr_state {
};
static void sdap_get_initgr_user(struct tevent_req *subreq);
-static void sdap_get_initgr_store(struct tevent_req *subreq);
-static void sdap_get_initgr_process(struct tevent_req *subreq);
static void sdap_get_initgr_done(struct tevent_req *subreq);
struct tevent_req *sdap_get_initgr_send(TALLOC_CTX *memctx,
@@ -1590,66 +1403,33 @@ static void sdap_get_initgr_user(struct tevent_req *subreq)
state->orig_user = usr_attrs[0];
- subreq = sysdb_transaction_send(state, state->ev, state->sysdb);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- return;
- }
- tevent_req_set_callback(subreq, sdap_get_initgr_store, req);
-}
-
-static void sdap_get_initgr_store(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct sdap_get_initgr_state *state = tevent_req_data(req,
- struct sdap_get_initgr_state);
- int ret;
-
- DEBUG(9, ("Storing the user\n"));
-
- ret = sysdb_transaction_recv(subreq, state, &state->handle);
- talloc_zfree(subreq);
+ ret = sysdb_transaction_start(state->sysdb);
if (ret) {
tevent_req_error(req, ret);
return;
}
+ DEBUG(9, ("Storing the user\n"));
+
ret = sdap_save_user(state, state->sysdb,
state->opts, state->dom,
state->orig_user, true, NULL);
if (ret) {
+ sysdb_transaction_cancel(state->sysdb);
tevent_req_error(req, ret);
return;
}
DEBUG(9, ("Commit change\n"));
- subreq = sysdb_transaction_commit_send(state, state->ev, state->handle);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- return;
- }
- tevent_req_set_callback(subreq, sdap_get_initgr_process, req);
-}
-
-static void sdap_get_initgr_process(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct sdap_get_initgr_state *state = tevent_req_data(req,
- struct sdap_get_initgr_state);
- int ret;
-
- DEBUG(9, ("Process user's groups\n"));
-
- ret = sysdb_transaction_commit_recv(subreq);
- talloc_zfree(subreq);
+ ret = sysdb_transaction_commit(state->sysdb);
if (ret) {
tevent_req_error(req, ret);
return;
}
+ DEBUG(9, ("Process user's groups\n"));
+
switch (state->opts->schema_type) {
case SDAP_SCHEMA_RFC2307:
subreq = sdap_initgr_rfc2307_send(state, state->ev, state->opts,
diff --git a/src/responder/pam/pam_LOCAL_domain.c b/src/responder/pam/pam_LOCAL_domain.c
index 80f8a91c..09229c29 100644
--- a/src/responder/pam/pam_LOCAL_domain.c
+++ b/src/responder/pam/pam_LOCAL_domain.c
@@ -70,69 +70,8 @@ static void prepare_reply(struct LOCAL_request *lreq)
lreq->preq->callback(lreq->preq);
}
-static void set_user_attr_done(struct tevent_req *req)
-{
- struct LOCAL_request *lreq;
- int ret;
-
- lreq = tevent_req_callback_data(req, struct LOCAL_request);
-
- ret = sysdb_transaction_commit_recv(req);
- if (ret) {
- DEBUG(2, ("set_user_attr failed.\n"));
- lreq->error =ret;
- }
-
- prepare_reply(lreq);
-}
-
-static void set_user_attr_req(struct tevent_req *req)
-{
- struct LOCAL_request *lreq = tevent_req_callback_data(req,
- struct LOCAL_request);
- int ret;
-
- DEBUG(4, ("entering set_user_attr_req\n"));
-
- ret = sysdb_transaction_recv(req, lreq, &lreq->handle);
- if (ret) {
- lreq->error = ret;
- return prepare_reply(lreq);
- }
-
- ret = sysdb_set_user_attr(lreq, sysdb_handle_get_ctx(lreq->handle),
- lreq->preq->domain,
- lreq->preq->pd->user,
- lreq->mod_attrs, SYSDB_MOD_REP);
-
- DEBUG(4, ("set_user_attr_callback, status [%d][%s]\n", ret, strerror(ret)));
-
- if (ret) {
- lreq->error = ret;
- goto fail;
- }
-
- req = sysdb_transaction_commit_send(lreq, lreq->ev, lreq->handle);
- if (!req) {
- lreq->error = ENOMEM;
- goto fail;
- }
- tevent_req_set_callback(req, set_user_attr_done, lreq);
-
- return;
-
-fail:
- DEBUG(2, ("set_user_attr failed.\n"));
-
- /* cancel transaction */
- talloc_zfree(lreq->handle);
-
- prepare_reply(lreq);
-}
-
static void do_successful_login(struct LOCAL_request *lreq)
{
- struct tevent_req *req;
int ret;
