summaryrefslogtreecommitdiff
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/providers/data_provider.c57
-rw-r--r--server/providers/data_provider_be.c46
-rw-r--r--server/providers/dp_backend.h6
-rw-r--r--server/providers/ldap_be.c24
-rw-r--r--server/providers/proxy.c6
-rw-r--r--server/responder/pam/pamsrv.h5
-rw-r--r--server/responder/pam/pamsrv_dp.c32
-rw-r--r--server/responder/pam/pamsrv_util.c75
8 files changed, 116 insertions, 135 deletions
diff --git a/server/providers/data_provider.c b/server/providers/data_provider.c
index 85a824e4..cc437c9a 100644
--- a/server/providers/data_provider.c
+++ b/server/providers/data_provider.c
@@ -733,8 +733,7 @@ static void be_got_pam_reply(DBusPendingCall *pending, void *data)
DBusConnection *conn;
DBusError dbus_error;
dbus_bool_t ret;
- uint32_t pam_status;
- char *domain;
+ struct pam_data *pd = NULL;
int type;
bereq = talloc_get_type(data, struct dp_be_request);
@@ -753,23 +752,21 @@ static void be_got_pam_reply(DBusPendingCall *pending, void *data)
goto done;
}
+ pd = talloc_zero(bereq, struct pam_data);
type = dbus_message_get_type(reply);
switch (type) {
case DBUS_MESSAGE_TYPE_METHOD_RETURN:
- ret = dbus_message_get_args(reply, &dbus_error,
- DBUS_TYPE_UINT32, &pam_status,
- DBUS_TYPE_STRING, &domain,
- DBUS_TYPE_INVALID);
+ ret = dp_unpack_pam_response(reply, pd, &dbus_error);
if (!ret) {
DEBUG(1,("Failed to parse message, killing connection\n"));
if (dbus_error_is_set(&dbus_error)) dbus_error_free(&dbus_error);
sbus_disconnect(bereq->be->dpcli->conn_ctx);
- pam_status = PAM_SYSTEM_ERR;
- domain = "";
+ pd->pam_status = PAM_SYSTEM_ERR;
+ pd->domain = talloc_strdup(pd, "");
goto done;
}
- DEBUG(4, ("Got reply (%d, %s) from %s(%s)\n", pam_status, domain,
+ DEBUG(4, ("Got reply (%d, %s) from %s(%s)\n", pd->pam_status, pd->domain,
bereq->be->name, bereq->be->domain));
break;
@@ -792,10 +789,8 @@ static void be_got_pam_reply(DBusPendingCall *pending, void *data)
}
conn = sbus_get_connection(bereq->req->src_cli->conn_ctx);
- ret = dbus_message_append_args(bereq->req->reply,
- DBUS_TYPE_UINT32, &pam_status,
- DBUS_TYPE_STRING, &domain,
- DBUS_TYPE_INVALID);
+
+ ret = dp_pack_pam_response(bereq->req->reply, pd);
if (!ret) {
DEBUG(1, ("Failed to build reply ... frontend will wait for timeout ...\n"));
talloc_free(bereq->req);
@@ -834,23 +829,7 @@ static int dp_call_pamhandler(struct dp_be_request *bereq, struct pam_data *pd)
DEBUG(4, ("Sending request with to following data\n"));
DEBUG_PAM_DATA(4, pd);
- ret = dbus_message_append_args(msg,
- DBUS_TYPE_INT32, &(pd->cmd),
- DBUS_TYPE_STRING, &(pd->domain),
- DBUS_TYPE_STRING, &(pd->user),
- DBUS_TYPE_STRING, &(pd->service),
- DBUS_TYPE_STRING, &(pd->tty),
- DBUS_TYPE_STRING, &(pd->ruser),
- DBUS_TYPE_STRING, &(pd->rhost),
- DBUS_TYPE_INT32, &(pd->authtok_type),
- DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
- &(pd->authtok),
- (pd->authtok_size),
- DBUS_TYPE_INT32, &(pd->newauthtok_type),
- DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
- &(pd->newauthtok),
- pd->newauthtok_size,
- DBUS_TYPE_INVALID);
+ ret = dp_pack_pam_request(msg, pd);
if (!ret) {
DEBUG(1,("Failed to build message\n"));
return EIO;
@@ -903,23 +882,7 @@ static int dp_pamhandler(DBusMessage *message, struct sbus_conn_ctx *sconn)
