diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ad/ad_access.c | 16 | ||||
-rw-r--r-- | src/providers/ad/ad_id.c | 12 | ||||
-rw-r--r-- | src/providers/data_provider_be.c | 5 | ||||
-rw-r--r-- | src/providers/dp_backend.h | 1 | ||||
-rw-r--r-- | src/providers/ipa/ipa_access.c | 42 | ||||
-rw-r--r-- | src/providers/ipa/ipa_auth.c | 22 | ||||
-rw-r--r-- | src/providers/ipa/ipa_hbac_common.c | 16 | ||||
-rw-r--r-- | src/providers/ipa/ipa_hostid.c | 6 | ||||
-rw-r--r-- | src/providers/ipa/ipa_id.c | 13 | ||||
-rw-r--r-- | src/providers/ipa/ipa_selinux.c | 12 | ||||
-rw-r--r-- | src/providers/ipa/ipa_subdomains.c | 3 | ||||
-rw-r--r-- | src/providers/krb5/krb5_auth.c | 14 | ||||
-rw-r--r-- | src/providers/krb5/krb5_wait_queue.c | 8 | ||||
-rw-r--r-- | src/providers/ldap/ldap_access.c | 11 | ||||
-rw-r--r-- | src/providers/ldap/ldap_auth.c | 37 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id.c | 26 | ||||
-rw-r--r-- | src/providers/ldap/sdap_autofs.c | 5 | ||||
-rw-r--r-- | src/providers/ldap/sdap_sudo.c | 3 | ||||
-rw-r--r-- | src/providers/proxy/proxy_auth.c | 19 | ||||
-rw-r--r-- | src/providers/proxy/proxy_id.c | 11 | ||||
-rw-r--r-- | src/providers/proxy/proxy_init.c | 3 | ||||
-rw-r--r-- | src/providers/simple/simple_access.c | 3 |
22 files changed, 155 insertions, 133 deletions
diff --git a/src/providers/ad/ad_access.c b/src/providers/ad/ad_access.c index 66eb4eaa..3c5c66bd 100644 --- a/src/providers/ad/ad_access.c +++ b/src/providers/ad/ad_access.c @@ -34,16 +34,17 @@ void ad_access_handler(struct be_req *breq) { struct tevent_req *req; + struct be_ctx *be_ctx = be_req_get_be_ctx(breq); struct ad_access_ctx *access_ctx = - talloc_get_type(breq->be_ctx->bet_info[BET_ACCESS].pvt_bet_data, + talloc_get_type(be_ctx->bet_info[BET_ACCESS].pvt_bet_data, struct ad_access_ctx); struct pam_data *pd = talloc_get_type(breq->req_data, struct pam_data); struct sss_domain_info *domain; /* Handle subdomains */ - if (strcasecmp(pd->domain, breq->be_ctx->domain->name) != 0) { - domain = new_subdomain(breq, breq->be_ctx->domain, + if (strcasecmp(pd->domain, be_ctx->domain->name) != 0) { + domain = new_subdomain(breq, be_ctx->domain, pd->domain, NULL, NULL); if (domain == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("new_subdomain failed.\n")); @@ -51,15 +52,12 @@ ad_access_handler(struct be_req *breq) return; } } else { - domain = breq->be_ctx->domain; + domain = be_ctx->domain; } /* Verify that the account is not locked */ - req = sdap_access_send(breq, - breq->be_ctx->ev, - breq->be_ctx, domain, - access_ctx->sdap_access_ctx, - pd); + req = sdap_access_send(breq, be_ctx->ev, be_ctx, domain, + access_ctx->sdap_access_ctx, pd); if (!req) { be_req_terminate(breq, DP_ERR_FATAL, PAM_SYSTEM_ERR, NULL); return; diff --git a/src/providers/ad/ad_id.c b/src/providers/ad/ad_id.c index 311c8096..f6e975e1 100644 --- a/src/providers/ad/ad_id.c +++ b/src/providers/ad/ad_id.c @@ -24,25 +24,27 @@ #include "providers/ad/ad_id.h" void -ad_account_info_handler(struct be_req *breq) +ad_account_info_handler(struct be_req *be_req) { struct ad_id_ctx *ad_ctx; struct sdap_id_ctx *sdap_id_ctx; + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); - ad_ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, + ad_ctx = talloc_get_type(be_ctx->bet_info[BET_ID].pvt_bet_data, struct ad_id_ctx); sdap_id_ctx = ad_ctx->sdap_id_ctx; - return sdap_handle_account_info(breq, sdap_id_ctx); + return sdap_handle_account_info(be_req, sdap_id_ctx); } void ad_check_online(struct be_req *be_req) { struct ad_id_ctx *ad_ctx; + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); - ad_ctx = talloc_get_type(be_req->be_ctx->bet_info[BET_ID].pvt_bet_data, - struct ad_id_ctx); + ad_ctx = talloc_get_type(be_ctx->bet_info[BET_ID].pvt_bet_data, + struct ad_id_ctx); return sdap_do_online_check(be_req, ad_ctx->sdap_id_ctx); } diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index bafd1e12..a70dd6ad 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -136,6 +136,11 @@ struct be_req *be_req_create(TALLOC_CTX *mem_ctx, return be_req; } +struct be_ctx *be_req_get_be_ctx(struct be_req *be_req) +{ + return be_req->be_ctx; +} + void be_req_terminate(struct be_req *be_req, int dp_err_type, int errnum, const char *errstr) { diff --git a/src/providers/dp_backend.h b/src/providers/dp_backend.h index 431c80a0..f51c44ea 100644 --- a/src/providers/dp_backend.h +++ b/src/providers/dp_backend.h @@ -260,6 +260,7 @@ void reset_fo(struct be_ctx *be_ctx); struct be_req *be_req_create(TALLOC_CTX *mem_ctx, struct be_client *becli, struct be_ctx *be_ctx, be_async_callback_t fn, void *pvt_fn_data); +struct be_ctx *be_req_get_be_ctx(struct be_req *be_req); void be_req_terminate(struct be_req *be_req, int dp_err_type, int errnum, const char *errstr); diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c index 1b626029..7a3dbaaf 100644 --- a/src/providers/ipa/ipa_access.c +++ b/src/providers/ipa/ipa_access.c @@ -78,23 +78,20 @@ void ipa_access_handler(struct be_req *be_req) struct pam_data *pd; struct ipa_access_ctx *ipa_access_ctx; struct tevent_req *req; + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); pd = talloc_get_type(be_req->req_data, struct pam_data); - ipa_access_ctx = talloc_get_type( - be_req->be_ctx->bet_info[BET_ACCESS].pvt_bet_data, - struct ipa_access_ctx); + ipa_access_ctx = talloc_get_type(be_ctx->bet_info[BET_ACCESS].pvt_bet_data, + struct ipa_access_ctx); /* First, verify that this account isn't locked. * We need to do this in case the auth phase was * skipped (such as during GSSAPI single-sign-on * or SSH public key exchange. */ - req = sdap_access_send(be_req, - be_req->be_ctx->ev, - be_req->be_ctx, be_req->be_ctx->domain, - ipa_access_ctx->sdap_access_ctx, - pd); + req = sdap_access_send(be_req, be_ctx->ev, be_ctx, be_ctx->domain, + ipa_access_ctx->sdap_access_ctx, pd); if (!req) { be_req_terminate(be_req, DP_ERR_FATAL, PAM_SYSTEM_ERR, NULL); return; @@ -105,6 +102,7 @@ void ipa_access_handler(struct be_req *be_req) static void ipa_hbac_check(struct tevent_req *req) { struct be_req *be_req; + struct be_ctx *be_ctx; struct pam_data *pd; struct hbac_ctx *hbac_ctx = NULL; const char *deny_method; @@ -113,6 +111,7 @@ static void ipa_hbac_check(struct tevent_req *req) int ret; be_req = tevent_req_callback_data(req, struct be_req); + be_ctx = be_req_get_be_ctx(be_req); pd = talloc_get_type(be_req->req_data, struct pam_data); ret = sdap_access_recv(req, &pam_status); @@ -147,9 +146,8 @@ static void ipa_hbac_check(struct tevent_req *req) hbac_ctx->be_req = be_req; hbac_ctx->pd = pd; - ipa_access_ctx = talloc_get_type( - be_req->be_ctx->bet_info[BET_ACCESS].pvt_bet_data, - struct ipa_access_ctx); + ipa_access_ctx = talloc_get_type(be_ctx->bet_info[BET_ACCESS].pvt_bet_data, + struct ipa_access_ctx); hbac_ctx->access_ctx = ipa_access_ctx; hbac_ctx->sdap_ctx = ipa_access_ctx->sdap_ctx; hbac_ctx->ipa_options = ipa_access_ctx->ipa_options; @@ -191,8 +189,9 @@ static int hbac_retry(struct hbac_ctx *hbac_ctx) bool offline; time_t now, refresh_interval; struct ipa_access_ctx *access_ctx = hbac_ctx->access_ctx; + struct be_ctx *be_ctx = be_req_get_be_ctx(hbac_ctx->be_req); - offline = be_is_offline(hbac_ctx->be_req->be_ctx); + offline = be_is_offline(be_ctx); DEBUG(9, ("Connection status is [%s].\n", offline ? "offline" : "online")); refresh_interval = dp_opt_get_int(hbac_ctx->ipa_options, @@ -332,6 +331,7 @@ static void hbac_sysdb_save (struct tevent_req *req); static int hbac_get_host_info_step(struct hbac_ctx *hbac_ctx) { + struct be_ctx *be_ctx = be_req_get_be_ctx(hbac_ctx->be_req); const char *hostname; struct tevent_req *req; @@ -345,8 +345,7 @@ static int hbac_get_host_info_step(struct hbac_ctx *hbac_ctx) hostname = dp_opt_get_string(hbac_ctx->ipa_options, IPA_HOSTNAME); } - req = ipa_host_info_send(hbac_ctx, - hbac_ctx->be_req->be_ctx->ev, + req = ipa_host_info_send(hbac_ctx, be_ctx->ev, sdap_id_op_handle(hbac_ctx->sdap_op), hbac_ctx->sdap_ctx->opts, hostname, @@ -367,6 +366,7 @@ static void hbac_get_service_info_step(struct tevent_req *req) errno_t ret; struct hbac_ctx *hbac_ctx = tevent_req_callback_data(req, struct hbac_ctx); + struct be_ctx *be_ctx = be_req_get_be_ctx(hbac_ctx->be_req); ret = ipa_host_info_recv(req, hbac_ctx, &hbac_ctx->host_count, @@ -379,8 +379,7 @@ static void hbac_get_service_info_step(struct tevent_req *req) } /* Get services and service groups */ - req = ipa_hbac_service_info_send(hbac_ctx, - hbac_ctx->be_req->be_ctx->ev, + req = ipa_hbac_service_info_send(hbac_ctx, be_ctx->ev, sdap_id_op_handle(hbac_ctx->sdap_op), hbac_ctx->sdap_ctx->opts, hbac_ctx->search_bases); @@ -403,6 +402,7 @@ static void hbac_get_rule_info_step(struct tevent_req *req) const char *hostname; struct hbac_ctx *hbac_ctx = tevent_req_callback_data(req, struct hbac_ctx); + struct be_ctx *be_ctx = be_req_get_be_ctx(hbac_ctx->be_req); ret = ipa_hbac_service_info_recv(req, hbac_ctx, &hbac_ctx->service_count, @@ -445,7 +445,7 @@ static void hbac_get_rule_info_step(struct tevent_req *req) /* Get the list of applicable rules */ req = ipa_hbac_rule_info_send(hbac_ctx, hbac_ctx->get_deny_rules, - hbac_ctx->be_req->be_ctx->ev, + be_ctx->ev, sdap_id_op_handle(hbac_ctx->sdap_op), hbac_ctx->sdap_ctx->opts, hbac_ctx->search_bases, @@ -468,10 +468,11 @@ static void hbac_sysdb_save(struct tevent_req *req) bool in_transaction = false; struct hbac_ctx *hbac_ctx = tevent_req_callback_data(req, struct hbac_ctx); - struct sss_domain_info *domain = hbac_ctx->be_req->be_ctx->domain; + struct be_ctx *be_ctx = be_req_get_be_ctx(hbac_ctx->be_req); + struct sss_domain_info *domain = be_ctx->domain; struct ldb_dn *base_dn; struct ipa_access_ctx *access_ctx = - talloc_get_type(hbac_ctx->be_req->be_ctx->bet_info[BET_ACCESS].pvt_bet_data, + talloc_get_type(be_ctx->bet_info[BET_ACCESS].pvt_bet_data, struct ipa_access_ctx); TALLOC_CTX *tmp_ctx; @@ -594,6 +595,7 @@ fail: void ipa_hbac_evaluate_rules(struct hbac_ctx *hbac_ctx) { + struct be_ctx *be_ctx = be_req_get_be_ctx(hbac_ctx->be_req); errno_t ret; struct hbac_rule **hbac_rules; struct hbac_eval_req *eval_req; @@ -601,7 +603,7 @@ void ipa_hbac_evaluate_rules(struct hbac_ctx *hbac_ctx) struct hbac_info *info; /* Get HBAC rules from the sysdb */ - ret = hbac_get_cached_rules(hbac_ctx, hbac_ctx->be_req->be_ctx->domain, + ret = hbac_get_cached_rules(hbac_ctx, be_ctx->domain, &hbac_ctx->rule_count, &hbac_ctx->rules); if (ret != EOK) { DEBUG(1, ("Could not retrieve rules from the cache\n")); diff --git a/src/providers/ipa/ipa_auth.c b/src/providers/ipa/ipa_auth.c index c0912e64..5c5b34ae 100644 --- a/src/providers/ipa/ipa_auth.c +++ b/src/providers/ipa/ipa_auth.c @@ -190,6 +190,7 @@ void ipa_auth(struct be_req *be_req) struct tevent_req *req; struct ipa_auth_state *state; struct pam_data *pd = talloc_get_type(be_req->req_data, struct pam_data); + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); state = talloc_zero(be_req, struct ipa_auth_state); if (state == NULL) { @@ -201,28 +202,28 @@ void ipa_auth(struct be_req *be_req) state->sh = NULL; state->be_req = be_req; - state->ev = be_req->be_ctx->ev; + state->ev = be_ctx->ev; state->pd = pd; switch (state->pd->cmd) { case SSS_PAM_AUTHENTICATE: state->ipa_auth_ctx = talloc_get_type( - be_req->be_ctx->bet_info[BET_AUTH].pvt_bet_data, - struct ipa_auth_ctx); + be_ctx->bet_info[BET_AUTH].pvt_bet_data, + struct ipa_auth_ctx); break; case SSS_PAM_CHAUTHTOK: case SSS_PAM_CHAUTHTOK_PRELIM: state->ipa_auth_ctx = talloc_get_type( - be_req->be_ctx->bet_info[BET_CHPASS].pvt_bet_data, - struct ipa_auth_ctx); + be_ctx->bet_info[BET_CHPASS].pvt_bet_data, + struct ipa_auth_ctx); break; default: DEBUG(SSSDBG_OP_FAILURE, ("Unsupported PAM task.\n")); goto fail; } - req = krb5_auth_send(state, state->ev, be_req->be_ctx, state->pd, + req = krb5_auth_send(state, state->ev, be_ctx, state->pd, state->ipa_auth_ctx->krb5_auth_ctx); if (req == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("krb5_auth_send failed.\n")); @@ -324,6 +325,7 @@ static void ipa_migration_flag_connect_done(struct tevent_req *req) { struct ipa_auth_state *state = tevent_req_callback_data(req, struct ipa_auth_state); + struct be_ctx *be_ctx = be_req_get_be_ctx(state->be_req); const char **attrs; struct ldb_message *user_msg; const char *dn; @@ -352,8 +354,8 @@ static void ipa_migration_flag_connect_done(struct tevent_req *req) attrs[0] = SYSDB_ORIG_DN; attrs[1] = NULL; - ret = sysdb_search_user_by_name(state, state->be_req->be_ctx->domain->sysdb, - state->be_req->be_ctx->domain, + ret = sysdb_search_user_by_name(state, be_ctx->domain->sysdb, + be_ctx->domain, state->pd->user, attrs, &user_msg); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("sysdb_search_user_by_name failed.\n")); @@ -387,6 +389,7 @@ static void ipa_auth_ldap_done(struct tevent_req *req) { struct ipa_auth_state *state = tevent_req_callback_data(req, struct ipa_auth_state); + struct be_ctx *be_ctx = be_req_get_be_ctx(state->be_req); int ret; int dp_err = DP_ERR_FATAL; enum sdap_result result; @@ -412,8 +415,7 @@ static void ipa_auth_ldap_done(struct tevent_req *req) DEBUG(SSSDBG_TRACE_FUNC, ("LDAP authentication succeded, " "trying Kerberos authentication again.\n")); - req = krb5_auth_send(state, state->ev, - state->be_req->be_ctx, state->pd, + req = krb5_auth_send(state, state->ev, be_ctx, state->pd, state->ipa_auth_ctx->krb5_auth_ctx); if (req == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("krb5_auth_send failed.\n")); diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c index 17499d31..90ec0ce4 100644 --- a/src/providers/ipa/ipa_hbac_common.c +++ b/src/providers/ipa/ipa_hbac_common.c @@ -264,6 +264,7 @@ hbac_attrs_to_rule(TALLOC_CTX *mem_ctx, size_t idx, struct hbac_rule **rule) { + struct be_ctx *be_ctx = be_req_get_be_ctx(hbac_ctx->be_req); errno_t ret; struct hbac_rule *new_rule; struct ldb_message_element *el; @@ -306,8 +307,7 @@ hbac_attrs_to_rule(TALLOC_CTX *mem_ctx, } /* Get the users */ - ret = hbac_user_attrs_to_rule(new_rule, - hbac_ctx->be_req->be_ctx->domain, + ret = hbac_user_attrs_to_rule(new_rule, be_ctx->domain, new_rule->name, hbac_ctx->rules[idx], &new_rule->users); @@ -318,8 +318,7 @@ hbac_attrs_to_rule(TALLOC_CTX *mem_ctx, } /* Get the services */ - ret = hbac_service_attrs_to_rule(new_rule, - hbac_ctx->be_req->be_ctx->domain, + ret = hbac_service_attrs_to_rule(new_rule, be_ctx->domain, new_rule->name, hbac_ctx->rules[idx], &new_rule->services); @@ -330,8 +329,7 @@ hbac_attrs_to_rule(TALLOC_CTX *mem_ctx, } /* Get the target hosts */ - ret = hbac_thost_attrs_to_rule(new_rule, - hbac_ctx->be_req->be_ctx->domain, + ret = hbac_thost_attrs_to_rule(new_rule, be_ctx->domain, new_rule->name, hbac_ctx->rules[idx], &new_rule->targethosts); @@ -343,8 +341,7 @@ hbac_attrs_to_rule(TALLOC_CTX *mem_ctx, /* Get the source hosts */ - ret = hbac_shost_attrs_to_rule(new_rule, - hbac_ctx->be_req->be_ctx->domain, + ret = hbac_shost_attrs_to_rule(new_rule, be_ctx->domain, new_rule->name, hbac_ctx->rules[idx], dp_opt_get_bool(hbac_ctx->ipa_options, @@ -431,7 +428,8 @@ hbac_ctx_to_eval_request(TALLOC_CTX *mem_ctx, struct pam_data *pd = hbac_ctx->pd; TALLOC_CTX *tmp_ctx; struct hbac_eval_req *eval_req; - struct sss_domain_info *domain = hbac_ctx->be_req->be_ctx->domain; + struct be_ctx *be_ctx = be_req_get_be_ctx(hbac_ctx->be_req); + struct sss_domain_info *domain = be_ctx->domain; const char *rhost; const char *thost; struct sss_domain_info *user_dom; diff --git a/src/providers/ipa/ipa_hostid.c b/src/providers/ipa/ipa_hostid.c index b60876cb..448914ba 100644 --- a/src/providers/ipa/ipa_hostid.c +++ b/src/providers/ipa/ipa_hostid.c @@ -55,6 +55,7 @@ ipa_host_info_hosts_done(struct tevent_req *req); void ipa_host_info_handler(struct