summaryrefslogtreecommitdiff
path: root/server/nss
diff options
context:
space:
mode:
Diffstat (limited to 'server/nss')
-rw-r--r--server/nss/nss_ldb.h45
-rw-r--r--server/nss/nsssrv.c5
-rw-r--r--server/nss/nsssrv.h4
-rw-r--r--server/nss/nsssrv_cmd.c84
-rw-r--r--server/nss/nsssrv_ldb.c762
-rw-r--r--server/nss/nsssrv_ldb.h83
6 files changed, 45 insertions, 938 deletions
diff --git a/server/nss/nss_ldb.h b/server/nss/nss_ldb.h
deleted file mode 100644
index 8f5b1124..00000000
--- a/server/nss/nss_ldb.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/* nss_ldb private header file */
-
-#define NSS_LDB_CONF_SECTION "config/services/nss"
-
-#define NSS_DEF_LDB_FILE "sssd.ldb"
-
-#define NSS_DEF_BASE "dc=sssd"
-#define NSS_TMPL_USER_BASE "cn=users,cn=%s,dc=sssd"
-#define NSS_TMPL_GROUP_BASE "cn=groups,cn=%s,dc=sssd"
-
-#define NSS_PWNAM_FILTER "(&(objectclass=user)(uid=%s))"
-#define NSS_PWUID_FILTER "(&(objectclass=user)(uidNumber=%llu))"
-#define NSS_PWENT_FILTER "(objectclass=user)"
-
-#define NSS_GRNAM_FILTER "(&(objectclass=group)(cn=%s))"
-#define NSS_GRNA2_FILTER "(&(objectclass=user)(memberof=%s))"
-#define NSS_GRGID_FILTER "(&(objectclass=group)(gidNumber=%llu))"
-#define NSS_GRENT_FILTER "(objectclass=group)"
-
-#define NSS_INITGR_FILTER "(&(objectclass=group)(gidNumber=*))"
-
-#define NSS_PW_NAME "uid"
-#define NSS_PW_PWD "userPassword"
-#define NSS_PW_UIDNUM "uidNumber"
-#define NSS_PW_GIDNUM "gidNumber"
-#define NSS_PW_FULLNAME "fullName"
-#define NSS_PW_HOMEDIR "homeDirectory"
-#define NSS_PW_SHELL "loginShell"
-
-#define NSS_GR_NAME "cn"
-#define NSS_GR_GIDNUM "gidNumber"
-#define NSS_GR_MEMBER "member"
-
-#define NSS_LAST_UPDATE "lastUpdate"
-
-#define NSS_PW_ATTRS {NSS_PW_NAME, NSS_PW_UIDNUM, \
- NSS_PW_GIDNUM, NSS_PW_FULLNAME, \
- NSS_PW_HOMEDIR, NSS_PW_SHELL, \
- NSS_LAST_UPDATE, NULL}
-#define NSS_GRNAM_ATTRS {NSS_GR_NAME, NSS_GR_GIDNUM, NSS_LAST_UPDATE, NULL}
-#define NSS_GRPW_ATTRS {NSS_PW_NAME, NSS_LAST_UPDATE, NULL}
-
-#define NSS_INITGR_ATTR "memberof"
-#define NSS_INITGR_ATTRS {NSS_GR_GIDNUM, NSS_LAST_UPDATE, NULL}
-
diff --git a/server/nss/nsssrv.c b/server/nss/nsssrv.c
index c787637a..4180a460 100644
--- a/server/nss/nsssrv.c
+++ b/server/nss/nsssrv.c
@@ -30,10 +30,9 @@
#include <sys/time.h>
#include <errno.h>
#include "popt.h"
-#include "ldb.h"
#include "util/util.h"
#include "nss/nsssrv.h"
-#include "nss/nsssrv_ldb.h"
+#include "db/sysdb.h"
#include "confdb/confdb.h"
#include "dbus/dbus.h"
#include "sbus/sssd_dbus.h"
@@ -426,7 +425,7 @@ int nss_process_init(TALLOC_CTX *mem_ctx,
return ret;
}
- ret = nss_ldb_init(nctx, ev, cdb, &nctx->lctx);
+ ret = sysdb_init(nctx, ev, cdb, &nctx->sysdb);
if (ret != EOK) {
DEBUG(0, ("fatal error initializing nss_ctx\n"));
return ret;
diff --git a/server/nss/nsssrv.h b/server/nss/nsssrv.h
index 6e4d57e0..ce1f7b23 100644
--- a/server/nss/nsssrv.h
+++ b/server/nss/nsssrv.h
@@ -41,14 +41,14 @@
#define NSS_DOMAIN_DELIM '@'
#endif
-struct nss_ldb_ctx;
+struct sysdb_ctx;
struct getent_ctx;
struct nss_ctx {
struct event_context *ev;
struct fd_event *lfde;
int lfd;
- struct nss_ldb_ctx *lctx;
+ struct sysdb_ctx *sysdb;
struct confdb_ctx *cdb;
char *sock_name;
struct service_sbus_ctx *ss_ctx;
diff --git a/server/nss/nsssrv_cmd.c b/server/nss/nsssrv_cmd.c
index 69823069..95a52ea2 100644
--- a/server/nss/nsssrv_cmd.c
+++ b/server/nss/nsssrv_cmd.c
@@ -19,12 +19,10 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#include "ldb.h"
-#include "ldb_errors.h"
#include "util/util.h"
#include "util/btreemap.h"
#include "nss/nsssrv.h"
-#include "nss/nsssrv_ldb.h"
+#include "db/sysdb.h"
#include <time.h>
