diff options
Diffstat (limited to 'server/providers')
-rw-r--r-- | server/providers/data_provider.c | 25 | ||||
-rw-r--r-- | server/providers/data_provider.h | 3 | ||||
-rw-r--r-- | server/providers/data_provider_be.c | 22 | ||||
-rw-r--r-- | server/providers/dp_sbus.c | 20 | ||||
-rw-r--r-- | server/providers/krb5/krb5_auth.c | 17 | ||||
-rw-r--r-- | server/providers/ldap/sdap.c | 116 | ||||
-rw-r--r-- | server/providers/proxy.c | 5 |
7 files changed, 88 insertions, 120 deletions
diff --git a/server/providers/data_provider.c b/server/providers/data_provider.c index f8efcc8d..f727c555 100644 --- a/server/providers/data_provider.c +++ b/server/providers/data_provider.c @@ -41,8 +41,6 @@ #include "dp_interfaces.h" #include "monitor/monitor_interfaces.h" -#define DP_CONF_ENTRY "config/services/dp" - struct dp_backend; struct dp_frontend; @@ -149,7 +147,7 @@ static int dp_monitor_init(struct dp_ctx *dpctx) int ret; /* Set up SBUS connection to the monitor */ - ret = monitor_get_sbus_address(dpctx, dpctx->cdb, &sbus_address); + ret = monitor_get_sbus_address(dpctx, &sbus_address); if (ret != EOK) { DEBUG(0, ("Could not locate monitor address.\n")); return ret; @@ -927,31 +925,14 @@ static int dp_frontend_destructor(void *ctx) static int dp_srv_init(struct dp_ctx *dpctx) { char *dpbus_address; - char *default_dp_address; int ret; DEBUG(3, ("Initializing Data Provider D-BUS Server\n")); - default_dp_address = talloc_asprintf(dpctx, "unix:path=%s/%s", - PIPE_PATH, DATA_PROVIDER_PIPE); - if (default_dp_address == NULL) { - ret = ENOMEM; - goto done; - } - - ret = confdb_get_string(dpctx->cdb, dpctx, - DP_CONF_ENTRY, "dpbusAddress", - default_dp_address, &dpbus_address); - if (ret != EOK) goto done; + ret = dp_get_sbus_address(dpctx, &dpbus_address); ret = sbus_new_server(dpctx, dpctx->ev, dpbus_address, &dp_interface, &dpctx->sbus_srv, dp_client_init, dpctx); - if (ret != EOK) { - goto done; - } - -done: - talloc_free(default_dp_address); return ret; } @@ -1012,7 +993,7 @@ int main(int argc, const char *argv[]) poptFreeContext(pc); /* set up things like debug , signals, daemonization, etc... */ - ret = server_setup("sssd[dp]", 0, DP_CONF_ENTRY, &main_ctx); + ret = server_setup("sssd[dp]", 0, CONFDB_DP_CONF_ENTRY, &main_ctx); if (ret != EOK) return 2; ret = die_if_parent_died(); diff --git a/server/providers/data_provider.h b/server/providers/data_provider.h index 790194ce..779da0f3 100644 --- a/server/providers/data_provider.h +++ b/server/providers/data_provider.h @@ -143,8 +143,7 @@ int dp_common_send_id(struct sbus_connection *conn, const char *name, const char *domain); /* from dp_sbus.c */ -int dp_get_sbus_address(TALLOC_CTX *mem_ctx, struct confdb_ctx *confdb, - char **address); +int dp_get_sbus_address(TALLOC_CTX *mem_ctx, char **address); #endif /* __DATA_PROVIDER_ */ diff --git a/server/providers/data_provider_be.c b/server/providers/data_provider_be.c index 85281d4c..62ce7bbe 100644 --- a/server/providers/data_provider_be.c +++ b/server/providers/data_provider_be.c @@ -44,8 +44,6 @@ #include "providers/dp_backend.h" #include "monitor/monitor_interfaces.h" -#define BE_CONF_ENTRY "config/domains/%s" - struct sbus_method monitor_be_methods[] = { { MON_CLI_METHOD_PING, monitor_common_pong }, { MON_CLI_METHOD_RES_INIT, monitor_common_res_init }, @@ -81,10 +79,10 @@ struct sbus_interface be_interface = { static struct bet_data