From b6dfbf81c61d4431aaa81687ec53e892f8b71edb Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Wed, 25 Apr 2012 09:16:41 +0200 Subject: Allow different SID representations in libidmap Besides as strings it is now possible to use binary SIDs or a struct containing all SID information. Functions to convert between these formats are added as well. --- src/lib/idmap/sss_idmap.c | 127 +++++++++++-- src/lib/idmap/sss_idmap.h | 179 ++++++++++++++++++ src/lib/idmap/sss_idmap_conv.c | 385 ++++++++++++++++++++++++++++++++++++++ src/lib/idmap/sss_idmap_private.h | 41 ++++ 4 files changed, 719 insertions(+), 13 deletions(-) create mode 100644 src/lib/idmap/sss_idmap_conv.c create mode 100644 src/lib/idmap/sss_idmap_private.h (limited to 'src/lib') diff --git a/src/lib/idmap/sss_idmap.c b/src/lib/idmap/sss_idmap.c index 11f934bf..b00d6150 100644 --- a/src/lib/idmap/sss_idmap.c +++ b/src/lib/idmap/sss_idmap.c @@ -27,18 +27,13 @@ #include #include "lib/idmap/sss_idmap.h" +#include "lib/idmap/sss_idmap_private.h" #define DOM_SID_PREFIX "S-1-5-21-" #define DOM_SID_PREFIX_LEN (sizeof(DOM_SID_PREFIX) - 1) #define SID_FMT "%s-%d" #define SID_STR_MAX_LEN 1024 -#define CHECK_IDMAP_CTX(ctx, ret) do { \ - if (ctx == NULL || ctx->alloc_func == NULL || ctx->free_func == NULL) { \ - return ret; \ - } \ -} while(0) - struct idmap_domain_info { char *name; char *sid; @@ -46,13 +41,6 @@ struct idmap_domain_info { struct idmap_domain_info *next; }; -struct sss_idmap_ctx { - idmap_alloc_func *alloc_func; - void *alloc_pvt; - idmap_free_func *free_func; - struct idmap_domain_info *idmap_domain_info; -}; - static void *default_alloc(size_t size, void *pvt) { return malloc(size); @@ -373,3 +361,116 @@ enum idmap_error_code sss_idmap_unix_to_sid(struct sss_idmap_ctx *ctx, return IDMAP_NO_DOMAIN; } + +enum idmap_error_code sss_idmap_dom_sid_to_unix(struct sss_idmap_ctx *ctx, + struct dom_sid *dom_sid, + uint32_t *id) +{ + enum idmap_error_code err; + char *sid; + + CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID); + + err = sss_idmap_dom_sid_to_sid(ctx, dom_sid, &sid); + if (err != IDMAP_SUCCESS) { + goto done; + } + + err = sss_idmap_sid_to_unix(ctx, sid, id); + +done: + ctx->free_func(sid, ctx->alloc_pvt); + + return err; +} + +enum idmap_error_code sss_idmap_bin_sid_to_unix(struct sss_idmap_ctx *ctx, + uint8_t *bin_sid, + size_t length, + uint32_t *id) +{ + enum idmap_error_code err; + char *sid; + + CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID); + + err = sss_idmap_bin_sid_to_sid(ctx, bin_sid, length, &sid); + if (err != IDMAP_SUCCESS) { + goto done; + } + + err = sss_idmap_sid_to_unix(ctx, sid, id); + +done: + ctx->free_func(sid, ctx->alloc_pvt); + + return err; +} + +enum idmap_error_code sss_idmap_unix_to_dom_sid(struct sss_idmap_ctx *ctx, + uint32_t id, + struct dom_sid **_dom_sid) +{ + enum idmap_error_code err; + char *sid = NULL; + struct dom_sid *dom_sid = NULL; + + CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID); + + err = sss_idmap_unix_to_sid(ctx, id, &sid); + if (err != IDMAP_SUCCESS) { + goto done; + } + + err = sss_idmap_sid_to_dom_sid(ctx, sid, &dom_sid); + if (err != IDMAP_SUCCESS) { + goto done; + } + + *_dom_sid = dom_sid; + err = IDMAP_SUCCESS; + +done: + ctx->free_func(sid, ctx->alloc_pvt); + if (err != IDMAP_SUCCESS) { + ctx->free_func(dom_sid, ctx->alloc_pvt); + } + + return err; +} + +enum idmap_error_code sss_idmap_unix_to_bin_sid(struct sss_idmap_ctx *ctx, + uint32_t id, + uint8_t **_bin_sid, + size_t *_length) +{ + enum idmap_error_code err; + char *sid = NULL; + uint8_t *bin_sid = NULL; + size_t length; + + CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID); + + err = sss_idmap_unix_to_sid(ctx, id, &sid); + if (err != IDMAP_SUCCESS) { + goto done; + } + + err = sss_idmap_sid_to_bin_sid(ctx, sid, &bin_sid, &length); + if (err != IDMAP_SUCCESS) { + goto done; + } + + *_bin_sid = bin_sid; + *_length = length; + err = IDMAP_SUCCESS; + +done: + ctx->free_func(sid, ctx->alloc_pvt); + if (err != IDMAP_SUCCESS) { + ctx->free_func(bin_sid, ctx->alloc_pvt); + } + + return err; + +} diff --git a/src/lib/idmap/sss_idmap.h b/src/lib/idmap/sss_idmap.h index dbb2700a..146f831e 100644 --- a/src/lib/idmap/sss_idmap.h +++ b/src/lib/idmap/sss_idmap.h @@ -84,6 +84,11 @@ struct sss_idmap_range { uint32_t max; }; +/** + * Opaque type for SIDs + */ +struct dom_sid; + /** * Opaque type for the idmap context */ @@ -145,6 +150,42 @@ enum idmap_error_code sss_idmap_sid_to_unix(struct sss_idmap_ctx *ctx, const char *sid, uint32_t *id); +/** + * @brief Translate a SID stucture to a unix UID or GID + * + * @param[in] ctx Idmap context + * @param[in] dom_sid SID structure + * @param[out] id Returned unix UID or GID + * + * @return + * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context + * - #IDMAP_SID_INVALID: Invalid SID provided + * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the + * idmap context + */ +enum idmap_error_code sss_idmap_dom_sid_to_unix(struct sss_idmap_ctx *ctx, + struct dom_sid *dom_sid, + uint32_t *id); + +/** + * @brief Translate a binary SID to a unix UID or GID + * + * @param[in] ctx Idmap context + * @param[in] bin_sid Array with the binary SID + * @param[in] length Size of the array containing the binary SID + * @param[out] id Returned unix UID or GID + * + * @return + * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context + * - #IDMAP_SID_INVALID: Invalid SID provided + * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the + * idmap context + */ +enum idmap_error_code sss_idmap_bin_sid_to_unix(struct sss_idmap_ctx *ctx, + uint8_t *bin_sid, + size_t length, + uint32_t *id); + /** * @brief Translate unix UID or GID to a SID * @@ -162,6 +203,41 @@ enum idmap_error_code sss_idmap_unix_to_sid(struct sss_idmap_ctx *ctx, uint32_t id, char **sid); +/** + * @brief Translate unix UID or GID to a SID structure + * + * @param[in] ctx Idmap context + * @param[in] id unix UID or GID + * @param[out] dom_sid SID structure, must be freed if not needed anymore + * + * @return + * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context + * - #IDMAP_NO_RANGE: The provided ID cannot be found in the domains added + * to the idmap context + */ +enum idmap_error_code sss_idmap_unix_to_dom_sid(struct sss_idmap_ctx *ctx, + uint32_t id, + struct dom_sid **dom_sid); + +/** + * @brief Translate unix UID or GID to a binary SID + * + * @param[in] ctx Idmap context + * @param[in] id unix UID