struct nss_cmd_ctx {
@@ -137,12 +135,12 @@ static int fill_pwent(struct nss_packet *packet,
for (i = 0; i < count; i++) {
msg = msgs[i];
- name = ldb_msg_find_attr_as_string(msg, NSS_PW_NAME, NULL);
- fullname = ldb_msg_find_attr_as_string(msg, NSS_PW_FULLNAME, NULL);
- homedir = ldb_msg_find_attr_as_string(msg, NSS_PW_HOMEDIR, NULL);
- shell = ldb_msg_find_attr_as_string(msg, NSS_PW_SHELL, NULL);
- uid = ldb_msg_find_attr_as_uint64(msg, NSS_PW_UIDNUM, 0);
- gid = ldb_msg_find_attr_as_uint64(msg, NSS_PW_GIDNUM, 0);
+ name = ldb_msg_find_attr_as_string(msg, SYSDB_PW_NAME, NULL);
+ fullname = ldb_msg_find_attr_as_string(msg, SYSDB_PW_FULLNAME, NULL);
+ homedir = ldb_msg_find_attr_as_string(msg, SYSDB_PW_HOMEDIR, NULL);
+ shell = ldb_msg_find_attr_as_string(msg, SYSDB_PW_SHELL, NULL);
+ uid = ldb_msg_find_attr_as_uint64(msg, SYSDB_PW_UIDNUM, 0);
+ gid = ldb_msg_find_attr_as_uint64(msg, SYSDB_PW_GIDNUM, 0);
if (!name || !fullname || !homedir || !shell || !uid || !gid) {
DEBUG(1, ("Incomplete user object for %s[%llu]! Skipping\n",
@@ -262,7 +260,7 @@ static void nss_cmd_getpw_callback(void *ptr, int status,
if (nctx->check_expiration) {
timeout = nctx->cctx->nctx->cache_timeout;
- lastUpdate = ldb_msg_find_attr_as_uint64(res->msgs[0], NSS_LAST_UPDATE, 0);
+ lastUpdate = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_LAST_UPDATE, 0);
if (lastUpdate + timeout < time(NULL)) {
/* dont loop forever :-) */
@@ -347,9 +345,9 @@ static void nss_cmd_getpwnam_callback(uint16_t err_maj, uint32_t err_min,
(unsigned int)err_maj, (unsigned int)err_min, err_msg));
}
- ret = nss_ldb_getpwnam(nctx, cctx->ev, cctx->nctx->lctx,
- nctx->domain, nctx->name,
- nss_cmd_getpw_callback, nctx);
+ ret = sysdb_getpwnam(nctx, cctx->ev, cctx->nctx->sysdb,
+ nctx->domain, nctx->name,
+ nss_cmd_getpw_callback, nctx);
if (ret != EOK) {
DEBUG(1, ("Failed to make request to our cache!\n"));
@@ -393,9 +391,9 @@ static int nss_cmd_getpwnam(struct cli_ctx *cctx)
DEBUG(4, ("Requesting info for [%s] from [%s]\n",
nctx->name, nctx->domain?nctx->domain:"all domains"));
- ret = nss_ldb_getpwnam(nctx, cctx->ev, cctx->nctx->lctx,
- nctx->domain, nctx->name,
- nss_cmd_getpw_callback, nctx);
+ ret = sysdb_getpwnam(nctx, cctx->ev, cctx->nctx->sysdb,
+ nctx->domain, nctx->name,
+ nss_cmd_getpw_callback, nctx);
if (ret != EOK) {
DEBUG(1, ("Failed to make request to our cache!\n"));
@@ -422,9 +420,9 @@ static void nss_cmd_getpwuid_callback(uint16_t err_maj, uint32_t err_min,
(unsigned int)err_maj, (unsigned int)err_min, err_msg));
}
- ret = nss_ldb_getpwuid(nctx, cctx->ev, cctx->nctx->lctx,
- nctx->domain, nctx->id,
- nss_cmd_getpw_callback, nctx);
+ ret = sysdb_getpwuid(nctx, cctx->ev, cctx->nctx->sysdb,
+ nctx->domain, nctx->id,
+ nss_cmd_getpw_callback, nctx);
if (ret != EOK) {
DEBUG(1, ("Failed to make request to our cache!\n"));
@@ -463,9 +461,9 @@ static int nss_cmd_getpwuid(struct cli_ctx *cctx)
DEBUG(4, ("Requesting info for [%lu]@[%s]\n", nctx->id, nctx->domain));
- ret = nss_ldb_getpwuid(nctx, cctx->ev, cctx->nctx->lctx,
- nctx->domain, nctx->id,
- nss_cmd_getpw_callback, nctx);
+ ret = sysdb_getpwuid(nctx, cctx->ev, cctx->nctx->sysdb,
+ nctx->domain, nctx->id,
+ nss_cmd_getpw_callback, nctx);
if (ret != EOK) {
DEBUG(1, ("Failed to make request to our cache!\n"));
@@ -544,8 +542,8 @@ static int nss_cmd_setpwent(struct cli_ctx *cctx)
cctx->gctx->pwd_cur = 0;
}
- ret = nss_ldb_enumpwent(nctx, cctx->ev, cctx->nctx->lctx,
- nss_cmd_setpwent_callback, nctx);
+ ret = sysdb_enumpwent(nctx, cctx->ev, cctx->nctx->sysdb,
+ nss_cmd_setpwent_callback, nctx);
return ret;
}