bet_data[] = { {BET_NULL, NULL, NULL}, - {BET_ID, "provider", "sssm_%s_init"}, - {BET_AUTH, "auth-module", "sssm_%s_auth_init"}, - {BET_ACCESS, "access-module", "sssm_%s_access_init"}, - {BET_CHPASS, "chpass-module", "sssm_%s_chpass_init"}, + {BET_ID, CONFDB_DOMAIN_ID_PROVIDER, "sssm_%s_init"}, + {BET_AUTH, CONFDB_DOMAIN_AUTH_PROVIDER, "sssm_%s_auth_init"}, + {BET_ACCESS, CONFDB_DOMAIN_ACCESS_PROVIDER, "sssm_%s_access_init"}, + {BET_CHPASS, CONFDB_DOMAIN_CHPASS_PROVIDER, "sssm_%s_chpass_init"}, {BET_MAX, NULL, NULL} }; @@ -514,7 +512,7 @@ static int mon_cli_init(struct be_ctx *ctx) int ret; /* Set up SBUS connection to the monitor */ - ret = monitor_get_sbus_address(ctx, ctx->cdb, &sbus_address); + ret = monitor_get_sbus_address(ctx, &sbus_address); if (ret != EOK) { DEBUG(0, ("Could not locate monitor address.\n")); return ret; @@ -550,7 +548,7 @@ static int be_cli_init(struct be_ctx *ctx) char *sbus_address; /* Set up SBUS connection to the monitor */ - ret = dp_get_sbus_address(ctx, ctx->cdb, &sbus_address); + ret = dp_get_sbus_address(ctx, &sbus_address); if (ret != EOK) { DEBUG(0, ("Could not locate monitor address.\n")); return ret; @@ -574,8 +572,8 @@ static int be_cli_init(struct be_ctx *ctx) } /* Enable automatic reconnection to the Data Provider */ - ret = confdb_get_int(ctx->cdb, ctx, SERVICE_CONF_ENTRY, - "reconnection_retries", 3, &max_retries); + ret = confdb_get_int(ctx->cdb, ctx, CONFDB_DP_CONF_ENTRY, + CONFDB_SERVICE_RECON_RETRIES, 3, &max_retries); if (ret != EOK) { DEBUG(0, ("Failed to set up automatic reconnection\n")); return ret; @@ -833,7 +831,7 @@ int be_process_init(TALLOC_CTX *mem_ctx, ctx->ev = ev; ctx->cdb = cdb; ctx->identity = talloc_asprintf(ctx, "%%BE_%s", be_domain); - ctx->conf_path = talloc_asprintf(ctx, "config/domains/%s", be_domain); + ctx->conf_path = talloc_asprintf(ctx, CONFDB_DOMAIN_PATH_TMPL, be_domain); if (!ctx->identity || !ctx->conf_path) { DEBUG(0, ("Out of memory!?\n")); return ENOMEM; @@ -953,7 +951,7 @@ int main(int argc, const char *argv[]) srv_name = talloc_asprintf(NULL, "sssd[be[%s]]", be_domain); if (!srv_name) return 2; - conf_entry = talloc_asprintf(NULL, BE_CONF_ENTRY, be_domain); + conf_entry = talloc_asprintf(NULL, CONFDB_DOMAIN_PATH_TMPL, be_domain); if (!conf_entry) return 2; ret = server_setup(srv_name, 0, conf_entry, &main_ctx); diff --git a/server/providers/dp_sbus.c b/server/providers/dp_sbus.c index c5ccdc9a..c5c9a001 100644 --- a/server/providers/dp_sbus.c +++ b/server/providers/dp_sbus.c @@ -27,9 +27,8 @@ #include "providers/data_provider.h" #include "providers/dp_interfaces.h" -int dp_get_sbus_address(TALLOC_CTX *mem_ctx, struct confdb_ctx *confdb, char **address) +int dp_get_sbus_address(TALLOC_CTX *mem_ctx, char **address) { - int ret; char *default_address; *address = NULL; @@ -39,20 +38,7 @@ int dp_get_sbus_address(TALLOC_CTX *mem_ctx, struct confdb_ctx *confdb, char **a return ENOMEM; } - if (confdb == NULL) { - /* If the confdb isn't specified, fall to the default */ - *address = default_address; - talloc_steal(mem_ctx, default_address); - ret = EOK; - goto done; - } - - ret = confdb_get_string(confdb, mem_ctx, - "config/services/dp", "sbusAddress", - default_address, address); - -done: - talloc_free(default_address); - return ret; + *address = default_address; + return EOK; } diff --git a/server/providers/krb5/krb5_auth.c b/server/providers/krb5/krb5_auth.c index 631f7086..7510c066 100644 --- a/server/providers/krb5/krb5_auth.c +++ b/server/providers/krb5/krb5_auth.c @@ -867,7 +867,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, ctx->action = INIT_PW; ret = confdb_get_string(bectx->cdb, ctx, bectx->conf_path, - "krb5KDCIP", NULL, &value); + CONFDB_KRB5_KDCIP, NULL, &value); if (ret != EOK) goto fail; if (value == NULL) { DEBUG(2, ("Missing krb5KDCIP, authentication might fail.