diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2015-05-06 12:16:46 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-10-08 19:56:26 +0200 |
| commit | 28ebfa4373d1e7ce45b5d70a3619df1c074a661e (patch) | |
| tree | 0aafa2697dfa3a29b9b1b3b4103fda964914ce03 /src/db | |
| parent | d8125f0e0d38c6939887a0849a44859d6c498c57 (diff) | |
| download | sssd-28ebfa4373d1e7ce45b5d70a3619df1c074a661e.tar.gz sssd-28ebfa4373d1e7ce45b5d70a3619df1c074a661e.tar.xz sssd-28ebfa4373d1e7ce45b5d70a3619df1c074a661e.zip | |
cache_req: add support for UPN
Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src/db')
| -rw-r--r-- | src/db/sysdb.h | 16 | ||||
| -rw-r--r-- | src/db/sysdb_ops.c | 71 | ||||
| -rw-r--r-- | src/db/sysdb_search.c | 93 |
3 files changed, 162 insertions, 18 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 3c76fb0ce..4f488c088 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -609,6 +609,11 @@ int sysdb_getpwuid(TALLOC_CTX *mem_ctx, uid_t uid, struct ldb_result **res); +int sysdb_getpwupn(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + const char *upn, + struct ldb_result **res); + int sysdb_enumpwent(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, struct ldb_result **res); @@ -681,6 +686,11 @@ int sysdb_initgroups(TALLOC_CTX *mem_ctx, const char *name, struct ldb_result **res); +int sysdb_initgroups_by_upn(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + const char *upn, + struct ldb_result **res); + int sysdb_initgroups_with_views(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *name, @@ -768,6 +778,12 @@ int sysdb_search_user_by_sid_str(TALLOC_CTX *mem_ctx, const char **attrs, struct ldb_message **msg); +int sysdb_search_user_by_upn_res(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + const char *upn, + const char **attrs, + struct ldb_result **out_res); + int sysdb_search_user_by_upn(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *sid_str, diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 38e702190..aedf78d2f 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -474,28 +474,28 @@ int sysdb_search_user_by_sid_str(TALLOC_CTX *mem_ctx, sid_str, attrs, msg); } -int sysdb_search_user_by_upn(TALLOC_CTX *mem_ctx, - struct sss_domain_info *domain, - const char *upn, - const char **attrs, - struct ldb_message **msg) +int sysdb_search_user_by_upn_res(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + const char *upn, + const char **attrs, + struct ldb_result **out_res) { TALLOC_CTX *tmp_ctx; - const char *def_attrs[] = { SYSDB_NAME, SYSDB_UPN, SYSDB_CANONICAL_UPN, - NULL }; - struct ldb_message **msgs = NULL; - struct ldb_dn *basedn; - size_t msgs_count = 0; + struct ldb_result *res; + struct ldb_dn *base_dn; char *filter; int ret; + const char *def_attrs[] = { SYSDB_NAME, SYSDB_UPN, SYSDB_CANONICAL_UPN, + NULL }; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - return ENOMEM; + ret = ENOMEM; + goto done; } - basedn = sysdb_user_base_dn(tmp_ctx, domain); - if (basedn == NULL) { + base_dn = sysdb_user_base_dn(tmp_ctx, domain); + if (base_dn == NULL) { ret = ENOMEM; goto done; } @@ -506,29 +506,64 @@ int sysdb_search_user_by_upn(TALLOC_CTX *mem_ctx, goto done; } - ret = sysdb_search_entry(tmp_ctx, domain->sysdb, basedn, LDB_SCOPE_SUBTREE, - filter, attrs?attrs:def_attrs, &msgs_count, - &msgs); + ret = ldb_search(domain->sysdb->ldb, tmp_ctx, &res, + base_dn, LDB_SCOPE_SUBTREE, attrs ? attrs : def_attrs, + filter); if (ret != EOK) { + ret = sysdb_error_to_errno(ret); goto done; } - if (msgs_count > 1) { + if (res->count == 0) { + /* set result anyway */ + *out_res = talloc_steal(mem_ctx, res); + ret = ENOENT; + goto done; + } else if (res->count > 1) { DEBUG(SSSDBG_OP_FAILURE, "Search for upn [%s] returns more than one result.