be_req *breq) { + struct be_ctx *be_ctx = be_req_get_be_ctx(breq); struct ipa_hostid_ctx *hostid_ctx; struct sdap_id_ctx *ctx; struct be_host_req *hr; @@ -63,7 +64,8 @@ ipa_host_info_handler(struct be_req *breq) errno_t ret = EOK; const char *err = "Unknown Error"; - hostid_ctx = talloc_get_type(breq->be_ctx->bet_info[BET_HOSTID].pvt_bet_data, struct ipa_hostid_ctx); + hostid_ctx = talloc_get_type(be_ctx->bet_info[BET_HOSTID].pvt_bet_data, + struct ipa_hostid_ctx); ctx = hostid_ctx->sdap_id_ctx; if (be_is_offline(ctx->be)) { @@ -81,7 +83,7 @@ ipa_host_info_handler(struct be_req *breq) goto done; } - req = hosts_get_send(breq, breq->be_ctx->ev, hostid_ctx, + req = hosts_get_send(breq, be_ctx->ev, hostid_ctx, hr->name, hr->alias); if (!req) { ret = ENOMEM; diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ipa_id.c index 82e29826..0344a184 100644 --- a/src/providers/ipa/ipa_id.c +++ b/src/providers/ipa/ipa_id.c @@ -66,12 +66,14 @@ static void ipa_account_info_done(struct tevent_req *req); void ipa_account_info_handler(struct be_req *breq) { + struct be_ctx *be_ctx = be_req_get_be_ctx(breq); struct ipa_id_ctx *ipa_ctx; struct sdap_id_ctx *ctx; struct be_acct_req *ar; struct tevent_req *req = NULL; - ipa_ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct ipa_id_ctx); + ipa_ctx = talloc_get_type(be_ctx->bet_info[BET_ID].pvt_bet_data, + struct ipa_id_ctx); ctx = ipa_ctx->sdap_id_ctx; if (be_is_offline(ctx->be)) { @@ -80,9 +82,9 @@ void ipa_account_info_handler(struct be_req *breq) ar = talloc_get_type(breq->req_data, struct be_acct_req); - if (strcasecmp(ar->domain, breq->be_ctx->domain->name) != 0) { + if (strcasecmp(ar->domain, be_ctx->domain->name) != 0) { /* if domain names do not match, this is a subdomain case */ - req = ipa_get_subdom_acct_send(breq, breq->be_ctx->ev, ctx, ar); + req = ipa_get_subdom_acct_send(breq, be_ctx->ev, ctx, ar); } else if ((ar->entry_type & BE_REQ_TYPE_MASK) == BE_REQ_NETGROUP) { /* netgroups are handled by a separate request function */ @@ -90,7 +92,7 @@ void ipa_account_info_handler(struct be_req *breq) return sdap_handler_done(breq, DP_ERR_FATAL, EINVAL, "Invalid filter type"); } - req = ipa_id_get_netgroup_send(breq, breq->be_ctx->ev, + req = ipa_id_get_netgroup_send(breq, be_ctx->ev, ipa_ctx, ar->filter_value); } else { /* any account request is handled by sdap, @@ -321,9 +323,10 @@ static int ipa_id_get_netgroup_recv(struct tevent_req *req, int *dp_error) void ipa_check_online(struct be_req *be_req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); struct ipa_id_ctx *ipa_ctx; - ipa_ctx = talloc_get_type(be_req->be_ctx->bet_info[BET_ID].pvt_bet_data, + ipa_ctx = talloc_get_type(be_ctx->bet_info[BET_ID].pvt_bet_data, struct ipa_id_ctx); return sdap_do_online_check(be_req, ipa_ctx->sdap_id_ctx); diff --git a/src/providers/ipa/ipa_selinux.c b/src/providers/ipa/ipa_selinux.c index 8ed17a2f..2203069c 100644 --- a/src/providers/ipa/ipa_selinux.c +++ b/src/providers/ipa/ipa_selinux.c @@ -82,6 +82,7 @@ struct ipa_selinux_op_ctx { void ipa_selinux_handler(struct be_req *be_req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); struct ipa_selinux_ctx *selinux_ctx; struct ipa_selinux_op_ctx *op_ctx; struct tevent_req *req; @@ -90,9 +91,8 @@ void ipa_selinux_handler(struct be_req *be_req) pd = talloc_get_type(be_req->req_data, struct pam_data); - selinux_ctx = talloc_get_type( - be_req->be_ctx->bet_info[BET_SELINUX].pvt_bet_data, - struct ipa_selinux_ctx); + selinux_ctx = talloc_get_type(be_ctx->bet_info[BET_SELINUX].pvt_bet_data, + struct ipa_selinux_ctx); hostname = dp_opt_get_string(selinux_ctx->id_ctx->ipa_options->basic, IPA_HOSTNAME); @@ -101,15 +101,15 @@ void ipa_selinux_handler(struct be_req *be_req) goto fail; } - op_ctx = ipa_selinux_create_op_ctx(be_req, be_req->be_ctx->domain->sysdb, - be_req->be_ctx->domain, + op_ctx = ipa_selinux_create_op_ctx(be_req, be_ctx->domain->sysdb, + be_ctx->domain, be_req, pd->user, hostname); if (op_ctx == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("Cannot create op context\n")); goto fail; } - req = ipa_get_selinux_send(be_req, be_req->be_ctx, + req = ipa_get_selinux_send(be_req, be_ctx, op_ctx->user, op_ctx->host, selinux_ctx); if (req == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("Cannot initiate the search\n")); diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c index e234ca1b..c9ab3aad 100644 --- a/src/providers/ipa/ipa_subdomains.c +++ b/src/providers/ipa/ipa_subdomains.c @@ -992,10 +992,11 @@ done: void ipa_subdomains_handler(struct be_req *be_req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); struct ipa_subdomains_ctx *ctx; time_t now; - ctx = talloc_get_type(be_req->be_ctx->bet_info[BET_SUBDOMAINS].pvt_bet_data, + ctx = talloc_get_type(be_ctx->bet_info[BET_SUBDOMAINS].pvt_bet_data, struct ipa_subdomains_ctx); if (!ctx) { be_req_terminate(be_req, DP_ERR_FATAL, EINVAL, NULL); diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index e3fd5f78..fd521c30 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -213,6 +213,7 @@ static int krb5_delete_ccname(TALLOC_CTX *mem_ctx, static struct krb5_ctx *get_krb5_ctx(struct be_req *be_req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); struct pam_data *pd; pd = talloc_get_type(be_req->req_data, struct pam_data); @@ -220,16 +221,16 @@ static struct krb5_ctx *get_krb5_ctx(struct be_req *be_req) switch (pd->cmd) { case SSS_PAM_AUTHENTICATE: case SSS_CMD_RENEW: - return talloc_get_type(be_req->be_ctx->bet_info[BET_AUTH].pvt_bet_data, + return talloc_get_type(be_ctx->bet_info[BET_AUTH].pvt_bet_data, struct krb5_ctx); break; case SSS_PAM_ACCT_MGMT: - return talloc_get_type(be_req->be_ctx->bet_info[BET_ACCESS].pvt_bet_data, + return talloc_get_type(be_ctx->bet_info[BET_ACCESS].pvt_bet_data, struct krb5_ctx); break; case SSS_PAM_CHAUTHTOK: case SSS_PAM_CHAUTHTOK_PRELIM: - return talloc_get_type(be_req->be_ctx->bet_info[BET_CHPASS].pvt_bet_data, + return talloc_get_type(be_ctx->bet_info[BET_CHPASS].pvt_bet_data, struct krb5_ctx); break; default: @@ -1126,6 +1127,7 @@ static void krb5_pam_handler_access_done(struct tevent_req *req); void krb5_pam_handler(struct be_req *be_req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); struct tevent_req *req; struct pam_data *pd; struct krb5_ctx *krb5_ctx; @@ -1159,8 +1161,7 @@ void krb5_pam_handler(struct be_req *be_req) "running request immediately.\n", pd->user)); } - req = krb5_auth_send(be_req, be_req->be_ctx->ev, be_req->be_ctx, pd, - krb5_ctx); + req = krb5_auth_send(be_req, be_ctx->ev, be_ctx, pd, krb5_ctx); if (req == NULL) { DEBUG(1, ("krb5_auth_send failed.\n")); goto done; @@ -1169,8 +1170,7 @@ void krb5_pam_handler(struct be_req *be_req) tevent_req_set_callback(req, krb5_pam_handler_auth_done, be_req); break; case SSS_PAM_ACCT_MGMT: - req = krb5_access_send(be_req, be_req->be_ctx->ev, be_req->be_ctx, - pd, krb5_ctx); + req = krb5_access_send(be_req, be_ctx->ev, be_ctx, pd, krb5_ctx); if (req == NULL) { DEBUG(1, ("krb5_access_send failed.\n")); goto done; diff --git a/src/providers/krb5/krb5_wait_queue.c b/src/providers/krb5/krb5_wait_queue.c index da1e35b7..8b7b9a37 100644 --- a/src/providers/krb5/krb5_wait_queue.c +++ b/src/providers/krb5/krb5_wait_queue.c @@ -42,10 +42,10 @@ static void wait_queue_auth(struct tevent_context *ev, struct tevent_timer *te, struct timeval current_time, void *private_data) { struct queue_entry *qe = talloc_get_type(private_data, struct queue_entry); + struct be_ctx *be_ctx = be_req_get_be_ctx(qe->be_req); struct tevent_req *req; - req = krb5_auth_send(qe->be_req, qe->be_req->be_ctx->ev, - qe->be_req->be_ctx, qe->pd, qe->krb5_ctx); + req = krb5_auth_send(qe->be_req, be_ctx->ev, be_ctx, qe->pd, qe->krb5_ctx); if (req == NULL) { DEBUG(1, ("krb5_auth_send failed.\n")); } else { @@ -151,6 +151,7 @@ void check_wait_queue(struct krb5_ctx *krb5_ctx, char *username) struct queue_entry *head; struct queue_entry *queue_entry; struct tevent_timer *te; + struct be_ctx *be_ctx; if (krb5_ctx->wait_queue_hash == NULL) { DEBUG(1, ("No wait queue available.\n")); @@ -178,7 +179,8 @@ void check_wait_queue(struct krb5_ctx *krb5_ctx, char *username) DLIST_REMOVE(head, queue_entry); - te = tevent_add_timer(queue_entry->be_req->be_ctx->ev, krb5_ctx, + be_ctx = be_req_get_be_ctx(queue_entry->be_req); + te = tevent_add_timer(be_ctx->ev, krb5_ctx, tevent_timeval_current(), wait_queue_auth, queue_entry); if (te == NULL) { diff --git a/src/providers/ldap/ldap_access.c b/src/providers/ldap/ldap_access.c index cc1127c2..5ab17abd 100644 --- a/src/providers/ldap/ldap_access.c +++ b/src/providers/ldap/ldap_access.c @@ -44,6 +44,7 @@ static void sdap_access_reply(struct be_req *be_req, int pam_status) static void sdap_access_done(struct tevent_req *req); void sdap_pam_access_handler(struct be_req *breq) { + struct be_ctx *be_ctx = be_req_get_be_ctx(breq); struct pam_data *pd; struct tevent_req *req; struct sdap_access_ctx *access_ctx; @@ -51,15 +52,11 @@ void sdap_pam_access_handler(struct be_req *breq) pd = talloc_get_type(breq->req_data, struct pam_data); access_ctx = - talloc_get_type(breq->be_ctx->bet_info[BET_ACCESS].pvt_bet_data, + talloc_get_type(be_ctx->bet_info[BET_ACCESS].pvt_bet_data, struct sdap_access_ctx); - req = sdap_access_send(breq, - breq->be_ctx->ev, - breq->be_ctx, - breq->be_ctx->domain, - access_ctx, - pd); + req = sdap_access_send(breq, be_ctx->ev, be_ctx, + be_ctx->domain, access_ctx, pd); if (req == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to start sdap_access request\n")); sdap_access_reply(breq, PAM_SYSTEM_ERR); diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index b24f7f39..76c23e15 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -732,13 +732,14 @@ static void sdap_pam_chpass_done(struct tevent_req *req); void sdap_pam_chpass_handler(struct be_req *breq) { + struct be_ctx *be_ctx = be_req_get_be_ctx(breq); struct sdap_pam_chpass_state *state; struct sdap_auth_ctx *ctx; struct tevent_req *subreq; struct pam_data *pd; int dp_err = DP_ERR_FATAL; - ctx = talloc_get_type(breq->be_ctx->bet_info[BET_CHPASS].pvt_bet_data, + ctx = talloc_get_type(be_ctx->bet_info[BET_CHPASS].pvt_bet_data, struct sdap_auth_ctx); pd = talloc_get_type(breq->req_data, struct pam_data); @@ -774,7 +775,7 @@ void sdap_pam_chpass_handler(struct be_req *breq) state->username = pd->user; state->ctx = ctx; - subreq = auth_send(breq, breq->be_ctx->ev, ctx, + subreq = auth_send(breq, be_ctx->ev, ctx, state->username, &pd->authtok, true); if (!subreq) goto done; @@ -790,6 +791,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req) { struct sdap_pam_chpass_state *state = tevent_req_callback_data(req, struct sdap_pam_chpass_state); + struct be_ctx *be_ctx = be_req_get_be_ctx(state->breq); struct tevent_req *subreq; enum sdap_result result; enum pwexpire pw_expire_type; @@ -828,7 +830,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req) break; case PWEXPIRE_KERBEROS: ret = check_pwexpire_kerberos(pw_expire_data, time(NULL), NULL, &result, - state->breq->be_ctx->domain->pwd_expiration_warning); + be_ctx->domain->pwd_expiration_warning); if (ret != EOK) { DEBUG(1, ("check_pwexpire_kerberos failed.