summaryrefslogtreecommitdiff
path: root/src/providers
diff options
context:
space:
mode:
Diffstat (limited to 'src/providers')
-rw-r--r--src/providers/ipa/ipa_access.c189
1 files changed, 104 insertions, 85 deletions
diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c
index 2db5dd7d..3d66c16d 100644
--- a/src/providers/ipa/ipa_access.c
+++ b/src/providers/ipa/ipa_access.c
@@ -90,6 +90,75 @@ static errno_t msgs2attrs_array(TALLOC_CTX *mem_ctx, size_t count,
return EOK;
}
+static errno_t replace_attribute_name(const char *old_name,
+ const char *new_name, const size_t count,
+ struct sysdb_attrs **list)
+{
+ int ret;
+ int i;
+
+ for (i = 0; i < count; i++) {
+ ret = sysdb_attrs_replace_name(list[i], old_name, new_name);
+ if (ret != EOK) {
+ DEBUG(1, ("sysdb_attrs_replace_name failed.\n"));
+ return ret;
+ }
+ }
+
+ return EOK;
+}
+
+static errno_t hbac_sdap_data_recv(struct tevent_req *subreq,
+ TALLOC_CTX *mem_ctx, size_t *count,
+ struct sysdb_attrs ***attrs)
+{
+ int ret;
+
+ ret = sdap_get_generic_recv(subreq, mem_ctx, count, attrs);
+ if (ret != EOK) {
+ DEBUG(1, ("sdap_get_generic_recv failed.\n"));
+ return ret;
+ }
+
+ ret = replace_attribute_name(IPA_MEMBEROF, SYSDB_ORIG_MEMBEROF,
+ *count, *attrs);
+ if (ret != EOK) {
+ DEBUG(1, ("replace_attribute_name failed.\n"));
+ return ret;
+ }
+
+ return EOK;
+}
+
+static errno_t hbac_sysdb_data_recv(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *filter,
+ const char *subtree_name,
+ const char **search_attrs,
+ size_t *count,
+ struct sysdb_attrs ***reply_attrs)
+{
+ int ret;
+ struct ldb_message **msgs;
+
+ ret = sysdb_search_custom(mem_ctx, sysdb, domain, filter, subtree_name,
+ search_attrs, count, &msgs);
+ if (ret != EOK) {
+ DEBUG(1, ("sysdb_search_custom failed.\n"));
+ return ret;
+ }
+
+ ret = msgs2attrs_array(mem_ctx, *count, msgs, reply_attrs);
+ talloc_zfree(msgs);
+ if (ret != EOK) {
+ DEBUG(1, ("msgs2attrs_array failed.\n"));
+ return ret;
+ }
+
+ return EOK;
+}
+
static void ipa_access_reply(struct be_req *be_req, int pam_status)
{
struct pam_data *pd;
@@ -134,7 +203,6 @@ struct tevent_req *hbac_get_service_data_send(TALLOC_CTX *memctx,
struct tevent_req *subreq = NULL;
struct hbac_get_service_data_state *state;
int ret;
- struct ldb_message **msgs;
req = tevent_req_create(memctx, &state, struct hbac_get_service_data_state);
if (req == NULL) {
@@ -186,23 +254,17 @@ struct tevent_req *hbac_get_service_data_send(TALLOC_CTX *memctx,
DEBUG(9, ("Services filter: [%s].\n", state->services_filter));
if (offline) {
- ret = sysdb_search_custom(state, state->sysdb,
- state->sdap_ctx->be->domain,
- state->services_filter, HBAC_SERVICES_SUBDIR,
- state->services_attrs,
- &state->services_reply_count, &msgs);
+ ret = hbac_sysdb_data_recv(state, state->sysdb,
+ state->sdap_ctx->be->domain,
+ state->services_filter, HBAC_SERVICES_SUBDIR,
+ state->services_attrs,
+ &state->services_reply_count,
+ &state->services_reply_list);
if (ret) {
- DEBUG(1, ("sysdb_search_custom failed.\n"));
+ DEBUG(1, ("hbac_sysdb_data_recv failed.\n"));
goto fail;
}