dbus_error_init(&dbus_error);
- ret = dbus_message_get_args(message, &dbus_error,
- DBUS_TYPE_INT32, &(pd->cmd),
- DBUS_TYPE_STRING, &(pd->domain),
- DBUS_TYPE_STRING, &(pd->user),
- DBUS_TYPE_STRING, &(pd->service),
- DBUS_TYPE_STRING, &(pd->tty),
- DBUS_TYPE_STRING, &(pd->ruser),
- DBUS_TYPE_STRING, &(pd->rhost),
- DBUS_TYPE_INT32, &(pd->authtok_type),
- DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
- &(pd->authtok),
- &(pd->authtok_size),
- DBUS_TYPE_INT32, &(pd->newauthtok_type),
- DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
- &(pd->newauthtok),
- &(pd->newauthtok_size),
- DBUS_TYPE_INVALID);
+ ret = dp_unpack_pam_request(message, pd, &dbus_error);
if (!ret) {
DEBUG(0,("Failed, to parse message!\n"));
if (dbus_error_is_set(&dbus_error)) dbus_error_free(&dbus_error);
diff --git a/server/providers/data_provider_be.c b/server/providers/data_provider_be.c
index c9faff95..f427ac8c 100644
--- a/server/providers/data_provider_be.c
+++ b/server/providers/data_provider_be.c
@@ -512,19 +512,16 @@ done:
static void be_pam_handler_callback(struct be_req *req, int status,
const char *errstr) {
- struct be_pam_handler *ph;
+ struct pam_data *pd;
DBusMessage *reply;
DBusConnection *conn;
dbus_bool_t dbret;
- ph = talloc_get_type(req->req_data, struct be_pam_handler);
+ pd = talloc_get_type(req->req_data, struct pam_data);
- DEBUG(4, ("Sending result [%d][%s]\n", ph->pam_status, ph->domain));
+ DEBUG(4, ("Sending result [%d][%s]\n", pd->pam_status, pd->domain));
reply = (DBusMessage *)req->pvt;
- dbret = dbus_message_append_args(reply,
- DBUS_TYPE_UINT32, &(ph->pam_status),
- DBUS_TYPE_STRING, &(ph->domain),
- DBUS_TYPE_INVALID);
+ dbret = dp_pack_pam_response(reply, pd);
if (!dbret) {
DEBUG(1, ("Failed to generate dbus reply\n"));
return;
@@ -534,7 +531,7 @@ static void be_pam_handler_callback(struct be_req *req, int status,
dbus_connection_send(conn, reply, NULL);
dbus_message_unref(reply);
- DEBUG(4, ("Sent result [%d][%s]\n", ph->pam_status, ph->domain));
+ DEBUG(4, ("Sent result [%d][%s]\n", pd->pam_status, pd->domain));
talloc_free(req);
}
@@ -544,7 +541,6 @@ static int be_pam_handler(DBusMessage *message, struct sbus_conn_ctx *sconn)
DBusError dbus_error;
DBusMessage *reply;
struct be_ctx *ctx;
- struct be_pam_handler *req;
struct be_req *be_req;
dbus_bool_t ret;
void *user_data;
@@ -556,7 +552,7 @@ static int be_pam_handler(DBusMessage *message, struct sbus_conn_ctx *sconn)
ctx = talloc_get_type(user_data, struct be_ctx);
if (!ctx) return EINVAL;
- pd = talloc(NULL, struct pam_data);
+ pd = talloc_zero(ctx, struct pam_data);
if (!pd) return ENOMEM;
dbus_error_init(&dbus_error);
@@ -568,24 +564,7 @@ static int be_pam_handler(DBusMessage *message, struct sbus_conn_ctx *sconn)
return ENOMEM;
}
-
- ret = dbus_message_get_args(message, &dbus_error,
- DBUS_TYPE_INT32, &(pd->cmd),
- DBUS_TYPE_STRING, &(pd->domain),
- DBUS_TYPE_STRING, &(pd->user),
- DBUS_TYPE_STRING, &(pd->service),
- DBUS_TYPE_STRING, &(pd->tty),
- DBUS_TYPE_STRING, &(pd->ruser),
- DBUS_TYPE_STRING, &(pd->rhost),
- DBUS_TYPE_INT32, &(pd->authtok_type),
- DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
- &(pd->authtok),
- &(pd->authtok_size),
- DBUS_TYPE_INT32, &(pd->newauthtok_type),
- DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
- &(pd->newauthtok),
- &(pd->newauthtok_size),
- DBUS_TYPE_INVALID);
+ ret = dp_unpack_pam_request(message, pd, &dbus_error);
if (!ret) {
DEBUG(1,("Failed, to parse message!\n"));
talloc_free(pd);
@@ -603,16 +582,7 @@ static int be_pam_handler(DBusMessage *message, struct sbus_conn_ctx *sconn)
be_req->be_ctx = ctx;
be_req->fn = be_pam_handler_callback;
be_req->pvt = reply;
-
- req = talloc(be_req, struct be_pam_handler);
- if (!req) {
- pam_status = PAM_SYSTEM_ERR;
- goto done;
- }
- req->domain = ctx->domain;
- req->pd = pd;
-
- be_req->req_data = req;
+ be_req->req_data = pd;
ret = be_file_request(ctx, ctx->ops->pam_handler, be_req);
if (ret != EOK) {
diff --git a/server/providers/dp_backend.h b/server/providers/dp_backend.h
index df09544f..4dd2ee47 100644
--- a/server/providers/dp_backend.h
+++ b/server/providers/dp_backend.h
@@ -65,12 +65,6 @@ struct be_online_req {
int online;
};
-struct be_pam_handler {
- int pam_status;
- const char *domain;
- struct pam_data *pd;
-};
-
typedef void (*be_req_fn_t)(struct be_req *);
struct be_mod_ops {
diff --git a/server/providers/ldap_be.c b/server/providers/ldap_be.c
index 8967732f..d91e0792 100644
--- a/server/providers/ldap_be.c
+++ b/server/providers/ldap_be.c
@@ -96,7 +96,7 @@ static int schedule_next_task(struct ldap_req *lr, struct timeval tv,
timeout.tv_usec += tv.tv_usec;
- te = tevent_add_timer(lr->req->be_ctx->ev, lr, timeout, task, lr);
+ te = tevent_add_timer(lr->req->be_ctx->ev, lr, timeout, task, lr);
if (te == NULL) {
return EIO;
}
@@ -271,7 +271,7 @@ static void ldap_be_loop(struct tevent_context *ev, struct tevent_fd *te,
int pam_status=PAM_SUCCESS;
int ldap_ret;
struct ldap_req *lr;
- struct be_pam_handler *ph;
+ struct pam_data *pd;
struct be_req *req;
LDAPMessage *result=NULL;
LDAPMessage *msg=NULL;
@@ -281,7 +281,7 @@ static void ldap_be_loop(struct tevent_context *ev, struct tevent_fd *te,
char *filter=NULL;
char *attrs[] = { LDAP_NO_ATTRS, NULL };
- lr = talloc_get_type(pvt, struct ldap_req);
+ lr = talloc_get_type(pvt, struct ldap_req);
switch (lr->next_op) {
case LDAP_OP_INIT:
@@ -533,8 +533,8 @@ done:
talloc_free(filter);
if (lr->ldap != NULL) ldap_unbind_ext(lr->ldap, NULL, NULL);
req = lr->req;
- ph = talloc_get_type(lr->req->req_data, struct be_pam_handler);
- ph->pam_status = pam_status;
+ pd = talloc_get_type(lr->req->req_data, struct pam_data);
+ pd->pam_status = pam_status;
talloc_free(lr);
@@ -548,9 +548,9 @@ static void ldap_start(struct tevent_context *ev, struct tevent_timer *te,
int pam_status;
struct ldap_req *lr;
struct be_req *req;
- struct be_pam_handler *ph;
+ struct pam_data *pd;
- lr = talloc_get_type(pvt, struct ldap_req);
+ lr = talloc_get_type(pvt, struct ldap_req);
ret = ldap_be_init(lr);
if (ret != EOK) {
@@ -573,8 +573,8 @@ static void ldap_start(struct tevent_context *ev, struct tevent_timer *te,
done:
if (lr->ldap != NULL ) ldap_unbind_ext(lr->ldap, NULL, NULL);
req = lr->req;
- ph = talloc_get_type(lr->req->req_data, struct be_pam_handler);
- ph->pam_status = pam_status;
+ pd = talloc_get_type(lr->req->req_data, struct pam_data);
+ pd->pam_status = pam_status;
talloc_free(lr);
@@ -587,12 +587,10 @@ static void ldap_pam_handler(struct be_req *req)