\n")); state->pd->pam_status = PAM_SYSTEM_ERR; @@ -878,8 +880,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req) goto done; } - subreq = sdap_exop_modify_passwd_send(state, - state->breq->be_ctx->ev, + subreq = sdap_exop_modify_passwd_send(state, be_ctx->ev, state->sh, state->dn, password, new_password); if (!subreq) { @@ -895,7 +896,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req) break; case SDAP_UNAVAIL: state->pd->pam_status = PAM_AUTHINFO_UNAVAIL; - be_mark_offline(state->breq->be_ctx); + be_mark_offline(be_ctx); dp_err = DP_ERR_OFFLINE; break; default: @@ -910,6 +911,7 @@ static void sdap_pam_chpass_done(struct tevent_req *req) { struct sdap_pam_chpass_state *state = tevent_req_callback_data(req, struct sdap_pam_chpass_state); + struct be_ctx *be_ctx = be_req_get_be_ctx(state->breq); enum sdap_result result; int dp_err = DP_ERR_FATAL; int ret; @@ -957,11 +959,9 @@ static void sdap_pam_chpass_done(struct tevent_req *req) SDAP_CHPASS_UPDATE_LAST_CHANGE)) { lastchanged_name = state->ctx->opts->user_map[SDAP_AT_SP_LSTCHG].name; - subreq = sdap_modify_shadow_lastchange_send(state, - state->breq->be_ctx->ev, - state->sh, - state->dn, - lastchanged_name); + subreq = sdap_modify_shadow_lastchange_send(state, be_ctx->ev, + state->sh, state->dn, + lastchanged_name); if (subreq == NULL) { state->pd->pam_status = PAM_SYSTEM_ERR; goto done; @@ -1006,13 +1006,14 @@ static void sdap_pam_auth_done(struct tevent_req *req); void sdap_pam_auth_handler(struct be_req *breq) { + struct be_ctx *be_ctx = be_req_get_be_ctx(breq); struct sdap_pam_auth_state *state; struct sdap_auth_ctx *ctx; struct tevent_req *subreq; struct pam_data *pd; int dp_err = DP_ERR_FATAL; - ctx = talloc_get_type(breq->be_ctx->bet_info[BET_AUTH].pvt_bet_data, + ctx = talloc_get_type(be_ctx->bet_info[BET_AUTH].pvt_bet_data, struct sdap_auth_ctx); pd = talloc_get_type(breq->req_data, struct pam_data); @@ -1035,7 +1036,7 @@ void sdap_pam_auth_handler(struct be_req *breq) state->breq = breq; state->pd = pd; - subreq = auth_send(breq, breq->be_ctx->ev, ctx, + subreq = auth_send(breq, be_ctx->ev, ctx, pd->user, &pd->authtok, pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM ? true : false); if (!subreq) goto done; @@ -1066,9 +1067,9 @@ static void sdap_pam_auth_done(struct tevent_req *req) { struct sdap_pam_auth_state *state = tevent_req_callback_data(req, struct sdap_pam_auth_state); + struct be_ctx *be_ctx = be_req_get_be_ctx(state->breq); enum sdap_result result; enum pwexpire pw_expire_type; - struct be_ctx *be_ctx = state->breq->be_ctx; void *pw_expire_data; const char *password; int dp_err = DP_ERR_OK; @@ -1145,18 +1146,16 @@ static void sdap_pam_auth_done(struct tevent_req *req) } if (result == SDAP_UNAVAIL) { - be_mark_offline(state->breq->be_ctx); + be_mark_offline(be_ctx); dp_err = DP_ERR_OFFLINE; goto done; } - if (result == SDAP_AUTH_SUCCESS && - state->breq->be_ctx->domain->cache_credentials) { + if (result == SDAP_AUTH_SUCCESS && be_ctx->domain->cache_credentials) { ret = sss_authtok_get_password(&state->pd->authtok, &password, NULL); if (ret == EOK) { - ret = sysdb_cache_password(state->breq->be_ctx->domain->sysdb, - state->breq->be_ctx->domain, + ret = sysdb_cache_password(be_ctx->domain->sysdb, be_ctx->domain, state->pd->user, password); } diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index 5b5edec4..efa1769b 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -764,9 +764,10 @@ int groups_by_user_recv(struct tevent_req *req, int *dp_error_out) static void sdap_check_online_done(struct tevent_req *req); void sdap_check_online(struct be_req *be_req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); struct sdap_id_ctx *ctx; - ctx = talloc_get_type(be_req->be_ctx->bet_info[BET_ID].pvt_bet_data, + ctx = talloc_get_type(be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx); return sdap_do_online_check(be_req, ctx); @@ -779,6 +780,7 @@ struct sdap_online_check_ctx { void sdap_do_online_check(struct be_req *be_req, struct sdap_id_ctx *ctx) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); struct tevent_req *req; struct sdap_online_check_ctx *check_ctx; errno_t ret; @@ -792,8 +794,8 @@ void sdap_do_online_check(struct be_req *be_req, struct sdap_id_ctx *ctx) check_ctx->id_ctx = ctx; check_ctx->be_req = be_req; - req = sdap_cli_connect_send(be_req, be_req->be_ctx->ev, ctx->opts, - be_req->be_ctx, ctx->service, false, + req = sdap_cli_connect_send(be_req, be_ctx->ev, ctx->opts, + be_ctx, ctx->service, false, CON_TLS_DFL, false); if (req == NULL) { DEBUG(1, ("sdap_cli_connect_send failed.