| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
* the internal request is now more generic and is decoupled from
account-specific data. There is a new sss_dp_issue_request() wrapper
that issues a BE request or registers a callback
* the public requests all use struct sss_dp_req_state as the tevent_req
state data. This allows to report back data from the internal request
even if the caller is just a callback notifier
* each specific request now uses an _info structure that contains all
the data necessary to construct a DBusMessage passed to provider
* each specific request now defines a sss_dp_get_$data_msg callback that
is called from the sss_dp_issue_request() common wraper. The purpose
of the wrapper is to construct a DBusMessage and bind it to a DBus
method so the message can be just sent over to back end
The miscellanous changes include:
* change SSS_DP_ constants to an enum. This way, a switch() would error
if a value is not handled.
* rename sss_dp_get_account_int_send() to sss_dp_internal_get_send()
request because the internal request is going to handle more than just
account data
* the DBus return values were renamed from err_maj, err_min to dp_err
and dp_ret respectively
|
|
|
|
|
|
The conversion to the tevent_req style introduced numerous bugs
related to memory management of the various client requests. In
some circumstances, this could cause memory corruption and
segmentation faults in the NSS responder. This patch makes the
following changes:
1) Rename the internal lookup from subreq to sidereq, to indicate
that it is not a sub-request of the current lookup (and therefore
is not cancelled if the current request is).
2) Change the handling of the callback loops since they call
tevent_req_[done|error], which results in them being freed (and
therefore removed from the cb_list. This was the source of the
memory corruption that would occasionally result in dereferencing
an unreadable request.
3) Remove the unnecessary sss_dp_get_account_int_recv() function
and change sss_dp_get_account_done() so that it only frees the
sidereq. All of the waiting processes have already been signaled
with the final results from sss_dp_get_account_int_done()
|
|
Some NSS maps such as 'services' require more values to be passed
to the data provider than just the name or ID. In these cases, we
will amend an optional component to filter value to pass to the
data provider backend.
|
|
Instead of timing out the initgroups lookup on a per-cctx basis,
we will maintain a hash table of recently-seen users and use this
instead. This will allow SSSD to handle user's logging into
multiple services simultaneously more graciously, as well as
playing nicer with SSH (which makes calls to PAM both before and
after a fork).
https://fedorahosted.org/sssd/ticket/1063
|
|
|
|
|
|
|
|
|
|
|
|
|
|
There are several places (all error-handling) where sss_cmd_done()
is called with no response packet created. As a short-term
solution, we need to check whether the packet is NULL and simply
return EINVAL. client_send() (the consumer) will then forcibly
disconnect the client (which will return PAM_SYSTEM_ERR to the
client).
|
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/1013
|
|
|
|
These two functions were almost identical. Better to maintain them
as a single function.
|
|
|
|
We will now re-read the confdb debug_level value when processing
the monitor_common_logrotate() function, which occurs when the
monitor receives a SIGHUP.
|
|
This was implemented almost identically for both the responders
and the providers. It is easier to maintain as a single routine.
This patch also adds the ability to provide a private context to
attach to the sbus_connection for later use.
|
|
|
|
Also adds an option to limit how often we check the ID provider,
so that conversations with multiple PAM requests won't update the
cache multiple times.
https://fedorahosted.org/sssd/ticket/749
|
|
Also fixes the same problem with set_close_on_exec
https://fedorahosted.org/sssd/ticket/713
|
|
|
|
|
|
Currently we do not handle the open nss request after a reconnect and
wait until they timeout (which is a couple of minutes!). This patch adds
a handler that terminates all requests after a reconnect. Then responder
will return matching cache entries or nothing.
|
|
|
|
|
|
Previously, if a second enumeration request arrived while one was
already being processed, each process would receive only a subset
of the total number of available users or groups. This is because
we were maintaining the response object as a global value in the
NSS responder. The second request would come in, see that the data
set was already populated, and start reading from wherever the
cursor was currently pointed.
With this patch, we now move the cursor to the client context
instead of the global NSS context.
Additionally, this patch completely rewrites the approach to
enumerations in the tevent_req style. This makes it much easier to
follow in the code.
In order to ensure that a slow or malicious client cannot hold
onto a reference for the setent result object indefinitely, we
set an expiration on the object. We use the enum_cache_timeout
here, since that is an appropriate value.
If the timeout fires during the normal operation of the get*ent()
loop of a client program, we will save the current values of the
read index so that we can resume as soon as the object has been
refreshed by an implicit setent call.
Instead of deleting the enumeration result object immediately
after the last in-progress client has read it, we'll keep the
object around for the lifetime of enum_cache_timeout. This way,
additional clients making enumeration requests can still access
the results in-memory.
|
|
Various dead assignments were deleted, some return value inspections
were added.
Ticket: #588
|
|
Creates a new function - sss_ncache_prepopulate() - that can be
shared with other responders, such as PAM.
|
|
Rename functions from nss_ncache_* to sss_ncache_*
Move negative cache to responder/common and rename as negcache.c/h
|
|
https://fedorahosted.org/sssd/ticket/540
|
|
In several places, we were creating a new timer and assigning it
to the tev variable, but then we were checking for NULL from the
te variable (which, incidentally, is guaranteed never to be NULL
in this situation)
https://fedorahosted.org/sssd/ticket/523
|
|
This is the second attempt to let the PAM client and the PAM responder
exchange their credentials, i.e. uid, gid and pid. Because this approach
does not require any message interchange between the client and the
server the protocol version number is not changed.
On the client side the connection is terminated it the responder is not
run by root. On the server side the effective uid and gid and the pid of
the client are available for future use.
The following additional changes are made by this patch:
- the checks of the ownership and the permissions on the PAM sockets are
enhanced
- internal error codes are introduced on the client side to generate
more specific log messages if an error occurs
|
|
This reverts commit 5a88e963744e5da453e88b5c36499f04712df097.
|
|
This commit completes the migration to a synchronous sysdb
|
|
|
|
- catch all errors of send() and recv(), not only EAGAIN
- check if send() or recv() return EWOULDBLOCK or EINTR
- remove unused parameter from client_send() and client_recv()
- fix a debugging message
|
|
buf needs to be 32 bit aligned on ARM. Also made the fix on the server side.
Signed-off-by: George McCollister <George.McCollister@gmail.com>
|
|
dbus_connection_send_with_reply() will report success and return
a NULL pending_reply when the connection is not open for
communication. This patch creates a new wrapper around
dbus_connection_send_with_reply() to properly detect this
condition and report it as an error.
|
|
- check if the public socket belongs to root and has 0666 permissions
- use a SCM_CREDENTIALS message if available
|
|
Logs from confdb with missing '\n' in the DEBUG statements annoyed me so
I decided to fix them. I also made a quick grep through the code and
found other places so I fixed them too.
|
|
This was a holdover from when the DP and the providers were unique
processes. The NSS and PAM registrations do not need to send the
domain, as it is not ambiguous which one they are talking to.
|
|
Also update BUILD.txt
|