@@ -642,8 +640,8 @@ static int nss_cmd_getpwent(struct cli_ctx *cctx)
cctx->gctx = gctx;
}
if (cctx->gctx->pwds == NULL) {
- ret = nss_ldb_enumpwent(nctx, cctx->ev, cctx->nctx->lctx,
- nss_cmd_getpwent_callback, nctx);
+ ret = sysdb_enumpwent(nctx, cctx->ev, cctx->nctx->sysdb,
+ nss_cmd_getpwent_callback, nctx);
return ret;
}
}
@@ -720,8 +718,8 @@ static int fill_grent(struct nss_packet *packet,
if (get_group) {
/* find group name/gid */
- name = ldb_msg_find_attr_as_string(msg, NSS_GR_NAME, NULL);
- gid = ldb_msg_find_attr_as_uint64(msg, NSS_GR_GIDNUM, 0);
+ name = ldb_msg_find_attr_as_string(msg, SYSDB_GR_NAME, NULL);
+ gid = ldb_msg_find_attr_as_uint64(msg, SYSDB_GR_GIDNUM, 0);
if (!name || !gid) {
DEBUG(1, ("Incomplete group object for %s[%llu]! Aborting\n",
name?name:"<NULL>", (unsigned long long int)gid));
@@ -749,7 +747,7 @@ static int fill_grent(struct nss_packet *packet,
continue;
}
- name = ldb_msg_find_attr_as_string(msg, NSS_PW_NAME, NULL);
+ name = ldb_msg_find_attr_as_string(msg, SYSDB_PW_NAME, NULL);
if (!name) {
/* last member of previous group found, or error.
@@ -862,9 +860,9 @@ static int nss_cmd_getgrnam(struct cli_ctx *cctx)
DEBUG(4, ("Requesting info for [%s]@[%s]\n", nctx->name, nctx->domain));
- ret = nss_ldb_getgrnam(nctx, cctx->ev, cctx->nctx->lctx,
- nctx->domain, nctx->name,
- nss_cmd_getgr_callback, nctx);
+ ret = sysdb_getgrnam(nctx, cctx->ev, cctx->nctx->sysdb,
+ nctx->domain, nctx->name,
+ nss_cmd_getgr_callback, nctx);
return ret;
}
@@ -895,9 +893,9 @@ static int nss_cmd_getgrgid(struct cli_ctx *cctx)
DEBUG(4, ("Requesting info for [%lu]@[%s]\n", nctx->id, nctx->domain));
- ret = nss_ldb_getgrgid(nctx, cctx->ev, cctx->nctx->lctx,
- nctx->domain, nctx->id,
- nss_cmd_getgr_callback, nctx);
+ ret = sysdb_getgrgid(nctx, cctx->ev, cctx->nctx->sysdb,
+ nctx->domain, nctx->id,
+ nss_cmd_getgr_callback, nctx);
return ret;
}
@@ -968,8 +966,8 @@ static int nss_cmd_setgrent(struct cli_ctx *cctx)
cctx->gctx->grp_cur = 0;
}
- ret = nss_ldb_enumgrent(nctx, cctx->ev, cctx->nctx->lctx,
- nss_cmd_setgrent_callback, nctx);
+ ret = sysdb_enumgrent(nctx, cctx->ev, cctx->nctx->sysdb,
+ nss_cmd_setgrent_callback, nctx);
return ret;
}
@@ -1069,8 +1067,8 @@ static int nss_cmd_getgrent(struct cli_ctx *cctx)
cctx->gctx = gctx;
}
if (cctx->gctx->grps == NULL) {
- ret = nss_ldb_enumgrent(nctx, cctx->ev, cctx->nctx->lctx,
- nss_cmd_getgrent_callback, nctx);
+ ret = sysdb_enumgrent(nctx, cctx->ev, cctx->nctx->sysdb,
+ nss_cmd_getgrent_callback, nctx);
return ret;
}
}
@@ -1155,7 +1153,7 @@ static void nss_cmd_initgr_callback(void *ptr, int status,
nss_packet_get_body(cctx->creq->out, &body, &blen);
for (i = 0; i < num; i++) {
- gid = ldb_msg_find_attr_as_uint64(res->msgs[i], NSS_GR_GIDNUM, 0);
+ gid = ldb_msg_find_attr_as_uint64(res->msgs[i], SYSDB_GR_GIDNUM, 0);
if (!gid) {
DEBUG(1, ("Incomplete group object for initgroups! Aborting\n"));
nss_packet_set_error(cctx->creq->out, EIO);
@@ -1201,9 +1199,9 @@ static int nss_cmd_initgroups(struct cli_ctx *cctx)
DEBUG(4, ("Requesting info for [%s]@[%s]\n", nctx->name, nctx->domain));
- ret = nss_ldb_initgroups(nctx, cctx->ev, cctx->nctx->lctx,
- nctx->domain, nctx->name,
- nss_cmd_initgr_callback, nctx);
+ ret = sysdb_initgroups(nctx, cctx->ev, cctx->nctx->sysdb,
+ nctx->domain, nctx->name,
+ nss_cmd_initgr_callback, nctx);
return ret;
}
diff --git a/server/nss/nsssrv_ldb.c b/server/nss/nsssrv_ldb.c
deleted file mode 100644
index d9c40463..00000000
--- a/server/nss/nsssrv_ldb.c
+++ /dev/null
@@ -1,762 +0,0 @@
-/*
- SSSD
-
- NSS Responder
-
- Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "ldb.h"
-#include "ldb_errors.h"