int pam_status=PAM_SUCCESS;
struct ldap_req *lr;
struct ldap_ctx *ldap_ctx;
- struct be_pam_handler *ph;
struct pam_data *pd;
struct timeval timeout;
- ph = talloc_get_type(req->req_data, struct be_pam_handler);
- pd = ph->pd;
+ pd = talloc_get_type(req->req_data, struct pam_data);
ldap_ctx = talloc_get_type(req->be_ctx->pvt_data, struct ldap_ctx);
@@ -620,7 +618,7 @@ static void ldap_pam_handler(struct be_req *req)
done:
talloc_free(lr);
- ph->pam_status = pam_status;
+ pd->pam_status = pam_status;
req->fn(req, pam_status, NULL);
}
diff --git a/server/providers/proxy.c b/server/providers/proxy.c
index 30f5f5c1..4b2ed7d6 100644
--- a/server/providers/proxy.c
+++ b/server/providers/proxy.c
@@ -111,11 +111,9 @@ static void proxy_pam_handler(struct be_req *req) {
pam_handle_t *pamh=NULL;
struct authtok_conv *auth_data;
struct pam_conv conv;
- struct be_pam_handler *ph;
struct pam_data *pd;
- ph = talloc_get_type(req->req_data, struct be_pam_handler);
- pd = ph->pd;
+ pd = talloc_get_type(req->req_data, struct pam_data);
conv.conv=proxy_internal_conv;
auth_data = talloc_zero(req->be_ctx, struct authtok_conv);
@@ -181,7 +179,7 @@ static void proxy_pam_handler(struct be_req *req) {
talloc_free(auth_data);
- ph->pam_status = pam_status;
+ pd->pam_status = pam_status;
req->fn(req, EOK, NULL);
}
diff --git a/server/responder/pam/pamsrv.h b/server/responder/pam/pamsrv.h
index 4bb49c97..c5250f8d 100644
--- a/server/responder/pam/pamsrv.h
+++ b/server/responder/pam/pamsrv.h
@@ -51,4 +51,9 @@ struct sss_cmd_table *register_sss_cmds(void);
int pam_dp_send_req(struct cli_ctx *cctx, pam_dp_callback_t callback,
int timeout, struct pam_data *pd);
+
+int dp_pack_pam_request(DBusMessage *msg, struct pam_data *pd);
+int dp_unpack_pam_request(DBusMessage *msg, struct pam_data *pd, DBusError *dbus_error);
+int dp_pack_pam_response(DBusMessage *msg, struct pam_data *pd);
+int dp_unpack_pam_response(DBusMessage *msg, struct pam_data *pd, DBusError *dbus_error);
#endif /* __PAMSRV_H__ */
diff --git a/server/responder/pam/pamsrv_dp.c b/server/responder/pam/pamsrv_dp.c
index a679acd3..2d5d9799 100644
--- a/server/responder/pam/pamsrv_dp.c
+++ b/server/responder/pam/pamsrv_dp.c
@@ -44,8 +44,6 @@ static void pam_process_dp_reply(DBusPendingCall *pending, void *ptr)
DBusMessage* msg;
int ret;
int type;
- dbus_uint32_t pam_status;
- char *domain;
struct pam_reply_ctx *rctx;
rctx = talloc_get_type(ptr, struct pam_reply_ctx);
@@ -64,27 +62,21 @@ static void pam_process_dp_reply(DBusPendingCall *pending, void *ptr)
type = dbus_message_get_type(msg);
switch (type) {
case DBUS_MESSAGE_TYPE_METHOD_RETURN:
- ret = dbus_message_get_args(msg, &dbus_error,
- DBUS_TYPE_UINT32, &pam_status,
- DBUS_TYPE_STRING, &domain,
- DBUS_TYPE_INVALID);
+ ret = dp_unpack_pam_response(msg, rctx->pd, &dbus_error);
if (!ret) {
DEBUG(0, ("Failed to parse reply.\n"));
rctx->pd->pam_status = PAM_SYSTEM_ERR;
- domain = NULL;
goto done;
}
- DEBUG(4, ("received: [%d][%s]\n", pam_status, domain));
- rctx->pd->pam_status = pam_status;
- rctx->pd->domain = talloc_strdup(rctx->cctx, domain);
+ DEBUG(4, ("received: [%d][%s]\n", rctx->pd->pam_status, rctx->pd->domain));
break;
case DBUS_MESSAGE_TYPE_ERROR:
