summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2015-08-18 15:15:44 +0000
committerJakub Hrozek <jhrozek@redhat.com>2015-09-21 17:03:01 +0200
commitb5825c74b6bf7a99ae2172392dbecb51179013a6 (patch)
tree54b4e9904ed901c13cccbacad5b62c0a824205df
parent2cec08a3174bff951c048c57b4b0e4517ad6b7b1 (diff)
downloadsssd-b5825c74b6bf7a99ae2172392dbecb51179013a6.tar.gz
sssd-b5825c74b6bf7a99ae2172392dbecb51179013a6.tar.xz
sssd-b5825c74b6bf7a99ae2172392dbecb51179013a6.zip
UTIL: Convert domain->disabled into tri-state with domain states
Required for: https://fedorahosted.org/sssd/ticket/2637 This is a first step towards making it possible for domain to be around, but not contacted by Data Provider. Also explicitly create domains as active, previously we only relied on talloc_zero marking dom->disabled as false. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat
-rw-r--r--src/confdb/confdb.c2
-rw-r--r--src/confdb/confdb.h19
-rw-r--r--src/db/sysdb_subdomains.c7
-rw-r--r--src/providers/ad/ad_subdomains.c2
-rw-r--r--src/providers/ipa/ipa_subdomains.c2
-rw-r--r--src/responder/common/responder_common.c5
-rw-r--r--src/tests/cmocka/test_sysdb_subdomains.c6
-rw-r--r--src/tests/cmocka/test_utils.c6
-rw-r--r--src/util/domain_info_utils.c20
-rw-r--r--src/util/util.h3
-rw-r--r--src/util/util_errors.c1
-rw-r--r--src/util/util_errors.h1
12 files changed, 60 insertions, 14 deletions
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index 3a8a1c01b..c097aad77 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -1342,6 +1342,8 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
domain->has_views = false;
domain->view_name = NULL;
+ domain->state = DOM_ACTIVE;
+
*_domain = domain;
ret = EOK;
done:
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index 427c309a2..eca3d4475 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -216,6 +216,23 @@
struct confdb_ctx;
struct config_file_ctx;
+/** sssd domain state */
+enum sss_domain_state {
+ /** Domain is usable by both responders and providers. This
+ * is the default state after creating a new domain
+ */
+ DOM_ACTIVE,
+ /** Domain was removed, should not be used be neither responders
+ * not providers.
+ */
+ DOM_DISABLED,
+ /** Domain cannot be contacted. Providers return an offline error code
+ * when receiving request for inactive domain, but responders should
+ * return cached data
+ */
+ DOM_INACTIVE,
+};
+
/**
* Data structure storing all of the basic features
* of a domain.
@@ -278,7 +295,7 @@ struct sss_domain_info {
struct sss_domain_info *prev;
struct sss_domain_info *next;
- bool disabled;
+ enum sss_domain_state state;
char **sd_inherit;
/* Do not use the forest pointer directly in new code, but rather the
diff --git a/src/db/sysdb_subdomains.c b/src/db/sysdb_subdomains.c
index 142520c18..546dc1c8d 100644
--- a/src/db/sysdb_subdomains.c
+++ b/src/db/sysdb_subdomains.c
@@ -111,6 +111,8 @@ struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx,
dom->enumerate = enumerate;
dom->fqnames = true;
dom->mpg = mpg;
+ dom->state = DOM_ACTIVE;
+
/* If the parent domain filters out group members, the subdomain should
* as well if configured */
inherit_option = string_in_list(CONFDB_DOMAIN_IGNORE_GROUP_MEMBERS,
@@ -268,7 +270,7 @@ errno_t sysdb_update_subdomains(struct sss_domain_info *domain)
/* disable all domains,
