diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2012-01-19 20:38:40 -0500 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-01-21 12:47:57 -0500 |
| commit | 0c7aa697991ea9df960fae14fd567ebdda3b4ff4 (patch) | |
| tree | e61deb65296375cf381ef780c4bea12fe07d0589 | |
| parent | 91d521779424409646649a84a99a20f8e8e159df (diff) | |
| download | sssd-0c7aa697991ea9df960fae14fd567ebdda3b4ff4.tar.gz sssd-0c7aa697991ea9df960fae14fd567ebdda3b4ff4.tar.xz sssd-0c7aa697991ea9df960fae14fd567ebdda3b4ff4.zip | |
RESPONDER: Extend sss_dp_account_send() to include extra data
Some NSS maps such as 'services' require more values to be passed
to the data provider than just the name or ID. In these cases, we
will amend an optional component to filter value to pass to the
data provider backend.
| -rw-r--r-- | src/responder/common/responder.h | 3 | ||||
| -rw-r--r-- | src/responder/common/responder_dp.c | 31 | ||||
| -rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 8 | ||||
| -rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 2 | ||||
| -rw-r--r-- | src/responder/sudo/sudosrv_get_sudorules.c | 2 |
5 files changed, 32 insertions, 14 deletions
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h index cbac67b56..c27de3115 100644 --- a/src/responder/common/responder.h +++ b/src/responder/common/responder.h @@ -192,7 +192,8 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx, bool fast_reply, int type, const char *opt_name, - uint32_t opt_id); + uint32_t opt_id, + const char *extra); errno_t sss_dp_get_account_recv(TALLOC_CTX *mem_ctx, struct tevent_req *req, diff --git a/src/responder/common/responder_dp.c b/src/responder/common/responder_dp.c index f51e2496a..6bc086c2a 100644 --- a/src/responder/common/responder_dp.c +++ b/src/responder/common/responder_dp.c @@ -247,7 +247,8 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx, bool fast_reply, int type, const char *opt_name, - uint32_t opt_id) + uint32_t opt_id, + const char *extra) { errno_t ret; int hret; @@ -312,13 +313,29 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx, state->key->type = HASH_KEY_STRING; if (opt_name) { - filter = talloc_asprintf(state, "name=%s", opt_name); - state->key->str = talloc_asprintf(state->key, "%d:%s@%s", - type, opt_name, dom->name); + if (extra) { + filter = talloc_asprintf(state, "name=%s:%s", + opt_name, extra); + state->key->str = talloc_asprintf(state->key, "%d:%s:%s@%s", + type, opt_name, + extra, dom->name); + } else { + filter = talloc_asprintf(state, "name=%s", opt_name); + state->key->str = talloc_asprintf(state->key, "%d:%s@%s", + type, opt_name, dom->name); + } } else if (opt_id) { - filter = talloc_asprintf(state, "idnumber=%u", opt_id); - state->key->str = talloc_asprintf(state->key, "%d:%d@%s", - type, opt_id, dom->name); + if (extra) { + filter = talloc_asprintf(state, "idnumber=%u:%s", + opt_id, extra); + state->key->str = talloc_asprintf(state->key, "%d:%d:%s@%s", + type, opt_id, + extra, dom->name); + } else { + filter = talloc_asprintf(state, "idnumber=%u", opt_id); + state->key->str = talloc_asprintf(state->key, "%d:%d@%s", + type, opt_id, dom->name); + } } else { filter = talloc_strdup(state, ENUM_INDICATOR); state->key->str = talloc_asprintf(state->key, "%d:*@%s", diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index abed7a886..dec7f3050 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -649,7 +649,7 @@ errno_t check_cache(struct nss_dom_ctx *dctx, * immediately. */ req = sss_dp_get_account_send(cctx, cctx->rctx, dctx->domain, true, - req_type, opt_name, opt_id); + req_type, opt_name, opt_id, NULL); if (!req) { DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory sending out-of-band data provider " @@ -678,7 +678,7 @@ errno_t check_cache(struct nss_dom_ctx *dctx, } req = sss_dp_get_account_send(cctx, cctx->rctx, dctx->domain, true, - req_type, opt_name, opt_id); + req_type, opt_name, opt_id, NULL); if (!req) { DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory sending data provider request\n")); @@ -1413,7 +1413,7 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) dctx->check_provider = false; dpreq = sss_dp_get_account_send(step_ctx, rctx, dctx->domain, true, - SSS_DP_USER, NULL, 0); + SSS_DP_USER, NULL, 0, NULL); if (!dpreq) { DEBUG(SSSDBG_MINOR_FAILURE, ("Enum Cache refresh for domain [%s] failed." @@ -2720,7 +2720,7 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) step_ctx->returned_to_mainloop = true; /* Only do this once per provider */ dpreq = sss_dp_get_account_send(step_ctx, rctx, dctx->domain, true, - SSS_DP_USER, NULL, 0); + SSS_DP_USER, NULL, 0, NULL); if (!dpreq) { DEBUG(SSSDBG_MINOR_FAILURE, ("Enum Cache refresh for domain [%s] failed." diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index 4a98dd638..8cb642217 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -953,7 +953,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) dpreq = sss_dp_get_account_send(preq, preq->cctx->rctx, dom, false, SSS_DP_INITGROUPS, - name, 0); + name, 0, NULL); if (!dpreq) { DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory sending data provider request\n")); diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index fca6257d8..b1c3fa5e8 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -136,7 +136,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) cache_expire < time(NULL)) { dpreq = sss_dp_get_account_send(cli_ctx, cli_ctx->rctx, dom, false, SSS_DP_INITGROUPS, - cmd_ctx->username, 0); + cmd_ctx->username, 0, NULL); if (!dpreq) { DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory sending data provider request\n")); |