\n")); @@ -821,6 +823,7 @@ static void sdap_check_online_done(struct tevent_req *req) struct sdap_id_ctx *id_ctx; struct tevent_req *reinit_req = NULL; bool reinit = false; + struct be_ctx *be_ctx; ret = sdap_cli_connect_recv(req, NULL, &can_retry, NULL, &srv_opts); talloc_zfree(req); @@ -853,13 +856,14 @@ static void sdap_check_online_done(struct tevent_req *req) } be_req = check_ctx->be_req; + be_ctx = be_req_get_be_ctx(be_req); id_ctx = check_ctx->id_ctx; talloc_free(check_ctx); if (reinit) { DEBUG(SSSDBG_TRACE_FUNC, ("Server reinitialization detected. " "Cleaning cache.\n")); - reinit_req = sdap_reinit_cleanup_send(be_req, be_req->be_ctx, id_ctx); + reinit_req = sdap_reinit_cleanup_send(be_req, be_ctx, id_ctx); if (reinit_req == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to perform reinitialization " "clean up.\n")); @@ -909,9 +913,10 @@ void sdap_handle_account_info(struct be_req *breq, struct sdap_id_ctx *ctx); void sdap_account_info_handler(struct be_req *breq) { + struct be_ctx *be_ctx = be_req_get_be_ctx(breq); struct sdap_id_ctx *ctx; - ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx); + ctx = talloc_get_type(be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx); if (!ctx) { DEBUG(SSSDBG_CRIT_FAILURE, ("Could not get sdap ctx\n")); return sdap_handler_done(breq, DP_ERR_FATAL, @@ -922,6 +927,7 @@ void sdap_account_info_handler(struct be_req *breq) void sdap_handle_account_info(struct be_req *breq, struct sdap_id_ctx *ctx) { + struct be_ctx *be_ctx = be_req_get_be_ctx(breq); struct be_acct_req *ar; struct tevent_req *req; const char *err = "Unknown Error"; @@ -941,7 +947,7 @@ void sdap_handle_account_info(struct be_req *breq, struct sdap_id_ctx *ctx) return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success"); } - req = users_get_send(breq, breq->be_ctx->ev, ctx, + req = users_get_send(breq, be_ctx->ev, ctx, ar->filter_value, ar->filter_type, ar->attr_type); @@ -960,7 +966,7 @@ void sdap_handle_account_info(struct be_req *breq, struct sdap_id_ctx *ctx) return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success"); } - req = groups_get_send(breq, breq->be_ctx->ev, ctx, + req = groups_get_send(breq, be_ctx->ev, ctx, ar->filter_value, ar->filter_type, ar->attr_type); @@ -983,7 +989,7 @@ void sdap_handle_account_info(struct be_req *breq, struct sdap_id_ctx *ctx) err = "Invalid attr type"; break; } - req = groups_by_user_send(breq, breq->be_ctx->ev, ctx, + req = groups_by_user_send(breq, be_ctx->ev, ctx, ar->filter_value); if (!req) ret = ENOMEM; /* tevent_req_set_callback(req, groups_by_user_done, breq); */ @@ -999,7 +1005,7 @@ void sdap_handle_account_info(struct be_req *breq, struct sdap_id_ctx *ctx) break; } - req = ldap_netgroup_get_send(breq, breq->be_ctx->ev, ctx, ar->filter_value); + req = ldap_netgroup_get_send(breq, be_ctx->ev, ctx, ar->filter_value); if (!req) { return sdap_handler_done(breq, DP_ERR_FATAL, ENOMEM, "Out of memory"); } @@ -1013,7 +1019,7 @@ void sdap_handle_account_info(struct be_req *breq, struct sdap_id_ctx *ctx) return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success"); } - req = services_get_send(breq, breq->be_ctx->ev, ctx, + req = services_get_send(breq, be_ctx->ev, ctx, ar->filter_value, ar->extra_value, ar->filter_type); diff --git a/src/providers/ldap/sdap_autofs.c b/src/providers/ldap/sdap_autofs.c index 6fb64099..2c8a238a 100644 --- a/src/providers/ldap/sdap_autofs.c +++ b/src/providers/ldap/sdap_autofs.c @@ -78,6 +78,7 @@ static void sdap_autofs_handler_done(struct tevent_req *req); void sdap_autofs_handler(struct be_req *be_req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); struct sdap_id_ctx *id_ctx; struct be_autofs_req *autofs_req; struct tevent_req *req; @@ -85,7 +86,7 @@ void sdap_autofs_handler(struct be_req *be_req) DEBUG(SSSDBG_TRACE_INTERNAL, ("sdap autofs handler called\n")); - id_ctx = talloc_get_type(be_req->be_ctx->bet_info[BET_AUTOFS].pvt_bet_data, + id_ctx = talloc_get_type(be_ctx->bet_info[BET_AUTOFS].pvt_bet_data, struct sdap_id_ctx); if (be_is_offline(id_ctx->be)) { @@ -106,7 +107,7 @@ void sdap_autofs_handler(struct be_req *be_req) } } - req = sdap_autofs_get_map_send(be_req, be_req->be_ctx->ev, + req = sdap_autofs_get_map_send(be_req, be_ctx->ev, id_ctx, autofs_req->mapname); if (!req) { ret = ENOMEM; diff --git a/src/providers/ldap/sdap_sudo.c b/src/providers/ldap/sdap_sudo.c index 9c818366..e42560a2 100644 --- a/src/providers/ldap/sdap_sudo.c +++ b/src/providers/ldap/sdap_sudo.c @@ -487,13 +487,14 @@ static void sdap_sudo_reply(struct tevent_req *req) void sdap_sudo_handler(struct be_req *be_req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); struct tevent_req *req = NULL; struct be_sudo_req *sudo_req = NULL; struct sdap_sudo_ctx *sudo_ctx = NULL; struct sdap_id_ctx *id_ctx = NULL; int ret = EOK; - sudo_ctx = talloc_get_type(be_req->be_ctx->bet_info[BET_SUDO].pvt_bet_data, + sudo_ctx = talloc_get_type(be_ctx->bet_info[BET_SUDO].pvt_bet_data, struct sdap_sudo_ctx); id_ctx = sudo_ctx->id_ctx; diff --git a/src/providers/proxy/proxy_auth.c b/src/providers/proxy/proxy_auth.c index 7b6a26f5..2eacfa4e 100644 --- a/src/providers/proxy/proxy_auth.c +++ b/src/providers/proxy/proxy_auth.c @@ -35,6 +35,7 @@ static