or GID + * @param[out] bin_sid Array with the binary SID, + * must be freed if not needed anymore + * @param[out] length size of the array containing the binary SID + * + * @return + * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context + * - #IDMAP_NO_RANGE: The provided ID cannot be found in the domains added + * to the idmap context + */ +enum idmap_error_code sss_idmap_unix_to_bin_sid(struct sss_idmap_ctx *ctx, + uint32_t id, + uint8_t **bin_sid, + size_t *length); + /** * @brief Free all the allocated memory of the idmap context * @@ -193,6 +269,109 @@ const char *idmap_error_string(enum idmap_error_code err); */ bool is_domain_sid(const char *str); +/** + * @brief Convert binary SID to SID structure + * + * @param[in] ctx Idmap context + * @param[in] bin_sid Array with the binary SID + * @param[in] length Size of the array containing the binary SID + * @param[out] dom_sid SID structure, + * must be freed if not needed anymore + * + * @return + * - #IDMAP_SID_INVALID: Given SID is invalid + * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result + */ +enum idmap_error_code sss_idmap_bin_sid_to_dom_sid(struct sss_idmap_ctx *ctx, + const uint8_t *bin_sid, + size_t length, + struct dom_sid **dom_sid); + +/** + * @brief Convert binary SID to SID string + * + * @param[in] ctx Idmap context + * @param[in] bin_sid Array with the binary SID + * @param[in] length Size of the array containing the binary SID + * @param[out] sid Zero-terminated string representation of the SID, + * must be freed if not needed anymore + * + * @return + * - #IDMAP_SID_INVALID: Given SID is invalid + * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result + */ +enum idmap_error_code sss_idmap_bin_sid_to_sid(struct sss_idmap_ctx *ctx, + const uint8_t *bin_sid, + size_t length, + char **sid); + +/** + * @brief Convert SID structure to binary SID + * + * @param[in] ctx Idmap context + * @param[in] dom_sid SID structure + * @param[out] bin_sid Array with the binary SID, + * must be freed if not needed anymore + * @param[out] length Size of the array containing the binary SID + * + * @return + * - #IDMAP_SID_INVALID: Given SID is invalid + * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result + */ +enum idmap_error_code sss_idmap_dom_sid_to_bin_sid(struct sss_idmap_ctx *ctx, + struct dom_sid *dom_sid, + uint8_t **bin_sid, + size_t *length); + +/** + * @brief Convert SID string to binary SID + * + * @param[in] ctx Idmap context + * @param[in] sid Zero-terminated string representation of the SID + * @param[out] bin_sid Array with the binary SID, + * must be freed if not needed anymore + * @param[out] length Size of the array containing the binary SID + * + * @return + * - #IDMAP_SID_INVALID: Given SID is invalid + * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result + */ +enum idmap_error_code sss_idmap_sid_to_bin_sid(struct sss_idmap_ctx *ctx, + const char *sid, + uint8_t **bin_sid, + size_t *length); + +/** + * @brief Convert SID structure to SID string + * + * @param[in] ctx Idmap context + * @param[in] dom_sid SID structure + * @param[out] sid Zero-terminated string representation of the SID, + * must be freed if not needed anymore + * + * @return + * - #IDMAP_SID_INVALID: Given SID is invalid + * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result + */ +enum idmap_error_code sss_idmap_dom_sid_to_sid(struct sss_idmap_ctx *ctx, + struct dom_sid *dom_sid, + char **sid); + +/** + * @brief Convert SID string to SID structure + * + * @param[in] ctx Idmap context + * @param[in] sid Zero-terminated string representation of the SID + * @param[out] dom_sid SID structure, + * must be freed if not needed anymore + * + * @return + * - #IDMAP_SID_INVALID: Given SID is invalid + * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result + */ +enum idmap_error_code sss_idmap_sid_to_dom_sid(struct sss_idmap_ctx *ctx, + const char *sid, + struct dom_sid **dom_sid); /** * @} */ diff --git a/src/lib/idmap/sss_idmap_conv.c b/src/lib/idmap/sss_idmap_conv.c new file mode 100644 index 00000000..83041efe --- /dev/null +++ b/src/lib/idmap/sss_idmap_conv.c @@ -0,0 +1,385 @@ +/* + SSSD + + ID-mapping library - conversion utilities + + Authors: + Sumit Bose + + Copyright (C) 2012 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include +#include +#include +#include + +#include "lib/idmap/sss_idmap.h" +#include "lib/idmap/sss_idmap_private.h" +#include "util/util.h" + +#define SID_ID_AUTHS 6 +#define SID_SUB_AUTHS 15 +struct dom_sid { + uint8_t sid_rev_num; + int8_t num_auths;/* [range(0,15)] */ + uint8_t id_auth[SID_ID_AUTHS]; + uint32_t sub_auths[SID_SUB_AUTHS]; +}; + +enum idmap_error_code sss_idmap_bin_sid_to_dom_sid(struct sss_idmap_ctx *ctx, + const uint8_t *bin_sid, + size_t length, + struct dom_sid **_dom_sid) +{ + enum idmap_error_code err; + struct dom_sid *dom_sid; + size_t i = 0; + size_t p = 0; + + CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID); + + if (length > sizeof(struct dom_sid)) return IDMAP_SID_INVALID; + + dom_sid = ctx->alloc_func(sizeof(struct dom_sid), ctx->alloc_pvt); + if (dom_sid == NULL) { + return IDMAP_OUT_OF_MEMORY; + } + + /* Safely copy in the SID revision number */ + dom_sid->sid_rev_num = (uint8_t) *(bin_sid + p); + p++; + + /* Safely copy in the number of sub auth values */ + dom_sid->num_auths = (uint8_t) *(bin_sid + p); + p++; + + /* Make sure we aren't being told to read more bin_sid + * than can fit in the structure + */ + if (dom_sid->num_auths > SID_SUB_AUTHS) { + err = IDMAP_SID_INVALID; + goto done; + } + + /* Safely copy in the id_auth values */ + for (i = 0; i < SID_ID_AUTHS; i++) { + dom_sid->id_auth[i] = (uint8_t) *(bin_sid + p); + p++; + } + + /* Safely copy in the sub_auths values */ + for (i = 0; i < dom_sid->num_auths; i++) { + SAFEALIGN_COPY_UINT32(&dom_sid->sub_auths[i], bin_sid + p, &p); + } + + *_dom_sid = dom_sid; + err = IDMAP_SUCCESS; + +done: + if (err != IDMAP_SUCCESS) { + ctx->free_func(dom_sid, ctx->alloc_pvt); + } + return err; +} + +enum idmap_error_code sss_idmap_dom_sid_to_bin_sid(struct sss_idmap_ctx *ctx, + struct dom_sid *dom_sid, + uint8_t **_bin_sid, + size_t *_length) +{ + enum idmap_error_code err; + uint8_t *bin_sid; + size_t length; + size_t i = 0; + size_t p = 0; + + CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID); + + if (dom_sid->num_auths > SID_SUB_AUTHS) { + return IDMAP_SID_INVALID; + } + + length = 2 + SID_ID_AUTHS + dom_sid->num_auths * 4; + + bin_sid = ctx->alloc_func(length, ctx->alloc_pvt); + if (bin_sid == NULL) { + return IDMAP_OUT_OF_MEMORY; + } + + bin_sid[p] = dom_sid->sid_rev_num; + p++; + + bin_sid[p] = dom_sid->num_auths; + p++; + + for (i = 0; i < SID_ID_AUTHS; i++) { + bin_sid[p] = dom_sid->id_auth[i]; + p++; + } + + for (i = 0; i < dom_sid->num_auths; i++) { + if (p + sizeof(uint32_t) > length) { + err = IDMAP_SID_INVALID; + goto done; + } + SAFEALIGN_COPY_UINT32(bin_sid + p, &dom_sid->sub_auths[i], &p); + } + + *_bin_sid = bin_sid; + *_length = length; + + err = IDMAP_SUCCESS; +done: + if (err != IDMAP_SUCCESS) { + ctx->free_func(bin_sid, ctx->alloc_pvt); + } + return err; +} + +enum idmap_error_code sss_idmap_dom_sid_to_sid(struct sss_idmap_ctx *ctx, + struct dom_sid *dom_sid, + char **_sid) +{ + enum idmap_error_code err; + char *sid_buf; + size_t sid_buf_len; + char *p; + int nc; + int8_t i; + uint32_t id_auth_val = 0; + uint32_t sub_auth_val; + + if (dom_sid->num_auths > SID_SUB_AUTHS) { + return IDMAP_SID_INVALID; + } + + sid_buf_len = 25 + dom_sid->num_auths * 11; + sid_buf = ctx->alloc_func(sid_buf_len, ctx->alloc_pvt); + if (sid_buf == NULL) { + return IDMAP_OUT_OF_MEMORY; + } + memset(sid_buf, 0, sid_buf_len); + + /* Only 32bits are used for the string representation */ + id_auth_val = (dom_sid->id_auth[2] << 24) + + (dom_sid->id_auth[3] << 16) + + (dom_sid->id_auth[4] << 8) + + (dom_sid->id_auth[5]); + + nc = snprintf(sid_buf, sid_buf_len, "S-%u-%lu", dom_sid->sid_rev_num, + (unsigned long) id_auth_val); + if (nc < 0 || nc >= sid_buf_len) { + err = IDMAP_SID_INVALID; + goto done; + } + + + /* Loop through the sub-auths, if any, prepending a hyphen + * for each one. + */ + p = sid_buf; + for (i = 0; i < dom_sid->num_auths ; i++) { + p += nc; + sid_buf_len -= nc; + /* SID values in Active Directory are stored little-endian */ + sub_auth_val = le32toh(dom_sid->sub_auths[i]); + + nc = snprintf(p, sid_buf_len, "-%lu", (unsigned long) sub_auth_val); + if (nc < 0 || nc >= sid_buf_len) { + err = IDMAP_SID_INVALID; + goto done; + } + } + + *_sid = sid_buf; + err = IDMAP_SUCCESS; + +done: + if (err != IDMAP_SUCCESS) { + ctx->free_func(sid_buf, ctx->alloc_pvt); + } + + return err; +} + +enum idmap_error_code sss_idmap_sid_to_dom_sid(struct sss_idmap_ctx *ctx, + const char *sid, + struct dom_sid **_dom_sid) +{ + enum idmap_error_code err; + unsigned long ul; + char *r; + char *end; + struct dom_sid *dom_sid; + + CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID); + + if (sid == NULL || (sid[0] != 'S' && sid[0] != 's') || sid[1] != '-') { + return IDMAP_SID_INVALID; + } + + dom_sid = ctx->alloc_func(sizeof(struct dom_sid), ctx->alloc_pvt); + if (dom_sid == NULL) { + return IDMAP_OUT_OF_MEMORY; + } + memset(dom_sid, 0, sizeof(struct dom_sid)); + + + if (!isdigit(sid[2])) { + err = IDMAP_SID_INVALID; + goto done; + } + errno = 0; + ul = strtoul(sid + 2, &r, 10); + if (errno != 0 || r == NULL || *r != '-' || ul > UINT8_MAX) { + err = IDMAP_SID_INVALID; + goto done; + } + dom_sid->sid_rev_num = (uint8_t) ul; + r++; + + if (!isdigit(*r)) { + err = IDMAP_SID_INVALID; + goto done; + } + errno = 0; + ul = strtoul(r, &r, 10); + if (errno != 0 || r == NULL) { + err = IDMAP_SID_INVALID; + goto done; + } + + /* id_auth in the string should always be <2^32 in decimal */ + /* store values in the same order as the binary representation */ + dom_sid->id_auth[0] = 0; + dom_sid->id_auth[1] = 0; + dom_sid->id_auth[2] = (ul & 0xff000000) >> 24; + dom_sid->id_auth[3] = (ul & 0x00ff0000) >> 16; + dom_sid->id_auth[4] = (ul & 0x0000ff00) >> 8; + dom_sid->id_auth[5] = (ul & 0x000000ff); + + if (*r == '\0') { + /* no sub auths given */ + err = IDMAP_SUCCESS; + goto done; + } + + if (*r != '-') { + err = IDMAP_SID_INVALID; + goto done; + } + + do { + if (dom_sid->num_auths > SID_SUB_AUTHS) { + err = IDMAP_SID_INVALID; + goto done; + } + + r++; + if (!isdigit(*r)) { + err = IDMAP_SID_INVALID; + goto done; + } + + errno = 0; + ul = strtol(r, &end, 10); + if (errno != 0 || end == NULL || + (*end != '\0' && *end != '-')) { + err = IDMAP_SID_INVALID; + goto done; + } + + dom_sid->sub_auths[dom_sid->num_auths++] = ul; + + r = end; + } while (*r != '\0'); + + err = IDMAP_SUCCESS; + +done: + if (err != IDMAP_SUCCESS) { + ctx->free_func(dom_sid, ctx->alloc_pvt); + } else { + *_dom_sid = dom_sid; + } + + return err; +} + +enum idmap_error_code sss_idmap_sid_to_bin_sid(struct sss_idmap_ctx *ctx, + const char *sid, + uint8_t **_bin_sid, + size_t *_length) +{ + enum idmap_error_code err; + struct dom_sid *dom_sid = NULL; + size_t length; + uint8_t *bin_sid = NULL; + + err = sss_idmap_sid_to_dom_sid(ctx, sid, &dom_sid); + if (err != IDMAP_SUCCESS) { + goto done; + } + + err = sss_idmap_dom_sid_to_bin_sid(ctx, dom_sid, &bin_sid, &length); + if (err != IDMAP_SUCCESS) { + goto done; + } + + *_length = length; + *_bin_sid = bin_sid; + err = IDMAP_SUCCESS; + +done: + ctx->free_func(dom_sid, ctx->alloc_pvt); + if (err != IDMAP_SUCCESS) { + ctx->free_func(bin_sid, ctx->alloc_pvt); + } + + return err; +} + +enum idmap_error_code sss_idmap_bin_sid_to_sid(struct sss_idmap_ctx *ctx, + const uint8_t *bin_sid, + size_t length, + char **_sid) +{ + enum idmap_error_code err; + struct dom_sid *dom_sid = NULL; + char *sid = NULL; + + err = sss_idmap_bin_sid_to_dom_sid(ctx, bin_sid, length, &dom_sid); + if (err != IDMAP_SUCCESS) { + goto done; + } + + err = sss_idmap_dom_sid_to_sid(ctx, dom_sid, &sid); + if (err != IDMAP_SUCCESS) { + goto done; + } + + *_sid = sid; + err = IDMAP_SUCCESS; + +done: + ctx->free_func(dom_sid, ctx->alloc_pvt); + if (err != IDMAP_SUCCESS) { + ctx->free_func(sid, ctx->alloc_pvt); + } + + return err; +} diff --git a/src/lib/idmap/sss_idmap_private.h b/src/lib/idmap/sss_idmap_private.h new file mode 100644 index 00000000..776c56ab --- /dev/null +++ b/src/lib/idmap/sss_idmap_private.h @@ -0,0 +1,41 @@ +/* + SSSD + + ID-mapping library - private headers + + Authors: + Sumit Bose + + Copyright (C) 2012 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#ifndef SSS_IDMAP_PRIVATE_H_ +#define SSS_IDMAP_PRIVATE_H_ + +#define CHECK_IDMAP_CTX(ctx, ret) do { \ + if (ctx == NULL || ctx->alloc_func == NULL || ctx->free_func == NULL) { \ + return ret; \ + } \ +} while(0) + +struct sss_idmap_ctx { + idmap_alloc_func *alloc_func; + void *alloc_pvt; + idmap_free_func *free_func; + struct idmap_domain_info *idmap_domain_info; +}; + +#endif /* SSS_IDMAP_PRIVATE_H_ */ -- cgit