\n", upn); ret = EINVAL; goto done; } - *msg = talloc_steal(mem_ctx, msgs[0]); + *out_res = talloc_steal(mem_ctx, res); + ret = EOK; done: + talloc_zfree(tmp_ctx); + return ret; +} + +int sysdb_search_user_by_upn(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + const char *upn, + const char **attrs, + struct ldb_message **msg) +{ + TALLOC_CTX *tmp_ctx; + struct ldb_result *res; + errno_t ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + ret = ENOMEM; + goto done; + } + + ret = sysdb_search_user_by_upn_res(tmp_ctx, domain, upn, attrs, &res); if (ret == ENOENT) { DEBUG(SSSDBG_TRACE_FUNC, "No entry with upn [%s] found.\n", upn); + goto done; } else if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "Error: %d (%s)\n", ret, strerror(ret)); + goto done; } + *msg = talloc_steal(mem_ctx, res->msgs[0]); + + ret = EOK; + +done: talloc_zfree(tmp_ctx); return ret; } diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index ab72addbc..1e4031191 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -295,6 +295,35 @@ static char *enum_filter(TALLOC_CTX *mem_ctx, return filter; } +int sysdb_getpwupn(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + const char *upn, + struct ldb_result **_res) +{ + TALLOC_CTX *tmp_ctx; + struct ldb_result *res; + static const char *attrs[] = SYSDB_PW_ATTRS; + errno_t ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n"); + return ENOMEM; + } + + ret = sysdb_search_user_by_upn_res(tmp_ctx, domain, upn, attrs, &res); + if (ret != EOK && ret != ENOENT) { + DEBUG(SSSDBG_OP_FAILURE, "sysdb_search_user_by_upn_res() failed.\n"); + goto done; + } + + *_res = talloc_steal(mem_ctx, res); + +done: + talloc_free(tmp_ctx); + return ret; +} + int sysdb_enumpwent_filter(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *name_filter, @@ -957,6 +986,70 @@ done: return ret; } +int sysdb_initgroups_by_upn(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + const char *upn, + struct ldb_result **_res) +{ + TALLOC_CTX *tmp_ctx; + struct ldb_message *msg; + struct ldb_result *res; + const char *sysdb_name; + static const char *attrs[] = SYSDB_INITGR_ATTRS; + size_t i; + errno_t ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n"); + return ENOMEM; + } + + ret = sysdb_search_user_by_upn(tmp_ctx, domain, upn, attrs, &msg); + if (ret != EOK && ret != ENOENT) { + DEBUG(SSSDBG_OP_FAILURE, "sysdb_search_user_by_upn() failed.\n"); + goto done; + } + + res = talloc_zero(tmp_ctx, struct ldb_result); + if (res == NULL) { + DEBUG(SSSDBG_OP_FAILURE, "talloc_zero() failed.\n"); + ret = ENOMEM; + goto done; + } + + if (ret == ENOENT) { + res->count = 0; + res->msgs = NULL; + } else { + sysdb_name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL); + if (sysdb_name == NULL) { + DEBUG(SSSDBG_OP_FAILURE, "Sysdb entry does not have a name.\n"); + return EINVAL; + } + + ret = sysdb_initgroups(tmp_ctx, domain, sysdb_name, &res); + if (ret == EOK && DOM_HAS_VIEWS(domain)) { + for (i = 0; i < res->count; i++) { + ret = sysdb_add_overrides_to_object(domain, res->msgs[i], + NULL, NULL); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "sysdb_add_overrides_to_object() failed.\n"); + return ret; + } + } + } + } + + *_res = talloc_steal(mem_ctx, res); + ret = EOK; + +done: + talloc_free(tmp_ctx); + return ret; +} + int sysdb_initgroups_with_views(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *name, |