diff options
-rw-r--r-- | src/providers/data_provider.h | 1 | ||||
-rw-r--r-- | src/providers/data_provider_be.c | 3 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id.c | 23 | ||||
-rw-r--r-- | src/providers/proxy/proxy_id.c | 48 | ||||
-rw-r--r-- | src/responder/common/responder_dp.c | 2 | ||||
-rw-r--r-- | src/util/util.h | 2 |
6 files changed, 29 insertions, 50 deletions
diff --git a/src/providers/data_provider.h b/src/providers/data_provider.h index 819a2d770..6fe3b3b22 100644 --- a/src/providers/data_provider.h +++ b/src/providers/data_provider.h @@ -141,6 +141,7 @@ #define BE_FILTER_NAME 1 #define BE_FILTER_IDNUM 2 +#define BE_FILTER_ENUM 3 #define BE_REQ_USER 0x0001 #define BE_REQ_GROUP 0x0002 diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 98c3f392e..b4f3660e1 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -403,6 +403,9 @@ static int be_get_account_info(DBusMessage *message, struct sbus_connection *con } else if (strncmp(filter, "idnumber=", 9) == 0) { filter_type = BE_FILTER_IDNUM; filter_val = &filter[9]; + } else if (strcmp(filter, ENUM_INDICATOR) == 0) { + filter_type = BE_FILTER_ENUM; + filter_val = NULL; } else { err_maj = DP_ERR_FATAL; err_min = EINVAL; diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index 1a9b2e09d..9121a3e9f 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -210,13 +210,10 @@ static void users_get_done(struct tevent_req *subreq) } if (ret == ENOENT) { - if (strchr(state->name, '*')) { - /* it was an enumeration */ + switch (state->filter_type) { + case BE_FILTER_ENUM: tevent_req_error(req, ret); return; - } - - switch (state->filter_type) { case BE_FILTER_NAME: ret = sysdb_delete_user(state, state->sysdb, state->domain, state->name, 0); @@ -442,13 +439,10 @@ static void groups_get_done(struct tevent_req *subreq) } if (ret == ENOENT) { - if (strchr(state->name, '*')) { - /* it was an enumeration */ + switch (state->filter_type) { + case BE_FILTER_ENUM: tevent_req_error(req, ret); return; - } - - switch (state->filter_type) { case BE_FILTER_NAME: ret = sysdb_delete_group(state, state->sysdb, state->domain, state->name, 0); @@ -723,7 +717,7 @@ void sdap_account_info_handler(struct be_req *breq) case BE_REQ_USER: /* user */ /* skip enumerations on demand */ - if (strcmp(ar->filter_value, "*") == 0) { + if (ar->filter_type == BE_FILTER_ENUM) { return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success"); } @@ -741,7 +735,7 @@ void sdap_account_info_handler(struct be_req *breq) case BE_REQ_GROUP: /* group */ - if (strcmp(ar->filter_value, "*") == 0) { + if (ar->filter_type == BE_FILTER_ENUM) { return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success"); } @@ -769,11 +763,6 @@ void sdap_account_info_handler(struct be_req *breq) err = "Invalid attr type"; break; } - if (strchr(ar->filter_value, '*')) { - ret = EINVAL; - err = "Invalid filter value"; - break; - } req = groups_by_user_send(breq, breq->be_ctx->ev, ctx, ar->filter_value); if (!req) ret = ENOMEM; diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c index 71541386f..4fd656fed 100644 --- a/src/providers/proxy/proxy_id.c +++ b/src/providers/proxy/proxy_id.c @@ -1045,6 +1045,7 @@ void proxy_get_account_info(struct be_req *breq) uid_t uid; gid_t gid; int ret; + char *endptr; ar = talloc_get_type(breq->req_data, struct be_acct_req); ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, @@ -1064,27 +1065,21 @@ void proxy_get_account_info(struct be_req *breq) switch (ar->entry_type & 0xFFF) { case BE_REQ_USER: /* user */ switch (ar->filter_type) { + case BE_FILTER_ENUM: + ret = enum_users(breq, ctx, sysdb, domain); + break; + case BE_FILTER_NAME: - if (strchr(ar->filter_value, '*')) { - ret = enum_users(breq, ctx, sysdb, domain); - } else { - ret = get_pw_name(breq, ctx, sysdb, domain, ar->filter_value); - } + ret = get_pw_name(breq, ctx, sysdb, domain, ar->filter_value); break; case BE_FILTER_IDNUM: - if (strchr(ar->filter_value, '*')) { + uid = (uid_t) strtouint32(ar->filter_value, &endptr, 0); + if (errno || *endptr || (ar->filter_value == endptr)) { return proxy_reply(breq, DP_ERR_FATAL, EINVAL, "Invalid attr type"); - } else { - char *endptr; - uid = (uid_t) strtouint32(ar->filter_value, &endptr, 0); - if (errno || *endptr || (ar->filter_value == endptr)) { - return proxy_reply(breq, DP_ERR_FATAL, - EINVAL, "Invalid attr type"); - } - ret = get_pw_uid(breq, ctx, sysdb, domain, uid); } + ret = get_pw_uid(breq, ctx, sysdb, domain, uid); break; default: return proxy_reply(breq, DP_ERR_FATAL, @@ -1094,26 +1089,19 @@ void proxy_get_account_info(struct be_req *breq) case BE_REQ_GROUP: /* group */ switch (ar->filter_type) { + case BE_FILTER_ENUM: + ret = enum_groups(breq, ctx, sysdb, domain); + break; case BE_FILTER_NAME: - if (strchr(ar->filter_value, '*')) { - ret = enum_groups(breq, ctx, sysdb, domain); - } else { - ret = get_gr_name(breq, ctx, sysdb, domain, ar->filter_value); - } + ret = get_gr_name(breq, ctx, sysdb, domain, ar->filter_value); break; case BE_FILTER_IDNUM: - if (strchr(ar->filter_value, '*')) { + gid = (gid_t) strtouint32(ar->filter_value, &endptr, 0); + if (errno || *endptr || (ar->filter_value == endptr)) { return proxy_reply(breq, DP_ERR_FATAL, EINVAL, "Invalid attr type"); - } else { - char *endptr; - gid = (gid_t) strtouint32(ar->filter_value, &endptr, 0); - if (errno || *endptr || (ar->filter_value == endptr)) { - return proxy_reply(breq, DP_ERR_FATAL, - EINVAL, "Invalid attr type"); - } - ret = get_gr_gid(breq, ctx, sysdb, domain, gid); } + ret = get_gr_gid(breq, ctx, sysdb, domain, gid); break; default: return proxy_reply(breq, DP_ERR_FATAL, @@ -1126,10 +1114,6 @@ void proxy_get_account_info(struct be_req *breq) return proxy_reply(breq, DP_ERR_FATAL, EINVAL, "Invalid filter type"); } - if (strchr(ar->filter_value, '*')) { - return proxy_reply(breq, DP_ERR_FATAL, - EINVAL, "Invalid filter value"); - } if (ctx->ops.initgroups_dyn == NULL) { return proxy_reply(breq, DP_ERR_FATAL, ENODEV, "Initgroups call not supported"); diff --git a/src/responder/common/responder_dp.c b/src/responder/common/responder_dp.c index b2b5d40ea..8050e06f8 100644 --- a/src/responder/common/responder_dp.c +++ b/src/responder/common/responder_dp.c @@ -329,7 +329,7 @@ int sss_dp_send_acct_req(struct resp_ctx *rctx, TALLOC_CTX *callback_memctx, filter = talloc_asprintf(tmp_ctx, "idnumber=%u", opt_id); key.str = talloc_asprintf(tmp_ctx, "%d%d@%s", type, opt_id, domain); } else { - filter = talloc_strdup(tmp_ctx, "name=*"); + filter = talloc_strdup(tmp_ctx, ENUM_INDICATOR); key.str = talloc_asprintf(tmp_ctx, "%d*@%s", type, domain); } if (!filter || !key.str) { diff --git a/src/util/util.h b/src/util/util.h index 53a6b1c97..e48069495 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -50,6 +50,8 @@ typedef int errno_t; #define _(STRING) gettext (STRING) +#define ENUM_INDICATOR "*" + extern const char *debug_prg_name; extern int debug_level; extern int debug_timestamps; |