* let the search result refresh any that are still valid */
for (dom = domain->subdomains; dom; dom = get_next_domain(dom, false)) {
- dom->disabled = true;
+ sss_domain_set_state(dom, DOM_DISABLED);
}
if (res->count == 0) {
@@ -312,7 +314,8 @@ errno_t sysdb_update_subdomains(struct sss_domain_info *domain)
/* explicitly use dom->next as we need to check 'disabled' domains */
for (dom = domain->subdomains; dom; dom = dom->next) {
if (strcasecmp(dom->name, name) == 0) {
- dom->disabled = false;
+ sss_domain_set_state(dom, DOM_ACTIVE);
+
/* in theory these may change, but it should never happen */
if (strcasecmp(dom->realm, realm) != 0) {
DEBUG(SSSDBG_TRACE_INTERNAL,
diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c
index 9b42f03a0..d1d468043 100644
--- a/src/providers/ad/ad_subdomains.c
+++ b/src/providers/ad/ad_subdomains.c
@@ -376,7 +376,7 @@ static errno_t ad_subdomains_refresh(struct ad_subdomains_ctx *ctx,
if (c >= count) {
/* ok this subdomain does not exist anymore, let's clean up */
- dom->disabled = true;
+ sss_domain_set_state(dom, DOM_DISABLED);
ret = sysdb_subdomain_delete(dom->sysdb, dom->name);
if (ret != EOK) {
goto done;
diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c
index b2e2fec35..089736b47 100644
--- a/src/providers/ipa/ipa_subdomains.c
+++ b/src/providers/ipa/ipa_subdomains.c
@@ -528,7 +528,7 @@ static errno_t ipa_subdomains_refresh(struct ipa_subdomains_ctx *ctx,
if (c >= count) {
/* ok this subdomain does not exist anymore, let's clean up */
- dom->disabled = true;
+ sss_domain_set_state(dom, DOM_DISABLED);
ret = sysdb_subdomain_delete(dom->sysdb, dom->name);
if (ret != EOK) {
goto done;
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index 36e7f1594..2097004cb 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -923,7 +923,7 @@ responder_get_domain(struct resp_ctx *rctx, const char *name)
struct sss_domain_info *ret_dom = NULL;
for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
- if (dom->disabled) {
+ if (sss_domain_get_state(dom) == DOM_DISABLED) {
continue;
}
@@ -958,7 +958,8 @@ errno_t responder_get_domain_by_id(struct resp_ctx *rctx, const char *id,
id_len = strlen(id);
for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
- if (dom->disabled || dom->domain_id == NULL) {
+ if (sss_domain_get_state(dom) == DOM_DISABLED ||
+ dom->domain_id == NULL) {
continue;
}
diff --git a/src/tests/cmocka/test_sysdb_subdomains.c b/src/tests/cmocka/test_sysdb_subdomains.c
index 15dcf709f..0fb1d6eed 100644
--- a/src/tests/cmocka/test_sysdb_subdomains.c
+++ b/src/tests/cmocka/test_sysdb_subdomains.c
@@ -151,7 +151,11 @@ static void test_sysdb_subdomain_create(void **state)
ret = sysdb_update_subdomains(test_ctx->tctx->dom);
assert_int_equal(ret, EOK);
- assert_true(test_ctx->tctx->dom->subdomains->disabled);
+ assert_int_equal(sss_domain_get_state(test_ctx->tctx->dom->subdomains),
+ DOM_DISABLED);
+ assert_int_equal(
+ sss_domain_get_state(test_ctx->tctx->dom->subdomains->next),
+ DOM_DISABLED);
}
static void test_sysdb_master_domain_ops(void **state)
diff --git a/src/tests/cmocka/test_utils.c b/src/tests/cmocka/test_utils.c
index 2e413c87d..a22c39c47 100644
--- a/src/tests/cmocka/test_utils.c
+++ b/src/tests/cmocka/test_utils.c
@@ -259,7 +259,7 @@ void test_find_domain_by_name_disabled(void **state)
dom = dom->next;
}
assert_non_null(dom);
- dom->disabled = true;