struct tevent_req *proxy_child_send(TALLOC_CTX *mem_ctx, static void proxy_child_done(struct tevent_req *child_req); void proxy_pam_handler(struct be_req *req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(req); struct pam_data *pd; struct proxy_auth_ctx *ctx; struct tevent_req *child_req = NULL; @@ -44,16 +45,16 @@ void proxy_pam_handler(struct be_req *req) switch (pd->cmd) { case SSS_PAM_AUTHENTICATE: - ctx = talloc_get_type(req->be_ctx->bet_info[BET_AUTH].pvt_bet_data, + ctx = talloc_get_type(be_ctx->bet_info[BET_AUTH].pvt_bet_data, struct proxy_auth_ctx); break; case SSS_PAM_CHAUTHTOK: case SSS_PAM_CHAUTHTOK_PRELIM: - ctx = talloc_get_type(req->be_ctx->bet_info[BET_CHPASS].pvt_bet_data, + ctx = talloc_get_type(be_ctx->bet_info[BET_CHPASS].pvt_bet_data, struct proxy_auth_ctx); break; case SSS_PAM_ACCT_MGMT: - ctx = talloc_get_type(req->be_ctx->bet_info[BET_ACCESS].pvt_bet_data, + ctx = talloc_get_type(be_ctx->bet_info[BET_ACCESS].pvt_bet_data, struct proxy_auth_ctx); break; case SSS_PAM_SETCRED: @@ -711,6 +712,7 @@ static void proxy_child_done(struct tevent_req *req) { struct proxy_client_ctx *client_ctx = tevent_req_callback_data(req, struct proxy_client_ctx); + struct be_ctx *be_ctx = be_req_get_be_ctx(client_ctx->be_req); struct pam_data *pd = NULL; const char *password; int ret; @@ -721,7 +723,7 @@ static void proxy_child_done(struct tevent_req *req) /* Start the next auth in the queue, if any */ client_ctx->auth_ctx->running--; - imm = tevent_create_immediate(client_ctx->be_req->be_ctx->ev); + imm = tevent_create_immediate(be_ctx->ev); if (imm == NULL) { DEBUG(1, ("tevent_create_immediate failed.\n")); /* We'll still finish the current request, but we're @@ -732,8 +734,7 @@ static void proxy_child_done(struct tevent_req *req) * to create this immediate event. */ } else { - tevent_schedule_immediate(imm, - client_ctx->be_req->be_ctx->ev, + tevent_schedule_immediate(imm, be_ctx->ev, run_proxy_child_queue, client_ctx->auth_ctx); } @@ -747,8 +748,7 @@ static void proxy_child_done(struct tevent_req *req) /* Check if we need to save the cached credentials */ if ((pd->cmd == SSS_PAM_AUTHENTICATE || pd->cmd == SSS_PAM_CHAUTHTOK) && - (pd->pam_status == PAM_SUCCESS) && - client_ctx->be_req->be_ctx->domain->cache_credentials) { + (pd->pam_status == PAM_SUCCESS) && be_ctx->domain->cache_credentials) { ret = sss_authtok_get_password(&pd->authtok, &password, NULL); if (ret) { @@ -757,8 +757,7 @@ static void proxy_child_done(struct tevent_req *req) goto done; } - ret = sysdb_cache_password(client_ctx->be_req->be_ctx->domain->sysdb, - client_ctx->be_req->be_ctx->domain, + ret = sysdb_cache_password(be_ctx->domain->sysdb, be_ctx->domain, pd->user, password); /* password caching failures are not fatal errors */ diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c index a4f7b19e..802c1364 100644 --- a/src/providers/proxy/proxy_id.c +++ b/src/providers/proxy/proxy_id.c @@ -1339,6 +1339,7 @@ static int get_initgr_groups_process(TALLOC_CTX *memctx, void proxy_get_account_info(struct be_req *breq) { + struct be_ctx *be_ctx = be_req_get_be_ctx(breq); struct be_acct_req *ar; struct proxy_id_ctx *ctx; struct sysdb_ctx *sysdb; @@ -1349,12 +1350,12 @@ void proxy_get_account_info(struct be_req *breq) char *endptr; ar = talloc_get_type(breq->req_data, struct be_acct_req); - ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, + ctx = talloc_get_type(be_ctx->bet_info[BET_ID].pvt_bet_data, struct proxy_id_ctx); - sysdb = breq->be_ctx->domain->sysdb; - domain = breq->be_ctx->domain; + sysdb = be_ctx->domain->sysdb; + domain = be_ctx->domain; - if (be_is_offline(breq->be_ctx)) { + if (be_is_offline(be_ctx)) { return be_req_terminate(breq, DP_ERR_OFFLINE, EAGAIN, "Offline"); } @@ -1479,7 +1480,7 @@ void proxy_get_account_info(struct be_req *breq) if (ret) { if (ret == ENXIO) { DEBUG(2, ("proxy returned UNAVAIL error, going offline!\n")); - be_mark_offline(breq->be_ctx); + be_mark_offline(be_ctx); } be_req_terminate(breq, DP_ERR_FATAL, ret, NULL); return; diff --git a/src/providers/proxy/proxy_init.c b/src/providers/proxy/proxy_init.c index bb071688..2b154a07 100644 --- a/src/providers/proxy/proxy_init.c +++ b/src/providers/proxy/proxy_init.c @@ -48,7 +48,8 @@ static void proxy_shutdown(struct be_req *req) static void proxy_auth_shutdown(struct be_req *req) { - talloc_free(req->be_ctx->bet_info[BET_AUTH].pvt_bet_data); + struct be_ctx *be_ctx = be_req_get_be_ctx(req); + talloc_free(be_ctx->bet_info[BET_AUTH].pvt_bet_data); be_req_terminate(req, DP_ERR_OK, EOK, NULL); } diff --git a/src/providers/simple/simple_access.c b/src/providers/simple/simple_access.c index b7e1bb35..8ec1883f 100644 --- a/src/providers/simple/simple_access.c +++ b/src/providers/simple/simple_access.c @@ -34,6 +34,7 @@ void simple_access_handler(struct be_req *be_req) { + struct be_ctx *be_ctx = be_req_get_be_ctx(be_req); int ret; bool access_granted = false; struct pam_data *pd; @@ -49,7 +50,7 @@ void simple_access_handler(struct be_req *be_req) goto done; } - ctx = talloc_get_type(be_req->be_ctx->bet_info[BET_ACCESS].pvt_bet_data, + ctx = talloc_get_type(be_ctx->bet_info[BET_ACCESS].pvt_bet_data, struct simple_ctx); ret = simple_access_check(ctx, pd->user, &access_granted); |