diff options
author | Jan Zeleny <jzeleny@redhat.com> | 2012-01-25 02:57:28 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-02-06 08:25:22 -0500 |
commit | 213ce2a78b1abe3921d8dc13c949a28130d00aec (patch) | |
tree | 4371555242ec85e747666839f0fdb69180c081c7 | |
parent | c32484c393dac7f8dda6d2512e9aa51864abd8fe (diff) | |
download | sssd-213ce2a78b1abe3921d8dc13c949a28130d00aec.tar.gz sssd-213ce2a78b1abe3921d8dc13c949a28130d00aec.tar.xz sssd-213ce2a78b1abe3921d8dc13c949a28130d00aec.zip |
Add support for generic IPA config retrieval
-rw-r--r-- | Makefile.am | 2 | ||||
-rw-r--r-- | src/providers/ipa/ipa_config.c | 157 | ||||
-rw-r--r-- | src/providers/ipa/ipa_config.h | 51 |
3 files changed, 210 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am index 29df594f4..b3d8e90b9 100644 --- a/Makefile.am +++ b/Makefile.am @@ -357,6 +357,7 @@ dist_noinst_HEADERS = \ src/providers/ldap/sdap_autofs.h \ src/providers/ldap/sdap_id_op.h \ src/providers/ipa/ipa_common.h \ + src/providers/ipa/ipa_config.h \ src/providers/ipa/ipa_access.h \ src/providers/ipa/ipa_auth.h \ src/providers/ipa/ipa_dyndns.h \ @@ -1058,6 +1059,7 @@ libsss_krb5_la_LDFLAGS = \ libsss_ipa_la_SOURCES = \ src/providers/ipa/ipa_init.c \ src/providers/ipa/ipa_common.c \ + src/providers/ipa/ipa_config.c \ src/providers/ipa/ipa_utils.c \ src/providers/ipa/ipa_id.c \ src/providers/ipa/ipa_netgroups.c \ diff --git a/src/providers/ipa/ipa_config.c b/src/providers/ipa/ipa_config.c new file mode 100644 index 000000000..62a9a485d --- /dev/null +++ b/src/providers/ipa/ipa_config.c @@ -0,0 +1,157 @@ +/* + SSSD + + IPA Backend Module -- configuration retrieval + + Authors: + Jan Zeleny <jzeleny@redhat.com> + + Copyright (C) 2012 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "providers/ipa/ipa_config.h" +#include "providers/ipa/ipa_common.h" +#include "providers/ldap/sdap_async.h" + +struct ipa_get_config_state { + char *base; + const char **attrs; + + struct sysdb_attrs *config; +}; + +static void ipa_get_config_done(struct tevent_req *subreq); + +struct tevent_req * +ipa_get_config_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct sdap_handle *sh, + struct sdap_options *opts, + const char *domain, + const char **attrs) +{ + struct tevent_req *req; + struct tevent_req *subreq; + struct ipa_get_config_state *state; + errno_t ret; + char *ldap_basedn; + + req = tevent_req_create(mem_ctx, &state, struct ipa_get_config_state); + if (req == NULL) { + return NULL; + } + + if (attrs == NULL) { + state->attrs = talloc_zero_array(state, const char *, 4); + if (state->attrs == NULL) { + ret = ENOMEM; + goto done; + } + state->attrs[0] = IPA_CONFIG_MIGRATION_ENABLED; + state->attrs[1] = IPA_CONFIG_SELINUX_DEFAULT_MAP; + state->attrs[2] = IPA_CONFIG_SELINUX_MAP_ORDER; + state->attrs[3] = NULL; + attrs = state->attrs; + } else { + state->attrs = attrs; + } + + ret = domain_to_basedn(state, domain, &ldap_basedn); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, ("domain_to_basedn failed.\n")); + goto done; + } + + state->base = talloc_asprintf(state, IPA_CONFIG_SEARCH_BASE_TEMPLATE, + ldap_basedn); + if (state->base == NULL) { + DEBUG(SSSDBG_OP_FAILURE, ("talloc_asprintf failed.\n")); + ret = ENOMEM; + goto done; + } + + subreq = sdap_get_generic_send(state, ev, opts, + sh, state->base, + LDAP_SCOPE_SUBTREE, IPA_CONFIG_FILTER, + state->attrs, NULL, 0, + dp_opt_get_int(opts->basic, + SDAP_ENUM_SEARCH_TIMEOUT)); + if (subreq == NULL) { + ret = ENOMEM; + goto done; + } + + tevent_req_set_callback(subreq, ipa_get_config_done, req); + + ret = EOK; + +done: + if (ret != EOK) { + tevent_req_error(req, ret); + tevent_req_post(req, ev); + } + + return req; +} + +static void ipa_get_config_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data(subreq, + struct tevent_req); + struct ipa_get_config_state *state = tevent_req_data(req, + struct ipa_get_config_state); + size_t reply_count; + struct sysdb_attrs **reply = NULL; + errno_t ret; + + ret = sdap_get_generic_recv(subreq, state, &reply_count, &reply); + talloc_zfree(subreq); + if (ret) { + goto done; + } + + if (reply_count != 1) { + DEBUG(SSSDBG_OP_FAILURE, ("Unexpected number of results, expected 1, " + "got %d.\n", reply_count)); + ret = EINVAL; + goto done; + } + + state->config = reply[0]; + + ret = EOK; + +done: + if (ret != EOK) { + tevent_req_error(req, ret); + } else { + tevent_req_done(req); + } +} + +errno_t ipa_get_config_recv(struct tevent_req *req, + TALLOC_CTX *mem_ctx, + struct sysdb_attrs **config) +{ + struct ipa_get_config_state *state = tevent_req_data(req, + struct ipa_get_config_state); + + TEVENT_REQ_RETURN_ON_ERROR(req); + + *config = talloc_steal(mem_ctx, state->config); + + return EOK; +} diff --git a/src/providers/ipa/ipa_config.h b/src/providers/ipa/ipa_config.h new file mode 100644 index 000000000..9a25984b6 --- /dev/null +++ b/src/providers/ipa/ipa_config.h @@ -0,0 +1,51 @@ +/* + SSSD + + IPA Backend Module -- configuration retrieval header + + Authors: + Jan Zeleny <jzeleny@redhat.com> + + Copyright (C) 2012 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#ifndef IPA_CONFIG_H_ +#define IPA_CONFIG_H_ + +#include <talloc.h> +#include <tevent.h> + +#include "providers/ldap/ldap_common.h" +#include "db/sysdb.h" + +#define IPA_CONFIG_SELINUX_DEFAULT_MAP "ipaSELinuxUserMapDefault" +#define IPA_CONFIG_SELINUX_MAP_ORDER "ipaSELinuxUserMapOrder" +#define IPA_CONFIG_MIGRATION_ENABLED "ipaMigrationEnabled" +#define IPA_CONFIG_SEARCH_BASE_TEMPLATE "cn=etc,%s" +#define IPA_CONFIG_FILTER "(&(cn=ipaConfig)(objectClass=ipaGuiConfig))" + +struct tevent_req * ipa_get_config_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct sdap_handle *sh, + struct sdap_options *opts, + const char *domain, + const char **attrs); + +errno_t ipa_get_config_recv(struct tevent_req *req, + TALLOC_CTX *mem_ctx, + struct sysdb_attrs **config); + +#endif /* IPA_CONFIG_H_ */ |