+ sss_domain_set_state(dom, DOM_DISABLED);
for (c = 0; c < test_ctx->dom_count; c++) {
name = talloc_asprintf(global_talloc_context, DOMNAME_TMPL, c);
@@ -426,7 +426,7 @@ void test_find_domain_by_sid_disabled(void **state)
dom = dom->next;
}
assert_non_null(dom);
- dom->disabled = true;
+ sss_domain_set_state(dom, DOM_DISABLED);
for (c = 0; c < test_ctx->dom_count; c++) {
name = talloc_asprintf(global_talloc_context, DOMNAME_TMPL, c);
@@ -578,7 +578,7 @@ static void test_get_next_domain_disabled(void **state)
struct sss_domain_info *dom = NULL;
for (dom = test_ctx->dom_list; dom; dom = get_next_domain(dom, true)) {
- dom->disabled = true;
+ sss_domain_set_state(dom, DOM_DISABLED);
}
dom = get_next_domain(test_ctx->dom_list, true);
diff --git a/src/util/domain_info_utils.c b/src/util/domain_info_utils.c
index 4eabcff7a..ffbb9475b 100644
--- a/src/util/domain_info_utils.c
+++ b/src/util/domain_info_utils.c
@@ -50,7 +50,10 @@ struct sss_domain_info *get_next_domain(struct sss_domain_info *domain,
} else {
dom = NULL;
}
- if (dom && !dom->disabled) break;
+
+ if (dom && sss_domain_get_state(dom) != DOM_DISABLED) {
+ break;
+ }
}
return dom;
@@ -91,7 +94,7 @@ struct sss_domain_info *find_domain_by_name(struct sss_domain_info *domain,
return NULL;
}
- while (dom && dom->disabled) {
+ while (dom && sss_domain_get_state(dom) == DOM_DISABLED) {
dom = get_next_domain(dom, true);
}
while (dom) {
@@ -119,7 +122,7 @@ struct sss_domain_info *find_domain_by_sid(struct sss_domain_info *domain,
sid_len = strlen(sid);
- while (dom && dom->disabled) {
+ while (dom && sss_domain_get_state(dom) == DOM_DISABLED) {
dom = get_next_domain(dom, true);
}
@@ -730,3 +733,14 @@ done:
return ret;
}
+
+enum sss_domain_state sss_domain_get_state(struct sss_domain_info *dom)
+{
+ return dom->state;
+}
+
+void sss_domain_set_state(struct sss_domain_info *dom,
+ enum sss_domain_state state)
+{
+ dom->state = state;
+}
diff --git a/src/util/util.h b/src/util/util.h
index 3e29e7487..f9fe1ca71 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -566,6 +566,9 @@ struct sss_domain_info *find_domain_by_name(struct sss_domain_info *domain,
bool match_any);
struct sss_domain_info *find_domain_by_sid(struct sss_domain_info *domain,
const char *sid);
+enum sss_domain_state sss_domain_get_state(struct sss_domain_info *dom);
+void sss_domain_set_state(struct sss_domain_info *dom,
+ enum sss_domain_state state);
struct sss_domain_info*
sss_get_domain_by_sid_ldap_fallback(struct sss_domain_info *domain,
diff --git a/src/util/util_errors.c b/src/util/util_errors.c
index fd6b9fbfe..ed19346d9 100644
--- a/src/util/util_errors.c
+++ b/src/util/util_errors.c
@@ -81,6 +81,7 @@ struct err_string error_to_str[] = {
{ "p11_child failed" }, /* ERR_P11_CHILD */
{ "Address family not supported" }, /* ERR_ADDR_FAMILY_NOT_SUPPORTED */
{ "Message sender is the bus" }, /* ERR_SBUS_SENDER_BUS */
+ { "Subdomain is inactive" }, /* ERR_SUBDOM_INACTIVE */
{ "ERR_LAST" } /* ERR_LAST */
};
diff --git a/src/util/util_errors.h b/src/util/util_errors.h
index bda0c9b7d..c1d081912 100644
--- a/src/util/util_errors.h
+++ b/src/util/util_errors.h
@@ -103,6 +103,7 @@ enum sssd_errors {
ERR_P11_CHILD,
ERR_ADDR_FAMILY_NOT_SUPPORTED,
ERR_SBUS_SENDER_BUS,
+ ERR_SUBDOM_INACTIVE,
ERR_LAST /* ALWAYS LAST */
};
generated by cgit (git 2.34.1) at 2024-05-03 22:25:21 +0000