-#include "util/util.h"
-#include "nss/nsssrv.h"
-#include "nss/nsssrv_ldb.h"
-#include "confdb/confdb.h"
-
-struct nss_ldb_search_ctx {
- struct nss_ldb_ctx *nlctx;
- const char *base_dn;
- nss_ldb_callback_t callback;
- void *ptr;
- struct ldb_result *res;
-};
-
-static int nss_ldb_error_to_errno(int lerr)
-{
- /* fake it up for now, requires a mapping table */
- return EIO;
-}
-
-static void request_error(struct nss_ldb_search_ctx *sctx, int ldb_error)
-{
- sctx->callback(sctx->ptr, nss_ldb_error_to_errno(ldb_error), sctx->res);
-}
-
-static void request_done(struct nss_ldb_search_ctx *sctx)
-{
- sctx->callback(sctx->ptr, EOK, sctx->res);
-}
-
-static int get_gen_callback(struct ldb_request *req,
- struct ldb_reply *ares)
-{
- struct nss_ldb_search_ctx *sctx;
- struct ldb_result *res;
- int n;
-
- sctx = talloc_get_type(req->context, struct nss_ldb_search_ctx);
- res = sctx->res;
-
- if (!ares) {
- request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- return LDB_ERR_OPERATIONS_ERROR;
- }
- if (ares->error != LDB_SUCCESS) {
- request_error(sctx, ares->error);
- return ares->error;
- }
-
- switch (ares->type) {
- case LDB_REPLY_ENTRY:
- res->msgs = talloc_realloc(res, res->msgs,
- struct ldb_message *,
- res->count + 2);
- if (!res->msgs) {
- request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- res->msgs[res->count + 1] = NULL;
-
- res->msgs[res->count] = talloc_steal(res->msgs, ares->message);
- res->count++;
- break;
-
- case LDB_REPLY_REFERRAL:
- if (res->refs) {
- for (n = 0; res->refs[n]; n++) /*noop*/ ;
- } else {
- n = 0;
- }
-
- res->refs = talloc_realloc(res, res->refs, char *, n + 2);
- if (! res->refs) {
- request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- res->refs[n] = talloc_steal(res->refs, ares->referral);
- res->refs[n + 1] = NULL;
- break;
-
- case LDB_REPLY_DONE:
- res->controls = talloc_steal(res, ares->controls);
-
- /* this is the last message, and means the request is done */
- request_done(sctx);
- return LDB_SUCCESS;
- }
-
- talloc_free(ares);
- return LDB_SUCCESS;
-}
-
-static struct nss_ldb_search_ctx *init_src_ctx(TALLOC_CTX *mem_ctx,
- const char *base_dn,
- struct nss_ldb_ctx *ctx,
- nss_ldb_callback_t fn,
- void *ptr)
-{
- struct nss_ldb_search_ctx *sctx;
-
- sctx = talloc(mem_ctx, struct nss_ldb_search_ctx);
- if (!sctx) {
- return NULL;
- }
- sctx->nlctx = ctx;
- sctx->base_dn = base_dn;
- sctx->callback = fn;
- sctx->ptr = ptr;
- sctx->res = talloc_zero(sctx, struct ldb_result);
- if (!sctx->res) {
- talloc_free(sctx);
- return NULL;
- }
-
- return sctx;
-}
-
-/* users */
-
-static int pwd_search(struct nss_ldb_search_ctx *sctx,
- struct nss_ldb_ctx *ctx,
- const char *expression)
-{
- static const char *attrs[] = NSS_PW_ATTRS;
- struct ldb_request *req;
- int ret;
-
- ret = ldb_build_search_req(&req, ctx->ldb, sctx,
- ldb_dn_new(sctx, ctx->ldb, sctx->base_dn),
- LDB_SCOPE_SUBTREE,
- expression, attrs, NULL,
- sctx, get_gen_callback,
- NULL);
- if (ret != LDB_SUCCESS) {
- return nss_ldb_error_to_errno(ret);
- }
-
- ret = ldb_request(ctx->ldb, req);
- if (ret != LDB_SUCCESS) {
- return nss_ldb_error_to_errno(ret);
- }
-
- return EOK;
-}
-
-int nss_ldb_getpwnam(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- const char *name,
- nss_ldb_callback_t fn, void *ptr)
-{
- struct nss_ldb_search_ctx *sctx;
- const char *base_dn;
- char *expression;
-
- if (domain) {
- base_dn = talloc_asprintf(mem_ctx, NSS_TMPL_USER_BASE, domain);
- } else {
- base_dn = NSS_DEF_BASE;
- }
- if (!base_dn) {
- return ENOMEM;
- }
-
- sctx = init_src_ctx(mem_ctx, base_dn, ctx, fn, ptr);