DEBUG(0, ("Reply error.\n"));
- pam_status = PAM_SYSTEM_ERR;
+ rctx->pd->pam_status = PAM_SYSTEM_ERR;
break;
default:
DEBUG(0, ("Default... what now?.\n"));
- pam_status = PAM_SYSTEM_ERR;
+ rctx->pd->pam_status = PAM_SYSTEM_ERR;
}
@@ -141,21 +133,7 @@ int pam_dp_send_req(struct cli_ctx *cctx,
DEBUG(4, ("Sending request with the following data:\n"));
DEBUG_PAM_DATA(4, pd);
- ret = dbus_message_append_args(msg,
- DBUS_TYPE_INT32, &(pd->cmd),
- DBUS_TYPE_STRING, &(pd->domain),
- DBUS_TYPE_STRING, &(pd->user),
- DBUS_TYPE_STRING, &(pd->service),
- DBUS_TYPE_STRING, &(pd->tty),
- DBUS_TYPE_STRING, &(pd->ruser),
- DBUS_TYPE_STRING, &(pd->rhost),
- DBUS_TYPE_INT32, &(pd->authtok_type),
- DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
- &(pd->authtok), pd->authtok_size,
- DBUS_TYPE_INT32, &(pd->newauthtok_type),
- DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
- &(pd->newauthtok), pd->newauthtok_size,
- DBUS_TYPE_INVALID);
+ ret = dp_pack_pam_request(msg, pd);
if (!ret) {
DEBUG(1,("Failed to build message\n"));
return EIO;
diff --git a/server/responder/pam/pamsrv_util.c b/server/responder/pam/pamsrv_util.c
index f43783a6..fb82cdcb 100644
--- a/server/responder/pam/pamsrv_util.c
+++ b/server/responder/pam/pamsrv_util.c
@@ -33,3 +33,78 @@ int pam_add_response(struct pam_data *pd, enum response_type type,
return EOK;
}
+
+int dp_pack_pam_request(DBusMessage *msg, struct pam_data *pd)
+{
+ int ret;
+
+ ret = dbus_message_append_args(msg,
+ DBUS_TYPE_INT32, &(pd->cmd),
+ DBUS_TYPE_STRING, &(pd->domain),
+ DBUS_TYPE_STRING, &(pd->user),
+ DBUS_TYPE_STRING, &(pd->service),
+ DBUS_TYPE_STRING, &(pd->tty),
+ DBUS_TYPE_STRING, &(pd->ruser),
+ DBUS_TYPE_STRING, &(pd->rhost),
+ DBUS_TYPE_INT32, &(pd->authtok_type),
+ DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
+ &(pd->authtok),
+ (pd->authtok_size),
+ DBUS_TYPE_INT32, &(pd->newauthtok_type),
+ DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
+ &(pd->newauthtok),
+ pd->newauthtok_size,
+ DBUS_TYPE_INVALID);
+
+ return ret;
+}
+
+int dp_unpack_pam_request(DBusMessage *msg, struct pam_data *pd, DBusError *dbus_error)
+{
+ int ret;
+
+ ret = dbus_message_get_args(msg, dbus_error,
+ DBUS_TYPE_INT32, &(pd->cmd),
+ DBUS_TYPE_STRING, &(pd->domain),
+ DBUS_TYPE_STRING, &(pd->user),
+ DBUS_TYPE_STRING, &(pd->service),
+ DBUS_TYPE_STRING, &(pd->tty),
+ DBUS_TYPE_STRING, &(pd->ruser),
+ DBUS_TYPE_STRING, &(pd->rhost),
+ DBUS_TYPE_INT32, &(pd->authtok_type),
+ DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
+ &(pd->authtok),
+ &(pd->authtok_size),
+ DBUS_TYPE_INT32, &(pd->newauthtok_type),
+ DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE,
+ &(pd->newauthtok),
+ &(pd->newauthtok_size),
+ DBUS_TYPE_INVALID);
+
+ return ret;
+}
+
+int dp_pack_pam_response(DBusMessage *msg, struct pam_data *pd)
+{
+ int ret;
+
+ ret = dbus_message_append_args(msg,
+ DBUS_TYPE_UINT32, &(pd->pam_status),
+ DBUS_TYPE_STRING, &(pd->domain),
+ DBUS_TYPE_INVALID);
+
+ return ret;
+}
+
+int dp_unpack_pam_response(DBusMessage *msg, struct pam_data *pd, DBusError *dbus_error)
+{
+ int ret;
+
+ ret = dbus_message_get_args(msg, dbus_error,
+ DBUS_TYPE_UINT32, &(pd->pam_status),
+ DBUS_TYPE_STRING, &(pd->domain),
+ DBUS_TYPE_INVALID);
+
+ return ret;
+}
+