- ret = msgs2attrs_array(state, state->services_reply_count, msgs,
- &state->services_reply_list);
- talloc_zfree(msgs);
- if (ret != EOK) {
- DEBUG(1, ("msgs2attrs_array failed.\n"));
- goto fail;
- }
tevent_req_done(req);
tevent_req_post(req, ev);
return req;
@@ -300,8 +362,8 @@ static void hbac_services_get_done(struct tevent_req *subreq)
char *object_name;
- ret = sdap_get_generic_recv(subreq, state, &state->services_reply_count,
- &state->services_reply_list);
+ ret = hbac_sdap_data_recv(subreq, state, &state->services_reply_count,
+ &state->services_reply_list);
talloc_zfree(subreq);
if (ret != EOK) {
tevent_req_error(req, ret);
@@ -354,13 +416,6 @@ static void hbac_services_get_done(struct tevent_req *subreq)
}
DEBUG(9, ("Object name: [%s].\n", object_name));
- ret = sysdb_attrs_replace_name(state->services_reply_list[i],
- IPA_MEMBEROF, SYSDB_ORIG_MEMBEROF);
- if (ret != EOK) {
- DEBUG(1, ("sysdb_attrs_replace_name failed.\n"));
- goto fail;
- }
-
ret = sysdb_store_custom(state, state->sysdb,
state->sdap_ctx->be->domain, object_name,
HBAC_SERVICES_SUBDIR,
@@ -534,8 +589,7 @@ struct hbac_get_host_info_state {
};
static void hbac_get_host_info_connect_done(struct tevent_req *subreq);
-static void hbac_get_host_memberof(struct tevent_req *req,
- struct ldb_message **msgs);
+static void hbac_get_host_memberof(struct tevent_req *req);
static void hbac_get_host_memberof_done(struct tevent_req *subreq);
static struct tevent_req *hbac_get_host_info_send(TALLOC_CTX *memctx,
@@ -618,18 +672,17 @@ static struct tevent_req *hbac_get_host_info_send(TALLOC_CTX *memctx,
state->host_attrs[6] = NULL;
if (offline) {
- struct ldb_message **msgs;
-
- ret = sysdb_search_custom(state, state->sysdb,
- state->sdap_ctx->be->domain,
- state->host_filter, HBAC_HOSTS_SUBDIR,
- state->host_attrs,
- &state->host_reply_count, &msgs);
+ ret = hbac_sysdb_data_recv(state, state->sysdb,
+ state->sdap_ctx->be->domain,
+ state->host_filter, HBAC_HOSTS_SUBDIR,
+ state->host_attrs,
+ &state->host_reply_count,
+ &state->host_reply_list);
if (ret) {
- DEBUG(1, ("sysdb_search_custom failed.\n"));
+ DEBUG(1, ("hbac_sysdb_data_recv failed.\n"));
goto fail;
}
- hbac_get_host_memberof(req, msgs);
+ hbac_get_host_memberof(req);
tevent_req_post(req, ev);
return req;
}
@@ -721,20 +774,18 @@ static void hbac_get_host_memberof_done(struct tevent_req *subreq)
struct hbac_get_host_info_state);
int ret;
- ret = sdap_get_generic_recv(subreq, state,
- &state->host_reply_count,
- &state->host_reply_list);
+ ret = hbac_sdap_data_recv(subreq, state, &state->host_reply_count,
+ &state->host_reply_list);
talloc_zfree(subreq);
if (ret != EOK) {
tevent_req_error(req, ret);
return;
}
- hbac_get_host_memberof(req, NULL);
+ hbac_get_host_memberof(req);
}
-static void hbac_get_host_memberof(struct tevent_req *req,
- struct ldb_message **msgs)
+static void hbac_get_host_memberof(struct tevent_req *req)
{
struct hbac_get_host_info_state *state =
tevent_req_data(req, struct hbac_get_host_info_state);
@@ -751,16 +802,6 @@ static void hbac_get_host_memberof(struct tevent_req *req,
goto fail;
}