- if (!sctx) {
- return ENOMEM;
- }
-
- expression = talloc_asprintf(sctx, NSS_PWNAM_FILTER, name);
- if (!expression) {
- talloc_free(sctx);
- return ENOMEM;
- }
-
- return pwd_search(sctx, ctx, expression);
-}
-
-int nss_ldb_getpwuid(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- uint64_t uid,
- nss_ldb_callback_t fn, void *ptr)
-{
- struct nss_ldb_search_ctx *sctx;
- unsigned long long int filter_uid = uid;
- const char *base_dn;
- char *expression;
-
- if (domain) {
- base_dn = talloc_asprintf(mem_ctx, NSS_TMPL_USER_BASE, domain);
- } else {
- base_dn = NSS_DEF_BASE;
- }
- if (!base_dn) {
- return ENOMEM;
- }
-
- sctx = init_src_ctx(mem_ctx, base_dn, ctx, fn, ptr);
- if (!sctx) {
- return ENOMEM;
- }
-
- expression = talloc_asprintf(sctx, NSS_PWUID_FILTER, filter_uid);
- if (!expression) {
- talloc_free(sctx);
- return ENOMEM;
- }
-
- return pwd_search(sctx, ctx, expression);
-}
-
-int nss_ldb_enumpwent(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- nss_ldb_callback_t fn, void *ptr)
-{
- struct nss_ldb_search_ctx *sctx;
-
- sctx = init_src_ctx(mem_ctx, NSS_DEF_BASE, ctx, fn, ptr);
- if (!sctx) {
- return ENOMEM;
- }
-
- return pwd_search(sctx, ctx, NSS_PWENT_FILTER);
-}
-
-/* groups */
-
-struct get_mem_ctx {
- struct nss_ldb_search_ctx *ret_sctx;
- struct ldb_message **grps;
- int num_grps;
-};
-
-static void get_members(void *ptr, int status, struct ldb_result *res)
-{
- struct nss_ldb_ctx *ctx;
- struct nss_ldb_search_ctx *sctx;
- struct get_mem_ctx *gmctx;
- struct nss_ldb_search_ctx *mem_sctx;
- struct ldb_request *req;
- struct ldb_message *msg;
- struct ldb_result *ret_res;
- static const char *attrs[] = NSS_GRPW_ATTRS;
- const char *expression;
- int ret, i;
-
- sctx = talloc_get_type(ptr, struct nss_ldb_search_ctx);
- gmctx = talloc_get_type(sctx->ptr, struct get_mem_ctx);
- ctx = sctx->nlctx;
-
- if (status != LDB_SUCCESS) {
- return request_error(gmctx->ret_sctx, status);
- }
-
- ret_res = gmctx->ret_sctx->res;
-
- /* append previous search results to final (if any) */
- if (res && res->count != 0) {
- ret_res->msgs = talloc_realloc(ret_res, ret_res->msgs,
- struct ldb_message *,
- ret_res->count + res->count + 1);
- for(i = 0; i < res->count; i++) {
- ret_res->msgs[ret_res->count] = talloc_steal(ret_res, res->msgs[i]);
- ret_res->count++;
- }
- ret_res->msgs[ret_res->count] = NULL;
- }
-
- if (gmctx->grps[0] == NULL) {
- return request_done(gmctx->ret_sctx);
- }
-
- mem_sctx = init_src_ctx(gmctx, NSS_DEF_BASE, ctx, get_members, sctx);
- if (!mem_sctx) {
- return request_error(gmctx->ret_sctx, LDB_ERR_OPERATIONS_ERROR);
- }
-
- /* fetch next group to search for members */
- gmctx->num_grps--;
- msg = gmctx->grps[gmctx->num_grps];
- gmctx->grps[gmctx->num_grps] = NULL;
-
- /* queue the group entry on the final result structure */
- ret_res->msgs = talloc_realloc(ret_res, ret_res->msgs,
- struct ldb_message *,
- ret_res->count + 2);
- if (!ret_res->msgs) {
- return request_error(gmctx->ret_sctx, LDB_ERR_OPERATIONS_ERROR);
- }
- ret_res->msgs[ret_res->count + 1] = NULL;
- ret_res->msgs[ret_res->count] = talloc_steal(ret_res->msgs, msg);
- ret_res->count++;
-
- /* search for this group members */
- expression = talloc_asprintf(mem_sctx, NSS_GRNA2_FILTER,
- ldb_dn_get_linearized(msg->dn));
- if (!expression) {
- return request_error(gmctx->ret_sctx, LDB_ERR_OPERATIONS_ERROR);
- }
-
- ret = ldb_build_search_req(&req, ctx->ldb, mem_sctx,
- ldb_dn_new(mem_sctx, ctx->ldb, sctx->base_dn),
- LDB_SCOPE_SUBTREE,
- expression, attrs, NULL,
- mem_sctx, get_gen_callback,
- NULL);
- if (ret != LDB_SUCCESS) {
- return request_error(gmctx->ret_sctx, ret);