lreq->mod_attrs = sysdb_new_attrs(lreq);
@@ -148,23 +87,19 @@ static void do_successful_login(struct LOCAL_request *lreq)
NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_attrs_add_long failed.\n"),
lreq->error, ret, done);
- req = sysdb_transaction_send(lreq, lreq->ev, lreq->dbctx);
- if (!req) {
- lreq->error = ENOMEM;
- goto done;
- }
- tevent_req_set_callback(req, set_user_attr_req, lreq);
-
- return;
+ ret = sysdb_set_user_attr(lreq, lreq->dbctx,
+ lreq->preq->domain,
+ lreq->preq->pd->user,
+ lreq->mod_attrs, SYSDB_MOD_REP);
+ NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_set_user_attr failed.\n"),
+ lreq->error, ret, done);
done:
-
- prepare_reply(lreq);
+ return;
}
static void do_failed_login(struct LOCAL_request *lreq)
{
- struct tevent_req *req;
int ret;
int failedLoginAttempts;
struct pam_data *pd;
@@ -194,18 +129,15 @@ static void do_failed_login(struct LOCAL_request *lreq)
NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_attrs_add_long failed.\n"),
lreq->error, ret, done);
- req = sysdb_transaction_send(lreq, lreq->ev, lreq->dbctx);
- if (!req) {
- lreq->error = ENOMEM;
- goto done;
- }
- tevent_req_set_callback(req, set_user_attr_req, lreq);
-
- return;
+ ret = sysdb_set_user_attr(lreq, lreq->dbctx,
+ lreq->preq->domain,
+ lreq->preq->pd->user,
+ lreq->mod_attrs, SYSDB_MOD_REP);
+ NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_set_user_attr failed.\n"),
+ lreq->error, ret, done);
done:
-
- prepare_reply(lreq);
+ return;
}
static void do_pam_acct_mgmt(struct LOCAL_request *lreq)
@@ -222,13 +154,10 @@ static void do_pam_acct_mgmt(struct LOCAL_request *lreq)
(strncasecmp(disabled, "no",2) != 0) ) {
pd->pam_status = PAM_PERM_DENIED;
}
-
- prepare_reply(lreq);
}
static void do_pam_chauthtok(struct LOCAL_request *lreq)
{
- struct tevent_req *req;
int ret;
char *newauthtok;
char *salt;
@@ -246,7 +175,7 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq)
if (strlen(newauthtok) == 0) {
/* TODO: should we allow null passwords via a config option ? */
DEBUG(1, ("Empty passwords are not allowed!\n"));
- ret = EINVAL;
+ lreq->error = EINVAL;
goto done;
}
@@ -274,17 +203,15 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq)
NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_attrs_add_long failed.\n"),
lreq->error, ret, done);
- req = sysdb_transaction_send(lreq, lreq->ev, lreq->dbctx);
- if (!req) {
- lreq->error = ENOMEM;
- goto done;
- }
- tevent_req_set_callback(req, set_user_attr_req, lreq);
+ ret = sysdb_set_user_attr(lreq, lreq->dbctx,
+ lreq->preq->domain,
+ lreq->preq->pd->user,
+ lreq->mod_attrs, SYSDB_MOD_REP);
+ NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_set_user_attr failed.\n"),
+ lreq->error, ret, done);
- return;
done:
-
- prepare_reply(lreq);
+ return;
}
static void local_handler_callback(void *pvt, int ldb_status,
@@ -361,7 +288,7 @@ static void local_handler_callback(void *pvt, int ldb_status,
if (strcmp(new_hash, password) != 0) {
DEBUG(1, ("Passwords do not match.\n"));
do_failed_login(lreq);
- return;
+ goto done;
}
break;
@@ -370,15 +297,12 @@ static void local_handler_callback(void *pvt, int ldb_status,
switch (pd->cmd) {
case SSS_PAM_AUTHENTICATE:
do_successful_login(lreq);
- return;
break;
case SSS_PAM_CHAUTHTOK:
do_pam_chauthtok(lreq);
- return;
break;
case SSS_PAM_ACCT_MGMT:
do_pam_acct_mgmt(lreq);
- return;
break;
case SSS_PAM_SETCRED:
break;
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index 77f29ec8..eba78cce 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -271,119 +271,8 @@ static int pam_parse_in_data(struct sss_names_ctx *snctx,
/*=Save-Last-Login-State===================================================*/
-struct set_last_login_state {
- struct tevent_context *ev;
- struct sysdb_ctx *dbctx;
-
