summaryrefslogtreecommitdiff
path: root/src/responder/pac
diff options
context:
space:
mode:
Diffstat (limited to 'src/responder/pac')
-rw-r--r--src/responder/pac/pacsrv.h16
-rw-r--r--src/responder/pac/pacsrv_utils.c156
2 files changed, 172 insertions, 0 deletions
diff --git a/src/responder/pac/pacsrv.h b/src/responder/pac/pacsrv.h
index e088e212..c0a13a33 100644
--- a/src/responder/pac/pacsrv.h
+++ b/src/responder/pac/pacsrv.h
@@ -67,6 +67,12 @@ struct local_mapping_ranges {
struct range secondary_rids;
};
+struct grp_info {
+ gid_t gid;
+ char *orig_dn;
+ struct ldb_dn *dn;
+};
+
int pac_cmd_execute(struct cli_ctx *cctx);
struct sss_cmd_table *get_pac_cmds(void);
@@ -106,4 +112,14 @@ errno_t get_pwd_from_pac(TALLOC_CTX *mem_ctx,
struct PAC_LOGON_INFO *logon_info,
struct passwd **_pwd,
struct sysdb_attrs **_attrs);
+
+errno_t diff_gid_lists(TALLOC_CTX *mem_ctx,
+ size_t cur_grp_num,
+ struct grp_info *cur_gid_list,
+ size_t new_gid_num,
+ gid_t *new_gid_list,
+ size_t *_add_gid_num,
+ gid_t **_add_gid_list,
+ size_t *_del_gid_num,
+ struct grp_info ***_del_gid_list);
#endif /* __PACSRV_H__ */
diff --git a/src/responder/pac/pacsrv_utils.c b/src/responder/pac/pacsrv_utils.c
index 101960f0..c9551c99 100644
--- a/src/responder/pac/pacsrv_utils.c
+++ b/src/responder/pac/pacsrv_utils.c
@@ -616,3 +616,159 @@ done:
return ret;
}
+
+errno_t diff_gid_lists(TALLOC_CTX *mem_ctx,
+ size_t cur_grp_num,
+ struct grp_info *cur_grp_list,
+ size_t new_gid_num,
+ gid_t *new_gid_list,
+ size_t *_add_gid_num,
+ gid_t **_add_gid_list,
+ size_t *_del_grp_num,
+ struct grp_info ***_del_grp_list)
+{
+ int ret;
+ size_t c;
+ hash_table_t *table;
+ hash_key_t key;
+ hash_value_t value;
+ size_t add_gid_num = 0;
+ gid_t *add_gid_list = NULL;
+ size_t del_grp_num = 0;
+ struct grp_info **del_grp_list = NULL;
+ TALLOC_CTX *tmp_ctx = NULL;
+ unsigned long value_count;
+ hash_value_t *values;
+
+ if ((cur_grp_num != 0 && cur_grp_list == NULL) ||
+ (new_gid_num != 0 && new_gid_list == NULL)) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Missing group array.\n"));
+ return EINVAL;
+ }
+
+ if (cur_grp_num == 0 && new_gid_num == 0) {
+ ret = EOK;
+ goto done;
+ }
+
+ tmp_ctx = talloc_new(NULL);
+ if (tmp_ctx == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("talloc_new failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ if (cur_grp_num == 0 && new_gid_num != 0) {
+ add_gid_num = new_gid_num;
+ add_gid_list = talloc_array(tmp_ctx, gid_t, add_gid_num);
+ if (add_gid_list == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("talloc_array failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ for (c = 0; c < add_gid_num; c++) {
+ add_gid_list[c] = new_gid_list[c];
+ }
+
+ ret = EOK;
+ goto done;
+ }
+
+ if (cur_grp_num != 0 && new_gid_num == 0) {
+ del_grp_num = cur_grp_num;
+ del_grp_list = talloc_array(tmp_ctx, struct grp_info *, del_grp_num);
+ if (del_grp_list == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("talloc_array failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ for (c = 0; c < del_grp_num; c++) {
+ del_grp_list[c] = &cur_grp_list[c];
+ }
+
+ ret = EOK;
+ goto done;
+ }
+
+ /* Add all current GIDs to a hash and then compare with the new ones in a
+ * single loop */
+ ret = sss_hash_create(tmp_ctx, cur_grp_num, &table);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("sss_hash_create failed.\n"));
+ goto done;
+ }
+
+ key.type = HASH_KEY_ULONG;
+ value.type = HASH_VALUE_PTR;
+ for (c = 0; c < cur_grp_num; c++) {
+ key.ul = (unsigned long) cur_grp_list[c].gid;
+ value.ptr = &cur_grp_list[c];
+
+ ret = hash_enter(table, &key, &value);
+ if (ret != HASH_SUCCESS) {
+ DEBUG(SSSDBG_OP_FAILURE, ("hash_enter failed.\n"));
+ ret = EIO;
+ goto done;
+ }
+ }
+
+ for (c = 0; c < new_gid_num; c++) {
+ key.ul = (unsigned long) new_gid_list[c];
+
+ ret = hash_delete(table, &key);
+ if (ret == HASH_ERROR_KEY_NOT_FOUND) {
+ /* gid not found, must be added */
+ add_gid_num++;
+ add_gid_list = talloc_realloc(tmp_ctx, add_gid_list, gid_t, add_gid_num);
+ if (add_gid_list == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("talloc_realloc failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ add_gid_list[add_gid_num - 1] = new_gid_list[c];
+ } else if (ret != HASH_SUCCESS) {
+ DEBUG(SSSDBG_OP_FAILURE, ("hash_delete failed.\n"));
+ ret = EIO;
+ goto done;
+ }
+ }
+
+ /* the remaining entries in the hash are not in the new list anymore and
+ * must be deleted */
+ ret = hash_values(table, &value_count, &values);
+ if (ret != HASH_SUCCESS) {
+ DEBUG(SSSDBG_OP_FAILURE, ("hash_keys failed.\n"));
+ ret = EIO;
+ goto done;
+ }
+
+ del_grp_num = value_count;
+ del_grp_list = talloc_array(tmp_ctx, struct grp_info *, del_grp_num);
+ if (del_grp_list == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("talloc_array failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ for (c = 0; c < del_grp_num; c++) {
+ del_grp_list[c] = (struct grp_info *) values[c].ptr;
+ }
+
+ ret = EOK;
+
+done:
+
+ if (ret == EOK) {
+ *_add_gid_num = add_gid_num;
+ *_add_gid_list = talloc_steal(mem_ctx, add_gid_list);
+ *_del_grp_num = del_grp_num;
+ *_del_grp_list = talloc_steal(mem_ctx, del_grp_list);
+ }
+
+ talloc_free(tmp_ctx);
+
+ return ret;
+}