- }
-
- ret = ldb_request(ctx->ldb, req);
- if (ret != LDB_SUCCESS) {
- return request_error(gmctx->ret_sctx, ret);
- }
-}
-
-static int get_grp_callback(struct ldb_request *req,
- struct ldb_reply *ares)
-{
- struct nss_ldb_search_ctx *sctx;
- struct nss_ldb_ctx *ctx;
- struct ldb_result *res;
- int n;
-
- sctx = talloc_get_type(req->context, struct nss_ldb_search_ctx);
- ctx = sctx->nlctx;
- res = sctx->res;
-
- if (!ares) {
- request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- return LDB_ERR_OPERATIONS_ERROR;
- }
- if (ares->error != LDB_SUCCESS) {
- request_error(sctx, ares->error);
- return ares->error;
- }
-
- switch (ares->type) {
- case LDB_REPLY_ENTRY:
- res->msgs = talloc_realloc(res, res->msgs,
- struct ldb_message *,
- res->count + 2);
- if (!res->msgs) {
- request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- res->msgs[res->count + 1] = NULL;
-
- res->msgs[res->count] = talloc_steal(res->msgs, ares->message);
- res->count++;
- break;
-
- case LDB_REPLY_REFERRAL:
- if (res->refs) {
- for (n = 0; res->refs[n]; n++) /*noop*/ ;
- } else {
- n = 0;
- }
-
- res->refs = talloc_realloc(res, res->refs, char *, n + 2);
- if (! res->refs) {
- request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- res->refs[n] = talloc_steal(res->refs, ares->referral);
- res->refs[n + 1] = NULL;
- break;
-
- case LDB_REPLY_DONE:
- res->controls = talloc_steal(res, ares->controls);
-
- /* no results, return */
- if (res->count == 0) {
- request_done(sctx);
- return LDB_SUCCESS;
- }
- if (res->count > 0) {
- struct get_mem_ctx *gmctx;
-
- gmctx = talloc_zero(req, struct get_mem_ctx);
- if (!gmctx) {
- request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- return LDB_ERR_OPERATIONS_ERROR;
- }
- gmctx->ret_sctx = sctx;
- gmctx->grps = talloc_steal(gmctx, res->msgs);
- gmctx->num_grps = res->count;
- res->msgs = NULL;
- res->count = 0;
-
- /* re-use sctx to create a fake handler for the first call to
- * get_members() */
- sctx = init_src_ctx(gmctx, NSS_DEF_BASE, ctx, get_members, gmctx);
-
- get_members(sctx, LDB_SUCCESS, NULL);
- return LDB_SUCCESS;
- }
-
- /* anything else is an error */
- request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- talloc_free(ares);
- return LDB_SUCCESS;
-}
-
-static int grp_search(struct nss_ldb_search_ctx *sctx,
- struct nss_ldb_ctx *ctx,
- const char *expression)
-{
- static const char *attrs[] = NSS_GRNAM_ATTRS;
- struct ldb_request *req;
- int ret;
-
- ret = ldb_build_search_req(&req, ctx->ldb, sctx,
- ldb_dn_new(sctx, ctx->ldb, sctx->base_dn),
- LDB_SCOPE_SUBTREE,
- expression, attrs, NULL,
- sctx, get_grp_callback,
- NULL);
- if (ret != LDB_SUCCESS) {
- return nss_ldb_error_to_errno(ret);
- }
-
- ret = ldb_request(ctx->ldb, req);
- if (ret != LDB_SUCCESS) {
- return nss_ldb_error_to_errno(ret);
- }
-
- return EOK;
-}
-
-int nss_ldb_getgrnam(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- const char *name,
- nss_ldb_callback_t fn, void *ptr)
-{
- struct nss_ldb_search_ctx *sctx;
- const char *base_dn;
- char *expression;
-
- if (domain) {
- base_dn = talloc_asprintf(mem_ctx, NSS_TMPL_GROUP_BASE, domain);
- } else {
- base_dn = NSS_DEF_BASE;
- }
- if (!base_dn) {
- return ENOMEM;
- }
-
- sctx = init_src_ctx(mem_ctx, base_dn, ctx, fn, ptr);
- if (!sctx) {
- return ENOMEM;
- }
-
- expression = talloc_asprintf(sctx, NSS_GRNAM_FILTER, name);
- if (!expression) {
- talloc_free(sctx);
- return ENOMEM;
- }
-
- return grp_search(sctx, ctx, expression);
-}
-
-int nss_ldb_getgrgid(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- uint64_t gid,
- nss_ldb_callback_t fn, void *ptr)