\n")); @@ -881,7 +881,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, ctx->kdcip = value; ret = confdb_get_string(bectx->cdb, ctx, bectx->conf_path, - "krb5REALM", NULL, &value); + CONFDB_KRB5_REALM, NULL, &value); if (ret != EOK) goto fail; if (value == NULL) { DEBUG(4, ("Missing krb5REALM authentication might fail.\n")); @@ -895,7 +895,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, ctx->realm = value; ret = confdb_get_string(bectx->cdb, ctx, bectx->conf_path, - "krb5ccache_dir", "/tmp", &value); + CONFDB_KRB5_CCACHEDIR, "/tmp", &value); if (ret != EOK) goto fail; ret = lstat(value, &stat_buf); if (ret != EOK) { @@ -910,7 +910,8 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, ctx->ccache_dir = value; ret = confdb_get_string(bectx->cdb, ctx, bectx->conf_path, - "krb5ccname_template", "FILE:%d/krb5cc_%U_XXXXXX", + CONFDB_KRB5_CCNAME_TMPL, + "FILE:%d/krb5cc_%U_XXXXXX", &value); if (ret != EOK) goto fail; if (value[0] != '/' && strncmp(value, "FILE:", 5) != 0) { @@ -921,12 +922,14 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, ctx->ccname_template = value; ret = confdb_get_bool(bectx->cdb, ctx, bectx->conf_path, - "krb5try_simple_upn", false, &bool_value); + CONFDB_KRB5_TRY_SIMPLE_UPN, false, + &bool_value); if (ret != EOK) goto fail; ctx->try_simple_upn = bool_value; ret = confdb_get_string(bectx->cdb, ctx, bectx->conf_path, - "krb5changepw_principle", "kadmin/changepw", + CONFDB_KRB5_CHANGEPW_PRINC, + "kadmin/changepw", &value); if (ret != EOK) goto fail; if (strchr(value, '@') == NULL) { @@ -945,7 +948,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, } ret = confdb_get_int(bectx->cdb, ctx, bectx->conf_path, - "krb5auth_timeout", 15, &int_value); + CONFDB_KRB5_AUTH_TIMEOUT, 15, &int_value); if (ret != EOK) goto fail; if (int_value <= 0) { DEBUG(4, ("krb5auth_timeout has to be a positive value.\n")); diff --git a/server/providers/ldap/sdap.c b/server/providers/ldap/sdap.c index 22d238e6..eded6eed 100644 --- a/server/providers/ldap/sdap.c +++ b/server/providers/ldap/sdap.c @@ -32,78 +32,78 @@ #define BOOL_TRUE { .boolean = true } struct sdap_gen_opts default_basic_opts[] = { - { "ldapUri", SDAP_STRING, { "ldap://localhost" }, NULL_STRING }, - { "defaultBindDn", SDAP_STRING, NULL_STRING, NULL_STRING }, - { "defaultAuthtokType", SDAP_STRING, NULL_STRING, NULL_STRING}, - { "defaultAuthtok", SDAP_BLOB, NULL_BLOB, NULL_BLOB }, - { "network_timeout", SDAP_NUMBER, { .number = 5 }, NULL_NUMBER }, - { "opt_timeout", SDAP_NUMBER, { .number = 5 }, NULL_NUMBER }, - { "tls_reqcert", SDAP_STRING, { "hard" }, NULL_STRING }, - { "userSearchBase", SDAP_STRING, { "ou=People,dc=example,dc=com" }, NULL_STRING }, - { "userSearchScope", SDAP_STRING, { "sub" }, NULL_STRING }, - { "userSearchFilter", SDAP_STRING, NULL_STRING, NULL_STRING }, - { "groupSearchBase", SDAP_STRING, { "ou=Group,dc=example,dc=com" }, NULL_STRING }, - { "groupSearchScope", SDAP_STRING, { "sub" }, NULL_STRING }, - { "groupSearchFilter", SDAP_STRING, NULL_STRING, NULL_STRING }, - { "ldapSchema", SDAP_STRING, { "rfc2307" }, NULL_STRING }, - { "offline_timeout", SDAP_NUMBER, { .number = 60 }, NULL_NUMBER }, - { "force_upper_case_realm", SDAP_BOOL, BOOL_FALSE, BOOL_FALSE }, - { "enumeration_refresh_timeout", SDAP_NUMBER, { .number = 300 }, NULL_NUMBER }, - { "stale_time", SDAP_NUMBER, { .number = 1800 }, NULL_NUMBER } + { "ldap_uri", SDAP_STRING, { "ldap://localhost" }, NULL_STRING }, + { "ldap_default_bind_dn", SDAP_STRING, NULL_STRING, NULL_STRING }, + { "ldap_default_authtok_type", SDAP_STRING, NULL_STRING, NULL_STRING}, + { "ldap_default_authtok", SDAP_BLOB, NULL_BLOB, NULL_BLOB }, + { "ldap_network_timeout", SDAP_NUMBER, { .number = 5 }, NULL_NUMBER }, + { "ldap_opt_timeout", SDAP_NUMBER, { .number = 5 }, NULL_NUMBER }, + { "ldap_tls_reqcert", SDAP_STRING, { "hard" }, NULL_STRING }, + { "ldap_user_search_base", SDAP_STRING, { "ou=People,dc=example,dc=com" }, NULL_STRING }, + { "ldap_user_search_scope", SDAP_STRING, { "sub" }, NULL_STRING }, + { "ldap_user_search_filter", SDAP_STRING, NULL_STRING, NULL_STRING }, + { "ldap_group_search_base", SDAP_STRING, { "ou=Group,dc=example,dc=com" }, NULL_STRING }, + { "ldap_group_search_scope", SDAP_STRING, { "sub" }, NULL_STRING }, + { "ldap_group_search_filter", SDAP_STRING, NULL_STRING, NULL_STRING }, + { "ldap_schema", SDAP_STRING, { "rfc2307" }, NULL_STRING }, + { "ldap_offline_timeout", SDAP_NUMBER, { .number = 60 }, NULL_NUMBER }, + { "ldap_force_upper_case_realm", SDAP_BOOL, BOOL_FALSE, BOOL_FALSE }, + { "ldap_enumeration_refresh_timeout", SDAP_NUMBER, { .number = 300 }, NULL_NUMBER }, + { "ldap_stale_time", SDAP_NUMBER, { .number = 1800 }, NULL_NUMBER } }; struct sdap_id_map rfc2307_user_map[] = { - { "userObjectClass", "posixAccount", SYSDB_USER_CLASS, NULL }, - { "userName", "uid", SYSDB_NAME, NULL }, - { "userPwd", "userPassword", SYSDB_PWD, NULL }, - { "userUidNumber", "uidNumber", SYSDB_UIDNUM, NULL }, - { "userGidNumber", "gidNumber", SYSDB_GIDNUM, NULL }, - { "userGecos", "gecos", SYSDB_GECOS, NULL }, - { "userHomeDirectory", "homeDirectory", SYSDB_HOMEDIR, NULL }, - { "userShell", "loginShell", SYSDB_SHELL, NULL }, - { "userPrincipal", "krbPrincipalName", SYSDB_UPN, NULL }, - { "userFullname", "cn", SYSDB_FULLNAME, NULL }, - { "userMemberOf", NULL, SYSDB_MEMBEROF, NULL }, - { "userUUID", NULL, SYSDB_UUID, NULL }, - { "userModifyTimestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } + { "ldap_user_object_class", "posixAccount", SYSDB_USER_CLASS, NULL }, + { "ldap_user_name", "uid", SYSDB_NAME, NULL }, + { "ldap_user_pwd", "userPassword", SYSDB_PWD, NULL }, + { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL }, + { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL }, + { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL }, + { "ldap_user_home_directory", "homeDirectory", SYSDB_HOMEDIR, NULL }, + { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL }, + { "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL }, + { "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL }, + { "ldap_user_member_of", NULL, SYSDB_MEMBEROF, NULL }, + { "ldap_user_uuid", NULL, SYSDB_UUID, NULL }, + { "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } }; struct sdap_id_map rfc2307_group_map[] = { - { "groupObjectClass", "posixGroup", SYSDB_GROUP_CLASS, NULL }, - { "groupName", "cn", SYSDB_NAME, NULL }, - { "groupPwd", "userPassword", SYSDB_PWD, NULL }, - { "groupGidNumber", "gidNumber", SYSDB_GIDNUM, NULL }, - { "groupMember", "memberuid", SYSDB_MEMBER, NULL }, - { "groupUUID", NULL, SYSDB_UUID, NULL }, - { "groupModifyTimestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } + { "ldap_group_object_class", "posixGroup", SYSDB_GROUP_CLASS, NULL }, + { "ldap_group_name", "cn", SYSDB_NAME, NULL }, + { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL }, + { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL }, + { "ldap_group_member", "memberuid", SYSDB_MEMBER, NULL }, + { "ldap_group_uuid", NULL, SYSDB_UUID, NULL }, + { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } }; struct sdap_id_map rfc2307bis_user_map[] = { - { "userObjectClass", "posixAccount", SYSDB_USER_CLASS, NULL }, - { "userName", "uid", SYSDB_NAME, NULL }, - { "userPwd", "userPassword", SYSDB_PWD, NULL }, - { "userUidNumber", "uidNumber", SYSDB_UIDNUM, NULL }, - { "userGidNumber", "gidNumber", SYSDB_GIDNUM, NULL }, - { "userGecos", "gecos", SYSDB_GECOS, NULL }, - { "userHomeDirectory", "homeDirectory", SYSDB_HOMEDIR, NULL }, - { "userShell", "loginShell", SYSDB_SHELL, NULL }, - { "userPrincipal", "krbPrincipalName", SYSDB_UPN, NULL }, - { "userFullname", "cn", SYSDB_FULLNAME, NULL }, - { "userMemberOf", "memberOf", SYSDB_MEMBEROF, NULL }, + { "ldap_user_object_class", "posixAccount", SYSDB_USER_CLASS, NULL }, + { "ldap_user_name", "uid", SYSDB_NAME, NULL }, + { "ldap_user_pwd", "userPassword", SYSDB_PWD, NULL }, + { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL }, + { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL }, + { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL }, + { "ldap_user_home_directory", "homeDirectory", SYSDB_HOMEDIR, NULL }, + { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL }, + { "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL }, + { "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL }, + { "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL }, /* FIXME: this is 389ds specific */ - { "userUUID", "nsUniqueId", SYSDB_UUID, NULL }, - { "userModifyTimestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } + { "ldap_user_uuid", "nsUniqueId", SYSDB_UUID, NULL }, + { "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } }; struct sdap_id_map rfc2307bis_group_map[] = { - { "groupObjectClass", "posixGroup", SYSDB_GROUP_CLASS, NULL }, - { "groupName", "cn", SYSDB_NAME, NULL }, - { "groupPwd", "userPassword", SYSDB_PWD, NULL }, - { "groupGidNumber", "gidNumber", SYSDB_GIDNUM, NULL }, - { "groupMember", "member", SYSDB_MEMBER, NULL }, + { "ldap_group_object_class", "posixGroup", SYSDB_GROUP_CLASS, NULL }, + { "ldap_group_name", "cn", SYSDB_NAME, NULL }, + { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL }, + { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL }, + { "ldap_group_member", "member", SYSDB_MEMBER, NULL }, /* FIXME: this is 389ds specific */ - { "groupUUID", "nsUniqueId", SYSDB_UUID, NULL }, - { "groupModifyTimestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } + { "ldap_group_uuid", "nsUniqueId", SYSDB_UUID, NULL }, + { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } }; /* =Retrieve-Options====================================================== */ diff --git a/server/providers/proxy.c b/server/providers/proxy.c index dde019b9..54d4487e 100644 --- a/server/providers/proxy.c +++ b/server/providers/proxy.c @@ -2215,7 +2215,7 @@ int sssm_proxy_init(struct be_ctx *bectx, ctx->be = bectx; ret = confdb_get_string(bectx->cdb, ctx, bectx->conf_path, - "libName", NULL, &libname); + CONFDB_PROXY_LIBNAME, NULL, &libname); if (ret != EOK) goto done; if (libname == NULL) { ret = ENOENT; @@ -2339,7 +2339,8 @@ int sssm_proxy_auth_init(struct be_ctx *bectx, ctx->be = bectx; ret = confdb_get_string(bectx->cdb, ctx, bectx->conf_path, - "pam-target", NULL, &ctx->pam_target); + CONFDB_PROXY_PAM_TARGET, NULL, + &ctx->pam_target); if (ret != EOK) goto done; if (!ctx->pam_target) { ctx->pam_target = talloc_strdup(ctx, "sssd_pam_proxy_default"); |