- struct sss_domain_info *dom;
- const char *username;
- struct sysdb_attrs *attrs;
-
- struct sysdb_handle *handle;
-
- struct ldb_result *res;
-};
-
-static void set_last_login_trans_done(struct tevent_req *subreq);
-static void set_last_login_done(struct tevent_req *subreq);
-
-static struct tevent_req *set_last_login_send(TALLOC_CTX *memctx,
- struct tevent_context *ev,
- struct sysdb_ctx *dbctx,
- struct sss_domain_info *dom,
- const char *username,
- struct sysdb_attrs *attrs)
-{
- struct tevent_req *req, *subreq;
- struct set_last_login_state *state;
-
- req = tevent_req_create(memctx, &state, struct set_last_login_state);
- if (!req) {
- return NULL;
- }
-
- state->ev = ev;
- state->dbctx = dbctx;
- state->dom = dom;
- state->username = username;
- state->attrs = attrs;
- state->handle = NULL;
-
- subreq = sysdb_transaction_send(state, state->ev, state->dbctx);
- if (!subreq) {
- talloc_free(req);
- return NULL;
- }
- tevent_req_set_callback(subreq, set_last_login_trans_done, req);
-
- return req;
-}
-
-static void set_last_login_trans_done(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct set_last_login_state *state = tevent_req_data(req,
- struct set_last_login_state);
- int ret;
-
- ret = sysdb_transaction_recv(subreq, state, &state->handle);
- talloc_zfree(subreq);
- if (ret != EOK) {
- DEBUG(1, ("Unable to acquire sysdb transaction lock\n"));
- tevent_req_error(req, ret);
- return;
- }
-
- ret = sysdb_set_user_attr(state, sysdb_handle_get_ctx(state->handle),
- state->dom, state->username,
- state->attrs, SYSDB_MOD_REP);
- if (ret != EOK) {
- DEBUG(4, ("set_user_attr_callback, status [%d][%s]\n",
- ret, strerror(ret)));
- tevent_req_error(req, ret);
- return;
- }
-
- subreq = sysdb_transaction_commit_send(state, state->ev, state->handle);
- if (!subreq) {
- tevent_req_error(req, ENOMEM);
- return;
- }
- tevent_req_set_callback(subreq, set_last_login_done, req);
-}
-
-static void set_last_login_done(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- int ret;
-
- ret = sysdb_transaction_commit_recv(subreq);
- if (ret != EOK) {
- DEBUG(2, ("set_last_login failed.\n"));
- tevent_req_error(req, ret);
- return;
- }
-
- tevent_req_done(req);
-}
-
-static int set_last_login_recv(struct tevent_req *req)
-{
- TEVENT_REQ_RETURN_ON_ERROR(req);
-
- return EOK;
-}
-
-/*=========================================================================*/
-
-
-static void set_last_login_reply(struct tevent_req *req);
-
static errno_t set_last_login(struct pam_auth_req *preq)
{
- struct tevent_req *req;
struct sysdb_ctx *dbctx;
struct sysdb_attrs *attrs;
errno_t ret;
@@ -411,13 +300,17 @@ static errno_t set_last_login(struct pam_auth_req *preq)
goto fail;
}
- req = set_last_login_send(preq, preq->cctx->ev, dbctx,
- preq->domain, preq->pd->user, attrs);
- if (!req) {
- ret = ENOMEM;
+ ret = sysdb_set_user_attr(preq, dbctx,
+ preq->domain, preq->pd->user,
+ attrs, SYSDB_MOD_REP);
+ if (ret != EOK) {
+ DEBUG(2, ("set_last_login failed.\n"));
+ preq->pd->pam_status = PAM_SYSTEM_ERR;
goto fail;
+ } else {
+ preq->pd->last_auth_saved = true;
}
- tevent_req_set_callback(req, set_last_login_reply, preq);
+ preq->callback(preq);
return EOK;
@@ -425,22 +318,6 @@ fail:
return ret;
}
-static void set_last_login_reply(struct tevent_req *req)
-{
- struct pam_auth_req *preq = tevent_req_callback_data(req,
- struct pam_auth_req);
- int ret;
-
- ret = set_last_login_recv(req);
- if (ret != EOK) {
- preq->pd->pam_status = PAM_SYSTEM_ERR;
- } else {
- preq->pd->last_auth_saved = true;
- }
-
- preq->callback(preq);
-}
-
static void pam_reply_delay(struct tevent_context *ev, struct tevent_timer *te,
struct timeval tv, void *pvt)
{
@@ -566,7 +443,6 @@ static void pam_reply(struct pam_auth_req *preq)
if (ret != EOK) {
goto done;
}
-
return;
}