- if (state->offline) {
- ret = msgs2attrs_array(state, state->host_reply_count, msgs,
- &state->host_reply_list);
- talloc_zfree(msgs);
- if (ret != EOK) {
- DEBUG(1, ("msgs2attrs_array failed.\n"));
- goto fail;
- }
- }
-
hhi = talloc_array(state, struct hbac_host_info *, state->host_reply_count + 1);
if (hhi == NULL) {
DEBUG(1, ("talloc_array failed.\n"));
@@ -887,14 +928,6 @@ static void hbac_get_host_memberof(struct tevent_req *req,
}
DEBUG(9, ("Fqdn [%s].\n", object_name));
-
- ret = sysdb_attrs_replace_name(state->host_reply_list[i],
- IPA_MEMBEROF, SYSDB_ORIG_MEMBEROF);
- if (ret != EOK) {
- DEBUG(1, ("sysdb_attrs_replace_name failed.\n"));
- goto fail;
- }
-
ret = sysdb_store_custom(state, state->sysdb,
state->sdap_ctx->be->domain,
object_name,
@@ -957,8 +990,7 @@ struct hbac_get_rules_state {
};
static void hbac_get_rules_connect_done(struct tevent_req *subreq);
-static void hbac_rule_get(struct tevent_req *req,
- struct ldb_message **msgs);
+static void hbac_rule_get(struct tevent_req *req);
static void hbac_rule_get_done(struct tevent_req *subreq);
static struct tevent_req *hbac_get_rules_send(TALLOC_CTX *memctx,
@@ -1060,18 +1092,17 @@ static struct tevent_req *hbac_get_rules_send(TALLOC_CTX *memctx,
DEBUG(9, ("HBAC rule filter: [%s].\n", state->hbac_filter));
if (offline) {
- struct ldb_message **msgs;
-
- ret = sysdb_search_custom(state, state->sysdb,
- state->sdap_ctx->be->domain,
- state->hbac_filter, HBAC_RULES_SUBDIR,
- state->hbac_attrs,
- &state->hbac_reply_count, &msgs);
+ ret = hbac_sysdb_data_recv(state, state->sysdb,
+ state->sdap_ctx->be->domain,
+ state->hbac_filter, HBAC_RULES_SUBDIR,
+ state->hbac_attrs,
+ &state->hbac_reply_count,
+ &state->hbac_reply_list);
if (ret) {
- DEBUG(1, ("sysdb_search_custom failed.\n"));
+ DEBUG(1, ("hbac_sysdb_data_recv failed.\n"));
goto fail;
}
- hbac_rule_get(req, msgs);
+ hbac_rule_get(req);
tevent_req_post(req, ev);
return req;
}
@@ -1162,20 +1193,18 @@ static void hbac_rule_get_done(struct tevent_req *subreq)
struct hbac_get_rules_state);
int ret;
- ret = sdap_get_generic_recv(subreq, state,
- &state->hbac_reply_count,
- &state->hbac_reply_list);
+ ret = hbac_sdap_data_recv(subreq, state, &state->hbac_reply_count,
+ &state->hbac_reply_list);
talloc_zfree(subreq);
if (ret != EOK) {
tevent_req_error(req, ret);
return;
}
- hbac_rule_get(req, NULL);
+ hbac_rule_get(req);
}
-static void hbac_rule_get(struct tevent_req *req,
- struct ldb_message **msgs)
+static void hbac_rule_get(struct tevent_req *req)
{
struct hbac_get_rules_state *state =
tevent_req_data(req, struct hbac_get_rules_state);
@@ -1186,16 +1215,6 @@ static void hbac_rule_get(struct tevent_req *req,
struct ldb_dn *hbac_base_dn;
char *object_name;
- if (state->offline) {
- ret = msgs2attrs_array(state, state->hbac_reply_count, msgs,
- &state->hbac_reply_list);
- talloc_zfree(msgs);
- if (ret != EOK) {
- DEBUG(1, ("msgs2attrs_array failed.\n"));
- goto fail;
- }
- }
-
for (i = 0; i < state->hbac_reply_count; i++) {
ret = sysdb_attrs_get_el(state->hbac_reply_list[i], SYSDB_ORIG_DN, &el);
if (ret != EOK) {