-{
- struct nss_ldb_search_ctx *sctx;
- unsigned long long int filter_gid = gid;
- const char *base_dn;
- char *expression;
-
- if (domain) {
- base_dn = talloc_asprintf(mem_ctx, NSS_TMPL_GROUP_BASE, domain);
- } else {
- base_dn = NSS_DEF_BASE;
- }
- if (!base_dn) {
- return ENOMEM;
- }
-
- sctx = init_src_ctx(mem_ctx, base_dn, ctx, fn, ptr);
- if (!sctx) {
- return ENOMEM;
- }
-
- expression = talloc_asprintf(sctx, NSS_GRGID_FILTER, filter_gid);
- if (!expression) {
- talloc_free(sctx);
- return ENOMEM;
- }
-
- return grp_search(sctx, ctx, expression);
-}
-
-int nss_ldb_enumgrent(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- nss_ldb_callback_t fn, void *ptr)
-{
- struct nss_ldb_search_ctx *sctx;
-
- sctx = init_src_ctx(mem_ctx, NSS_DEF_BASE, ctx, fn, ptr);
- if (!sctx) {
- return ENOMEM;
- }
-
- return grp_search(sctx, ctx, NSS_GRENT_FILTER);
-}
-
-static void nss_ldb_initgr_search(void *ptr, int status,
- struct ldb_result *res)
-{
- struct nss_ldb_ctx *ctx;
- struct nss_ldb_search_ctx *sctx;
- char *expression;
- struct ldb_request *req;
- struct ldb_control **ctrl;
- struct ldb_asq_control *control;
- static const char *attrs[] = NSS_INITGR_ATTRS;
- int ret;
-
- sctx = talloc_get_type(ptr, struct nss_ldb_search_ctx);
- ctx = sctx->nlctx;
-
- if (res->count == 0) {
- return request_done(sctx);
- }
- if (res->count > 1) {
- return request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- }
-
- expression = talloc_asprintf(sctx, NSS_INITGR_FILTER);
- if (!expression) {
- return request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- }
-
- ctrl = talloc_array(sctx, struct ldb_control *, 2);
- if (!ctrl) {
- return request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- }
- ctrl[1] = NULL;
- ctrl[0] = talloc(ctrl, struct ldb_control);
- if (!ctrl[0]) {
- return request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- }
- ctrl[0]->oid = LDB_CONTROL_ASQ_OID;
- ctrl[0]->critical = 1;
- control = talloc(ctrl[0], struct ldb_asq_control);
- if (!control) {
- return request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- }
- control->request = 1;
- control->source_attribute = talloc_strdup(control, NSS_INITGR_ATTR);
- if (!control->source_attribute) {
- return request_error(sctx, LDB_ERR_OPERATIONS_ERROR);
- }
- control->src_attr_len = strlen(control->source_attribute);
- ctrl[0]->data = control;
-
- ret = ldb_build_search_req(&req, ctx->ldb, sctx,
- res->msgs[0]->dn,
- LDB_SCOPE_BASE,
- expression, attrs, ctrl,
- sctx, get_gen_callback,
- NULL);
- if (ret != LDB_SUCCESS) {
- return request_error(sctx, ret);
- }
-
- ret = ldb_request(ctx->ldb, req);
- if (ret != LDB_SUCCESS) {
- return request_error(sctx, ret);
- }
-}
-
-int nss_ldb_initgroups(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- const char *name,
- nss_ldb_callback_t fn, void *ptr)
-{
- static const char *attrs[] = NSS_PW_ATTRS;
- struct nss_ldb_search_ctx *ret_sctx;
- struct nss_ldb_search_ctx *sctx;
- const char *base_dn;
- char *expression;
- struct ldb_request *req;
- int ret;
-
- if (domain) {
- base_dn = talloc_asprintf(mem_ctx, NSS_TMPL_USER_BASE, domain);
- } else {
- base_dn = NSS_DEF_BASE;
- }
- if (!base_dn) {
- return ENOMEM;
- }
-
- ret_sctx = init_src_ctx(mem_ctx, NSS_DEF_BASE, ctx, fn, ptr);
- if (!ret_sctx) {
- return ENOMEM;
- }
- sctx = init_src_ctx(ret_sctx, base_dn, ctx, nss_ldb_initgr_search, ret_sctx);
- if (!sctx) {
- talloc_free(sctx);
- return ENOMEM;
- }
-
- expression = talloc_asprintf(sctx, NSS_PWNAM_FILTER, name);
- if (!expression) {
- talloc_free(sctx);
- return ENOMEM;
- }
-
- ret = ldb_build_search_req(&req, ctx->ldb, sctx,
