diff options
Diffstat (limited to 'server/providers/ldap')
-rw-r--r-- | server/providers/ldap/ldap_auth.c | 71 | ||||
-rw-r--r-- | server/providers/ldap/ldap_common.c | 6 | ||||
-rw-r--r-- | server/providers/ldap/ldap_common.h | 37 | ||||
-rw-r--r-- | server/providers/ldap/ldap_id.c | 91 | ||||
-rw-r--r-- | server/providers/ldap/ldap_init.c | 142 |
5 files changed, 202 insertions, 145 deletions
diff --git a/server/providers/ldap/ldap_auth.c b/server/providers/ldap/ldap_auth.c index a35c43ae..31f9c43e 100644 --- a/server/providers/ldap/ldap_auth.c +++ b/server/providers/ldap/ldap_auth.c @@ -40,7 +40,6 @@ #include "util/util.h" #include "db/sysdb.h" -#include "providers/dp_backend.h" #include "providers/ldap/ldap_common.h" #include "providers/ldap/sdap_async.h" @@ -51,11 +50,6 @@ enum pwexpire { PWEXPIRE_SHADOW }; -struct sdap_auth_ctx { - struct be_ctx *be; - struct sdap_options *opts; -}; - static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now, enum sdap_result *result) { @@ -581,7 +575,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req); static void sdap_pam_chpass_done(struct tevent_req *req); static void sdap_pam_auth_reply(struct be_req *breq, int dp_err, int result); -static void sdap_pam_chpass_send(struct be_req *breq) +void sdap_pam_chpass_handler(struct be_req *breq) { struct sdap_pam_chpass_state *state; struct sdap_auth_ctx *ctx; @@ -771,8 +765,7 @@ struct sdap_pam_auth_state { static void sdap_pam_auth_done(struct tevent_req *req); static void sdap_password_cache_done(struct tevent_req *req); -/* FIXME: convert caller to tevent_req too ?*/ -static void sdap_pam_auth_send(struct be_req *breq) +void sdap_pam_auth_handler(struct be_req *breq) { struct sdap_pam_auth_state *state; struct sdap_auth_ctx *ctx; @@ -956,63 +949,3 @@ static void sdap_pam_auth_reply(struct be_req *req, int dp_err, int result) req->fn(req, dp_err, result, NULL); } -/* ==Module-Initialization-and-Dispose==================================== */ - -static void sdap_shutdown(struct be_req *req) -{ - /* TODO: Clean up any internal data */ - req->fn(req, DP_ERR_OK, EOK, NULL); -} - -struct bet_ops sdap_auth_ops = { - .handler = sdap_pam_auth_send, - .finalize = sdap_shutdown -}; - -struct bet_ops sdap_chpass_ops = { - .handler = sdap_pam_chpass_send, - .finalize = sdap_shutdown -}; - -int sssm_ldap_auth_init(struct be_ctx *bectx, - struct bet_ops **ops, - void **pvt_data) -{ - struct sdap_auth_ctx *ctx; - int ret; - - ctx = talloc(bectx, struct sdap_auth_ctx); - if (!ctx) return ENOMEM; - - ctx->be = bectx; - - ret = ldap_get_options(ctx, bectx->cdb, bectx->conf_path, - &ctx->opts); - if (ret != EOK) goto done; - - ret = setup_tls_config(ctx->opts->basic); - if (ret != EOK) { - DEBUG(1, ("setup_tls_config failed [%d][%s].\n", ret, strerror(ret))); - goto done; - } - - *ops = &sdap_auth_ops; - *pvt_data = ctx; - ret = EOK; - -done: - if (ret != EOK) { - talloc_free(ctx); - } - return ret; -} - -int sssm_ldap_chpass_init(struct be_ctx *bectx, - struct bet_ops **ops, - void **pvt_data) -{ - int ret; - ret = sssm_ldap_auth_init(bectx, ops, pvt_data); - *ops = &sdap_chpass_ops; - return ret; -} diff --git a/server/providers/ldap/ldap_common.c b/server/providers/ldap/ldap_common.c index bb68ffb6..b03e58fc 100644 --- a/server/providers/ldap/ldap_common.c +++ b/server/providers/ldap/ldap_common.c @@ -194,3 +194,9 @@ done: return ret; } +void sdap_handler_done(struct be_req *req, int dp_err, + int error, const char *errstr) +{ + return req->fn(req, dp_err, error, errstr); +} + diff --git a/server/providers/ldap/ldap_common.h b/server/providers/ldap/ldap_common.h index 9cf4ddeb..a6e77e90 100644 --- a/server/providers/ldap/ldap_common.h +++ b/server/providers/ldap/ldap_common.h @@ -22,8 +22,45 @@ #ifndef _LDAP_COMMON_H_ #define _LDAP_COMMON_H_ +#include "providers/dp_backend.h" #include "providers/ldap/sdap.h" +struct sdap_id_ctx { + struct be_ctx *be; + + struct sdap_options *opts; + + /* global sdap handler */ + struct sdap_handle *gsh; + + /* enumeration loop timer */ + struct timeval last_run; + + char *max_user_timestamp; + char *max_group_timestamp; +}; + +struct sdap_auth_ctx { + struct be_ctx *be; + struct sdap_options *opts; +}; + +/* id */ +void sdap_account_info_handler(struct be_req *breq); +int sdap_id_setup_tasks(struct sdap_id_ctx *ctx); + +/* auth */ +void sdap_pam_auth_handler(struct be_req *breq); + +/* chpass */ +void sdap_pam_chpass_handler(struct be_req *breq); + + + +void sdap_handler_done(struct be_req *req, int dp_err, + int error, const char *errstr); + +/* options parser */ int ldap_get_options(TALLOC_CTX *memctx, struct confdb_ctx *cdb, const char *conf_path, diff --git a/server/providers/ldap/ldap_id.c b/server/providers/ldap/ldap_id.c index 3663f201..04aaa083 100644 --- a/server/providers/ldap/ldap_id.c +++ b/server/providers/ldap/ldap_id.c @@ -32,27 +32,6 @@ #include "providers/ldap/ldap_common.h" #include "providers/ldap/sdap_async.h" -struct sdap_id_ctx { - struct be_ctx *be; - - struct sdap_options *opts; - - /* global sdap handler */ - struct sdap_handle *gsh; - - /* enumeration loop timer */ - struct timeval last_run; - - char *max_user_timestamp; - char *max_group_timestamp; -}; - -static void sdap_req_done(struct be_req *req, int dp_err, - int error, const char *errstr) -{ - return req->fn(req, dp_err, error, errstr); -} - static int build_attrs_from_map(TALLOC_CTX *memctx, struct sdap_id_map *map, size_t size, @@ -257,7 +236,7 @@ static void users_get_done(struct tevent_req *req) } } - sdap_req_done(breq, dp_err, ret, error); + sdap_handler_done(breq, dp_err, ret, error); } /* =Groups-Related-Functions-(by-name,by-uid)============================= */ @@ -422,7 +401,7 @@ static void groups_get_done(struct tevent_req *req) } } - return sdap_req_done(breq, dp_err, ret, error); + return sdap_handler_done(breq, dp_err, ret, error); } /* =Get-Groups-for-User================================================== */ @@ -562,7 +541,7 @@ static void groups_by_user_done(struct tevent_req *req) } } - return sdap_req_done(breq, dp_err, ret, error); + return sdap_handler_done(breq, dp_err, ret, error); } @@ -570,8 +549,8 @@ static void groups_by_user_done(struct tevent_req *req) /* =Get-Account-Info-Call================================================= */ /* FIXME: embed this function in sssd_be and only call out - * specific functions from modules */ -static void sdap_get_account_info(struct be_req *breq) + * specific functions from modules ? */ +void sdap_account_info_handler(struct be_req *breq) { struct sdap_id_ctx *ctx; struct be_acct_req *ar; @@ -582,7 +561,7 @@ static void sdap_get_account_info(struct be_req *breq) ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx); if (be_is_offline(ctx->be)) { - return sdap_req_done(breq, DP_ERR_OFFLINE, EAGAIN, "Offline"); + return sdap_handler_done(breq, DP_ERR_OFFLINE, EAGAIN, "Offline"); } ar = talloc_get_type(breq->req_data, struct be_acct_req); @@ -592,7 +571,7 @@ static void sdap_get_account_info(struct be_req *breq) /* skip enumerations on demand */ if (strcmp(ar->filter_value, "*") == 0) { - return sdap_req_done(breq, DP_ERR_OK, EOK, "Success"); + return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success"); } req = users_get_send(breq, breq->be_ctx->ev, ctx, @@ -600,7 +579,7 @@ static void sdap_get_account_info(struct be_req *breq) ar->filter_type, ar->attr_type); if (!req) { - return sdap_req_done(breq, DP_ERR_FATAL, ENOMEM, "Out of memory"); + return sdap_handler_done(breq, DP_ERR_FATAL, ENOMEM, "Out of memory"); } tevent_req_set_callback(req, users_get_done, breq); @@ -610,7 +589,7 @@ static void sdap_get_account_info(struct be_req *breq) case BE_REQ_GROUP: /* group */ if (strcmp(ar->filter_value, "*") == 0) { - return sdap_req_done(breq, DP_ERR_OK, EOK, "Success"); + return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success"); } /* skip enumerations on demand */ @@ -619,7 +598,7 @@ static void sdap_get_account_info(struct be_req *breq) ar->filter_type, ar->attr_type); if (!req) { - return sdap_req_done(breq, DP_ERR_FATAL, ENOMEM, "Out of memory"); + return sdap_handler_done(breq, DP_ERR_FATAL, ENOMEM, "Out of memory"); } tevent_req_set_callback(req, groups_get_done, breq); @@ -656,7 +635,7 @@ static void sdap_get_account_info(struct be_req *breq) err = "Invalid request type"; } - if (ret != EOK) return sdap_req_done(breq, DP_ERR_FATAL, ret, err); + if (ret != EOK) return sdap_handler_done(breq, DP_ERR_FATAL, ret, err); } @@ -1151,63 +1130,23 @@ static void enum_groups_op_done(struct tevent_req *subreq) tevent_req_done(req); } - - -/* ==Initialization-Functions============================================= */ - -static void sdap_shutdown(struct be_req *req) -{ - /* TODO: Clean up any internal data */ - sdap_req_done(req, DP_ERR_OK, EOK, NULL); -} - -struct bet_ops sdap_id_ops = { - .handler = sdap_get_account_info, - .finalize = sdap_shutdown -}; - -int sssm_ldap_init(struct be_ctx *bectx, - struct bet_ops **ops, - void **pvt_data) +int sdap_id_setup_tasks(struct sdap_id_ctx *ctx) { struct tevent_timer *enum_task; - struct sdap_id_ctx *ctx; - int ret; - - ctx = talloc_zero(bectx, struct sdap_id_ctx); - if (!ctx) return ENOMEM; - - ctx->be = bectx; - - ret = ldap_get_options(ctx, bectx->cdb, bectx->conf_path, &ctx->opts); - if (ret != EOK) goto done; - - ret = setup_tls_config(ctx->opts->basic); - if (ret != EOK) { - DEBUG(1, ("setup_tls_config failed [%d][%s].\n", ret, strerror(ret))); - goto done; - } + int ret = EOK; /* set up enumeration task */ if (ctx->be->domain->enumerate) { /* run the first immediately */ ctx->last_run = tevent_timeval_current(); enum_task = tevent_add_timer(ctx->be->ev, ctx, ctx->last_run, - ldap_id_enumerate, ctx); + ldap_id_enumerate, ctx); if (!enum_task) { DEBUG(0, ("FATAL: failed to setup enumeration task!\n")); ret = EFAULT; - goto done; } } - *ops = &sdap_id_ops; - *pvt_data = ctx; - ret = EOK; - -done: - if (ret != EOK) { - talloc_free(ctx); - } return ret; } + diff --git a/server/providers/ldap/ldap_init.c b/server/providers/ldap/ldap_init.c new file mode 100644 index 00000000..295ff19d --- /dev/null +++ b/server/providers/ldap/ldap_init.c @@ -0,0 +1,142 @@ +/* + SSSD + + LDAP Provider Initialization functions + + Authors: + Simo Sorce <ssorce@redhat.com> + + Copyright (C) 2009 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "providers/ldap/ldap_common.h" + +static void sdap_shutdown(struct be_req *req); + +/* Id Handler */ +struct bet_ops sdap_id_ops = { + .handler = sdap_account_info_handler, + .finalize = sdap_shutdown +}; + +/* Auth Handler */ +struct bet_ops sdap_auth_ops = { + .handler = sdap_pam_auth_handler, + .finalize = sdap_shutdown +}; + +/* Chpass Handler */ +struct bet_ops sdap_chpass_ops = { + .handler = sdap_pam_chpass_handler, + .finalize = sdap_shutdown +}; + +int sssm_ldap_init(struct be_ctx *bectx, + struct bet_ops **ops, + void **pvt_data) +{ + struct sdap_id_ctx *ctx; + int ret; + + ctx = talloc_zero(bectx, struct sdap_id_ctx); + if (!ctx) return ENOMEM; + + ctx->be = bectx; + + ret = ldap_get_options(ctx, bectx->cdb, + bectx->conf_path, &ctx->opts); + if (ret != EOK) { + goto done; + } + + ret = setup_tls_config(ctx->opts->basic); + if (ret != EOK) { + DEBUG(1, ("setup_tls_config failed [%d][%s].\n", + ret, strerror(ret))); + goto done; + } + + ret = sdap_id_setup_tasks(ctx); + if (ret != EOK) { + goto done; + } + + *ops = &sdap_id_ops; + *pvt_data = ctx; + ret = EOK; + +done: + if (ret != EOK) { + talloc_free(ctx); + } + return ret; +} + +int sssm_ldap_auth_init(struct be_ctx *bectx, + struct bet_ops **ops, + void **pvt_data) +{ + struct sdap_auth_ctx *ctx; + int ret; + + ctx = talloc(bectx, struct sdap_auth_ctx); + if (!ctx) return ENOMEM; + + ctx->be = bectx; + + ret = ldap_get_options(ctx, bectx->cdb, + bectx->conf_path, &ctx->opts); + if (ret != EOK) { + goto done; + } + + ret = setup_tls_config(ctx->opts->basic); + if (ret != EOK) { + DEBUG(1, ("setup_tls_config failed [%d][%s].\n", + ret, strerror(ret))); + goto done; + } + + *ops = &sdap_auth_ops; + *pvt_data = ctx; + ret = EOK; + +done: + if (ret != EOK) { + talloc_free(ctx); + } + return ret; +} + +int sssm_ldap_chpass_init(struct be_ctx *bectx, + struct bet_ops **ops, + void **pvt_data) +{ + int ret; + + ret = sssm_ldap_auth_init(bectx, ops, pvt_data); + + *ops = &sdap_chpass_ops; + + return ret; +} + +static void sdap_shutdown(struct be_req *req) +{ + /* TODO: Clean up any internal data */ + sdap_handler_done(req, DP_ERR_OK, EOK, NULL); +} + |