diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2012-03-12 10:07:35 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-06-29 11:37:16 -0400 |
| commit | 46d3d2c731e8c7e138462e5b60a39a279dc77d81 (patch) | |
| tree | bf34e85372bbffbed1e4f648d284cc9cc487da1a /src/responder/sudo/sudosrv_query.c | |
| parent | cda8ff6cfdef22356dc3c06ec5204344912f0f0b (diff) | |
| download | sssd-46d3d2c731e8c7e138462e5b60a39a279dc77d81.tar.gz sssd-46d3d2c731e8c7e138462e5b60a39a279dc77d81.tar.xz sssd-46d3d2c731e8c7e138462e5b60a39a279dc77d81.zip | |
sudo api: send uid, username and domainname
https://fedorahosted.org/sssd/ticket/1239
Test client was changed accordingly. The new usage is:
sss_sudo_cli username [uid]
If uid is not set, getpwnam(username) is called. It will retrieve
both default options and rules.
Diffstat (limited to 'src/responder/sudo/sudosrv_query.c')
| -rw-r--r-- | src/responder/sudo/sudosrv_query.c | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/src/responder/sudo/sudosrv_query.c b/src/responder/sudo/sudosrv_query.c index dd9e1e880..7ba80e2ac 100644 --- a/src/responder/sudo/sudosrv_query.c +++ b/src/responder/sudo/sudosrv_query.c @@ -179,7 +179,7 @@ done: /* * Response format: - * <error_code(uint32_t)><num_entries(uint32_t)><rule1><rule2>... + * <error_code(uint32_t)><domain(char*)>\0<num_entries(uint32_t)><rule1><rule2>... * <ruleN> = <num_attrs(uint32_t)><attr1><attr2>... * <attrN> = <name(char*)>\0<num_values(uint32_t)><value1(char*)>\0<value2(char*)>\0... * @@ -187,6 +187,7 @@ done: */ errno_t sudosrv_build_response(TALLOC_CTX *mem_ctx, uint32_t error, + const char *domain, int rules_num, struct sysdb_attrs **rules, uint8_t **_response_body, @@ -215,6 +216,13 @@ errno_t sudosrv_build_response(TALLOC_CTX *mem_ctx, goto done; } + /* domain name */ + ret = sudosrv_response_append_string(tmp_ctx, domain, strlen(domain) + 1, + &response_body, &response_len); + if (ret != EOK) { + goto fail; + } + /* rules count */ ret = sudosrv_response_append_uint32(tmp_ctx, (uint32_t)rules_num, &response_body, &response_len); @@ -244,12 +252,13 @@ fail: /* * Query format: - * <username[@domain]> + * <uid><username[@domain]> */ errno_t sudosrv_parse_query(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, uint8_t *query_body, size_t query_len, + uid_t *_uid, char **_username, struct sss_domain_info **_domain) { @@ -260,6 +269,7 @@ errno_t sudosrv_parse_query(TALLOC_CTX *mem_ctx, char *rawname = NULL; char *domainname = NULL; char *username = NULL; + uid_t uid; errno_t ret; tmp_ctx = talloc_new(NULL); @@ -268,6 +278,15 @@ errno_t sudosrv_parse_query(TALLOC_CTX *mem_ctx, return ENOMEM; } + /* uid */ + + if (query_len < sizeof(uid_t)) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Query is too small\n")); + ret = EINVAL; + goto done; + } + safealign_memcpy(&uid, query_body, sizeof(uid_t), &offset); + /* username[@domain] */ rawname = (char*)(query_body + offset); @@ -310,6 +329,7 @@ errno_t sudosrv_parse_query(TALLOC_CTX *mem_ctx, } } + *_uid = uid; *_username = talloc_steal(mem_ctx, username); *_domain = domain; /* do not steal on mem_ctx */ |