- ldb_dn_new(sctx, ctx->ldb, sctx->base_dn),
- LDB_SCOPE_SUBTREE,
- expression, attrs, NULL,
- sctx, get_gen_callback,
- NULL);
- if (ret != LDB_SUCCESS) {
- return nss_ldb_error_to_errno(ret);
- }
-
- ret = ldb_request(ctx->ldb, req);
- if (ret != LDB_SUCCESS) {
- return nss_ldb_error_to_errno(ret);
- }
-
- return LDB_SUCCESS;
-}
-
-static int nss_ldb_read_var(TALLOC_CTX *tmp_ctx,
- struct confdb_ctx *cdb,
- struct nss_ldb_ctx *ctx,
- const char *name,
- const char *def_value,
- const char **target)
-{
- int ret;
- char *t;
- char **values;
-
- ret = confdb_get_param(cdb, tmp_ctx,
- NSS_LDB_CONF_SECTION,
- name, &values);
- if (ret != EOK)
- return ret;
-
- if (values[0])
- t = talloc_steal(ctx, values[0]);
- else
- t = talloc_strdup(ctx, def_value);
-
- *target = t;
- return EOK;
-}
-
-static int nss_ldb_read_conf(TALLOC_CTX *mem_ctx,
- struct confdb_ctx *cdb,
- struct nss_ldb_ctx **nlctx)
-{
- struct nss_ldb_ctx *ctx;
- TALLOC_CTX *tmp_ctx;
- char *default_ldb_path;
- int ret;
-
- tmp_ctx = talloc_new(mem_ctx);
- if (!tmp_ctx)
- return ENOMEM;
-
- ctx = talloc(mem_ctx, struct nss_ldb_ctx);
- if (!ctx) {
- ret = ENOMEM;
- goto done;
- }
-
- default_ldb_path = talloc_asprintf(tmp_ctx, "%s/%s", DB_PATH, NSS_DEF_LDB_FILE);
- if (default_ldb_path == NULL) {
- ret = ENOMEM;
- goto done;
- }
-
- nss_ldb_read_var(tmp_ctx, cdb, ctx, "ldbFile",
- default_ldb_path, &ctx->ldb_file);
- DEBUG(3, ("NSS LDB Cache Path: %s\n", ctx->ldb_file));
-
- *nlctx = ctx;
- ret = EOK;
-
-done:
- talloc_free(tmp_ctx);
- return ret;
-}
-
-int nss_ldb_init(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct confdb_ctx *cdb,
- struct nss_ldb_ctx **nlctx)
-{
- struct nss_ldb_ctx *ctx;
- int ret;
-
- ret = nss_ldb_read_conf(mem_ctx, cdb, &ctx);
- if (ret != EOK)
- return ret;
-
- ctx->ldb = ldb_init(mem_ctx, ev);
- if (!ctx->ldb) {
- talloc_free(ctx);
- return EIO;
- }
-
- ret = ldb_connect(ctx->ldb, ctx->ldb_file, 0, NULL);
- if (ret != LDB_SUCCESS) {
- talloc_free(ctx);
- return EIO;
- }
-
- *nlctx = ctx;
-
- return EOK;
-}
diff --git a/server/nss/nsssrv_ldb.h b/server/nss/nsssrv_ldb.h
deleted file mode 100644
index 66c9687d..00000000
--- a/server/nss/nsssrv_ldb.h
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- SSSD
-
- NSS LDB Header
-
- Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-
-#include "nss/nss_ldb.h"
-
-struct nss_ldb_ctx {
- struct ldb_context *ldb;
- const char *ldb_file;
-};
-
-struct confdb_ctx;
-
-typedef void (*nss_ldb_callback_t)(void *, int, struct ldb_result *);
-
-int nss_ldb_init(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct confdb_ctx *cdb,
- struct nss_ldb_ctx **nlctx);
-
-int nss_ldb_getpwnam(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- const char *name,
- nss_ldb_callback_t fn, void *ptr);
-
-int nss_ldb_getpwuid(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- uint64_t uid,
- nss_ldb_callback_t fn, void *ptr);
-
-int nss_ldb_enumpwent(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- nss_ldb_callback_t fn, void *ptr);
-
-int nss_ldb_getgrnam(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- const char *name,
- nss_ldb_callback_t fn, void *ptr);
-
-int nss_ldb_getgrgid(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- uint64_t gid,
- nss_ldb_callback_t fn, void *ptr);
-
-int nss_ldb_enumgrent(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- nss_ldb_callback_t fn, void *ptr);
-
-int nss_ldb_initgroups(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
- struct nss_ldb_ctx *ctx,
- const char *domain,
- const char *name,
- nss_ldb_callback_t fn, void *ptr);
-