diff options
23 files changed, 175 insertions, 115 deletions
diff --git a/src/providers/ad/ad_init.c b/src/providers/ad/ad_init.c index d5488ad07..aada14ec7 100644 --- a/src/providers/ad/ad_init.c +++ b/src/providers/ad/ad_init.c @@ -135,29 +135,36 @@ sssm_ad_id_init(struct be_ctx *bectx, ad_ctx->ad_options = ad_options; ad_options->id_ctx = ad_ctx; - sdap_ctx = talloc_zero(ad_options, struct sdap_id_ctx); - if (!sdap_ctx) { + sdap_ctx = sdap_id_ctx_new(ad_options, bectx, ad_options->service->sdap); + if (sdap_ctx == NULL) { return ENOMEM; } - sdap_ctx->be = bectx; - sdap_ctx->service = ad_options->service->sdap; ad_ctx->sdap_id_ctx = sdap_ctx; - ret = ad_get_id_options(ad_options, bectx->cdb, - bectx->conf_path, - &sdap_ctx->opts); + ret = ad_dyndns_init(sdap_ctx->be, ad_options); + if (ret != EOK) { + DEBUG(SSSDBG_MINOR_FAILURE, + ("Failure setting up automatic DNS update\n")); + /* Continue without DNS updates */ + } + + ret = sdap_id_setup_tasks(sdap_ctx); if (ret != EOK) { goto done; } - ret = setup_tls_config(sdap_ctx->opts->basic); + ret = sdap_setup_child(); if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, - ("setup_tls_config failed [%s]\n", strerror(ret))); + DEBUG(SSSDBG_FATAL_FAILURE, + ("setup_child failed [%d][%s].\n", + ret, strerror(ret))); goto done; } - ret = sdap_id_conn_cache_create(sdap_ctx, sdap_ctx, &sdap_ctx->conn_cache); + /* Set up various SDAP options */ + ret = ad_get_id_options(ad_options, bectx->cdb, + bectx->conf_path, + &sdap_ctx->opts); if (ret != EOK) { goto done; } @@ -166,23 +173,11 @@ sssm_ad_id_init(struct be_ctx *bectx, ret = sdap_idmap_init(sdap_ctx, sdap_ctx, &sdap_ctx->opts->idmap_ctx); if (ret != EOK) goto done; - ret = ad_dyndns_init(sdap_ctx->be, ad_options); - if (ret != EOK) { - DEBUG(SSSDBG_MINOR_FAILURE, - ("Failure setting up automatic DNS update\n")); - /* Continue without DNS updates */ - } - ret = sdap_id_setup_tasks(sdap_ctx); - if (ret != EOK) { - goto done; - } - - ret = sdap_setup_child(); + ret = setup_tls_config(sdap_ctx->opts->basic); if (ret != EOK) { - DEBUG(SSSDBG_FATAL_FAILURE, - ("setup_child failed [%d][%s].\n", - ret, strerror(ret))); + DEBUG(SSSDBG_CRIT_FAILURE, + ("setup_tls_config failed [%s]\n", strerror(ret))); goto done; } diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c index 51c695541..da0c85e76 100644 --- a/src/providers/ad/ad_subdomains.c +++ b/src/providers/ad/ad_subdomains.c @@ -93,7 +93,7 @@ static void ad_subdomains_retrieve(struct ad_subdomains_ctx *ctx, req_ctx->reply = NULL; req_ctx->sdap_op = sdap_id_op_create(req_ctx, - ctx->sdap_id_ctx->conn_cache); + ctx->sdap_id_ctx->conn->conn_cache); if (req_ctx->sdap_op == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed.\n")); ret = ENOMEM; diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c index c43974e3c..3760c6f71 100644 --- a/src/providers/ipa/ipa_access.c +++ b/src/providers/ipa/ipa_access.c @@ -208,7 +208,7 @@ static int hbac_retry(struct hbac_ctx *hbac_ctx) if (!offline) { if (hbac_ctx->sdap_op == NULL) { hbac_ctx->sdap_op = sdap_id_op_create(hbac_ctx, - hbac_ctx->sdap_ctx->conn_cache); + hbac_ctx->sdap_ctx->conn->conn_cache); if (hbac_ctx->sdap_op == NULL) { DEBUG(1, ("sdap_id_op_create failed.\n")); return EIO; diff --git a/src/providers/ipa/ipa_auth.c b/src/providers/ipa/ipa_auth.c index b528c544d..651196a96 100644 --- a/src/providers/ipa/ipa_auth.c +++ b/src/providers/ipa/ipa_auth.c @@ -71,7 +71,8 @@ static struct tevent_req *get_password_migration_flag_send(TALLOC_CTX *memctx, state->password_migration = false; state->ipa_realm = ipa_realm; - state->sdap_op = sdap_id_op_create(state, state->sdap_id_ctx->conn_cache); + state->sdap_op = sdap_id_op_create(state, + state->sdap_id_ctx->conn->conn_cache); if (state->sdap_op == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed.\n")); goto fail; diff --git a/src/providers/ipa/ipa_hostid.c b/src/providers/ipa/ipa_hostid.c index cb37e9a4d..a697dbf66 100644 --- a/src/providers/ipa/ipa_hostid.c +++ b/src/providers/ipa/ipa_hostid.c @@ -165,7 +165,7 @@ hosts_get_send(TALLOC_CTX *memctx, state->ctx = hostid_ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, ctx->conn_cache); + state->op = sdap_id_op_create(state, ctx->conn->conn_cache); if (!state->op) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ipa_id.c index 5f94eb2c1..b7ae81f66 100644 --- a/src/providers/ipa/ipa_id.c +++ b/src/providers/ipa/ipa_id.c @@ -174,7 +174,7 @@ static struct tevent_req *ipa_id_get_netgroup_send(TALLOC_CTX *memctx, state->ctx = ipa_ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, ctx->conn_cache); + state->op = sdap_id_op_create(state, ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c index 9676b781d..8363ca6d7 100644 --- a/src/providers/ipa/ipa_init.c +++ b/src/providers/ipa/ipa_init.c @@ -138,12 +138,10 @@ int sssm_ipa_id_init(struct be_ctx *bectx, ipa_options->id_ctx = ipa_ctx; ipa_ctx->ipa_options = ipa_options; - sdap_ctx = talloc_zero(ipa_options, struct sdap_id_ctx); - if (!sdap_ctx) { + sdap_ctx = sdap_id_ctx_new(ipa_options, bectx, ipa_options->service->sdap); + if (sdap_ctx == NULL) { return ENOMEM; } - sdap_ctx->be = bectx; - sdap_ctx->service = ipa_options->service->sdap; ipa_ctx->sdap_id_ctx = sdap_ctx; ret = ipa_get_id_options(ipa_options, bectx->cdb, @@ -188,10 +186,6 @@ int sssm_ipa_id_init(struct be_ctx *bectx, goto done; } - ret = sdap_id_conn_cache_create(sdap_ctx, sdap_ctx, &sdap_ctx->conn_cache); - if (ret != EOK) { - goto done; - } /* Set up the ID mapping object */ ret = sdap_idmap_init(sdap_ctx, sdap_ctx, &sdap_ctx->opts->idmap_ctx); diff --git a/src/providers/ipa/ipa_selinux.c b/src/providers/ipa/ipa_selinux.c index ce8f39ccc..39bebebfd 100644 --- a/src/providers/ipa/ipa_selinux.c +++ b/src/providers/ipa/ipa_selinux.c @@ -864,7 +864,8 @@ ipa_get_selinux_send(TALLOC_CTX *mem_ctx, } if (!offline) { - state->op = sdap_id_op_create(state, selinux_ctx->id_ctx->sdap_id_ctx->conn_cache); + state->op = sdap_id_op_create(state, + selinux_ctx->id_ctx->sdap_id_ctx->conn->conn_cache); if (!state->op) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c index 95a11198a..18878ae33 100644 --- a/src/providers/ipa/ipa_subdomains.c +++ b/src/providers/ipa/ipa_subdomains.c @@ -558,7 +558,7 @@ static void ipa_subdomains_retrieve(struct ipa_subdomains_ctx *ctx, struct be_re req_ctx->reply = NULL; req_ctx->sdap_op = sdap_id_op_create(req_ctx, - ctx->sdap_id_ctx->conn_cache); + ctx->sdap_id_ctx->conn->conn_cache); if (req_ctx->sdap_op == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed.\n")); ret = ENOMEM; diff --git a/src/providers/ipa/ipa_subdomains_id.c b/src/providers/ipa/ipa_subdomains_id.c index ea313cbaf..7fa09bd98 100644 --- a/src/providers/ipa/ipa_subdomains_id.c +++ b/src/providers/ipa/ipa_subdomains_id.c @@ -66,7 +66,7 @@ struct tevent_req *ipa_get_subdom_acct_send(TALLOC_CTX *memctx, state->ctx = ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 1e92400d9..856c57e43 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -1628,3 +1628,50 @@ sdap_attrs_get_sid_str(TALLOC_CTX *mem_ctx, return EOK; } + +struct sdap_id_conn_ctx * +sdap_id_ctx_conn_add(struct sdap_id_ctx *id_ctx, + struct sdap_service *sdap_service) +{ + struct sdap_id_conn_ctx *conn; + errno_t ret; + + conn = talloc_zero(id_ctx, struct sdap_id_conn_ctx); + if (conn == NULL) { + return NULL; + } + conn->service = talloc_steal(conn, sdap_service); + conn->id_ctx = id_ctx; + + /* Create a connection cache */ + ret = sdap_id_conn_cache_create(conn, id_ctx, conn, &conn->conn_cache); + if (ret != EOK) { + talloc_free(conn); + return NULL; + } + DLIST_ADD_END(id_ctx->conn, conn, struct sdap_id_conn_ctx *); + + return conn; +} + +struct sdap_id_ctx * +sdap_id_ctx_new(TALLOC_CTX *mem_ctx, struct be_ctx *bectx, + struct sdap_service *sdap_service) +{ + struct sdap_id_ctx *sdap_ctx; + + sdap_ctx = talloc_zero(mem_ctx, struct sdap_id_ctx); + if (sdap_ctx == NULL) { + return NULL; + } + sdap_ctx->be = bectx; + + /* There should be at least one connection context */ + sdap_ctx->conn = sdap_id_ctx_conn_add(sdap_ctx, sdap_service); + if (sdap_ctx->conn == NULL) { + talloc_free(sdap_ctx); + return NULL; + } + + return sdap_ctx; +} diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h index 2d17b7558..8c6083541 100644 --- a/src/providers/ldap/ldap_common.h +++ b/src/providers/ldap/ldap_common.h @@ -42,17 +42,26 @@ /* a fd the child process would log into */ extern int ldap_child_debug_fd; +struct sdap_id_ctx; + +struct sdap_id_conn_ctx { + struct sdap_id_ctx *id_ctx; + + struct sdap_service *service; + /* LDAP connection cache */ + struct sdap_id_conn_cache *conn_cache; + /* dlinklist pointers */ + struct sdap_id_conn_ctx *prev, *next; +}; + struct sdap_id_ctx { struct be_ctx *be; struct sdap_options *opts; - struct fo_service *fo_service; - struct sdap_service *service; /* If using GSSAPI */ struct krb5_service *krb5_service; - - /* LDAP connection cache */ - struct sdap_id_conn_cache *conn_cache; + /* connection to a server */ + struct sdap_id_conn_ctx *conn; /* enumeration loop timer */ struct timeval last_enum; @@ -235,4 +244,12 @@ sdap_set_sasl_options(struct sdap_options *id_opts, char *default_realm, const char *keytab_path); +struct sdap_id_conn_ctx * +sdap_id_ctx_conn_add(struct sdap_id_ctx *id_ctx, + struct sdap_service *sdap_service); + +struct sdap_id_ctx * +sdap_id_ctx_new(TALLOC_CTX *mem_ctx, struct be_ctx *bectx, + struct sdap_service *sdap_service); + #endif /* _LDAP_COMMON_H_ */ diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index 13b607ac3..a7987810c 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -80,7 +80,7 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx, state->ctx = ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; @@ -403,7 +403,7 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx, state->ctx = ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; @@ -698,7 +698,7 @@ static struct tevent_req *groups_by_user_send(TALLOC_CTX *memctx, state->ctx = ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; @@ -862,7 +862,7 @@ void sdap_do_online_check(struct be_req *be_req, struct sdap_id_ctx *ctx) check_ctx->be_req = be_req; req = sdap_cli_connect_send(be_req, be_ctx->ev, ctx->opts, - be_ctx, ctx->service, false, + be_ctx, ctx->conn->service, false, CON_TLS_DFL, false); if (req == NULL) { DEBUG(1, ("sdap_cli_connect_send failed.\n")); @@ -1280,7 +1280,7 @@ static struct tevent_req *get_user_and_group_send(TALLOC_CTX *memctx, state->id_ctx = id_ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->id_ctx->conn_cache); + state->op = sdap_id_op_create(state, state->id_ctx->conn->conn_cache); if (!state->op) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/ldap_id_enum.c b/src/providers/ldap/ldap_id_enum.c index 6c5a378ed..7a2129d97 100644 --- a/src/providers/ldap/ldap_id_enum.c +++ b/src/providers/ldap/ldap_id_enum.c @@ -212,7 +212,7 @@ struct tevent_req *ldap_id_enumerate_send(struct tevent_context *ev, state->ev = ev; state->ctx = ctx; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); talloc_zfree(req); diff --git a/src/providers/ldap/ldap_id_netgroup.c b/src/providers/ldap/ldap_id_netgroup.c index 5080cfb62..6788a52e5 100644 --- a/src/providers/ldap/ldap_id_netgroup.c +++ b/src/providers/ldap/ldap_id_netgroup.c @@ -70,7 +70,7 @@ struct tevent_req *ldap_netgroup_get_send(TALLOC_CTX *memctx, state->ctx = ctx; state->dp_error = DP_ERR_FATAL; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/ldap_id_services.c b/src/providers/ldap/ldap_id_services.c index 5699bf0dc..5c3c53f2a 100644 --- a/src/providers/ldap/ldap_id_services.c +++ b/src/providers/ldap/ldap_id_services.c @@ -82,7 +82,7 @@ services_get_send(TALLOC_CTX *mem_ctx, state->protocol = protocol; state->filter_type = filter_type; - state->op = sdap_id_op_create(state, state->id_ctx->conn_cache); + state->op = sdap_id_op_create(state, state->id_ctx->conn->conn_cache); if (!state->op) { DEBUG(SSSDBG_MINOR_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c index f70c8f1b0..56339961d 100644 --- a/src/providers/ldap/ldap_init.c +++ b/src/providers/ldap/ldap_init.c @@ -87,11 +87,13 @@ int sssm_ldap_id_init(struct be_ctx *bectx, struct bet_ops **ops, void **pvt_data) { - struct sdap_id_ctx *ctx; + struct sdap_id_ctx *ctx = NULL; const char *urls; const char *backup_urls; const char *dns_service_name; const char *sasl_mech; + struct sdap_service *sdap_service; + struct sdap_options *opts; int ret; /* If we're already set up, just return that */ @@ -103,37 +105,40 @@ int sssm_ldap_id_init(struct be_ctx *bectx, return EOK; } - ctx = talloc_zero(bectx, struct sdap_id_ctx); - if (!ctx) return ENOMEM; - - ctx->be = bectx; - - ret = ldap_get_options(ctx, bectx->cdb, - bectx->conf_path, &ctx->opts); + ret = ldap_get_options(bectx, bectx->cdb, + bectx->conf_path, &opts); if (ret != EOK) { goto done; } - dns_service_name = dp_opt_get_string(ctx->opts->basic, + dns_service_name = dp_opt_get_string(opts->basic, SDAP_DNS_SERVICE_NAME); - DEBUG(7, ("Service name for discovery set to %s\n", dns_service_name)); + DEBUG(SSSDBG_CONF_SETTINGS, + ("Service name for discovery set to %s\n", dns_service_name)); - urls = dp_opt_get_string(ctx->opts->basic, SDAP_URI); - backup_urls = dp_opt_get_string(ctx->opts->basic, SDAP_BACKUP_URI); + urls = dp_opt_get_string(opts->basic, SDAP_URI); + backup_urls = dp_opt_get_string(opts->basic, SDAP_BACKUP_URI); - ret = sdap_service_init(ctx, ctx->be, "LDAP", + ret = sdap_service_init(bectx, bectx, "LDAP", dns_service_name, urls, backup_urls, - &ctx->service); + &sdap_service); if (ret != EOK) { - DEBUG(1, ("Failed to initialize failover service!\n")); + DEBUG(SSSDBG_OP_FAILURE, ("Failed to initialize failover service!\n")); goto done; } + ctx = sdap_id_ctx_new(bectx, bectx, sdap_service); + if (!ctx) { + ret = ENOMEM; + goto done; + } + ctx->opts = talloc_steal(ctx, opts); + sasl_mech = dp_opt_get_string(ctx->opts->basic, SDAP_SASL_MECH); if (sasl_mech && strcasecmp(sasl_mech, "GSSAPI") == 0) { if (dp_opt_get_bool(ctx->opts->basic, SDAP_KRB5_KINIT)) { ret = sdap_gssapi_init(ctx, ctx->opts->basic, - ctx->be, ctx->service, + ctx->be, ctx->conn->service, &ctx->krb5_service); if (ret != EOK) { DEBUG(1, ("sdap_gssapi_init failed [%d][%s].\n", @@ -150,11 +155,6 @@ int sssm_ldap_id_init(struct be_ctx *bectx, goto done; } - ret = sdap_id_conn_cache_create(ctx, ctx, &ctx->conn_cache); - if (ret != EOK) { - goto done; - } - /* Set up the ID mapping object */ ret = sdap_idmap_init(ctx, ctx, &ctx->opts->idmap_ctx); if (ret != EOK) goto done; @@ -185,6 +185,7 @@ int sssm_ldap_id_init(struct be_ctx *bectx, done: if (ret != EOK) { + talloc_free(opts); talloc_free(ctx); } return ret; @@ -208,7 +209,7 @@ int sssm_ldap_auth_init(struct be_ctx *bectx, ctx->be = bectx; ctx->opts = id_ctx->opts; - ctx->service = id_ctx->service; + ctx->service = id_ctx->conn->service; ctx->chpass_service = NULL; *ops = &sdap_auth_ops; diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c index 1b2f6993d..e74542346 100644 --- a/src/providers/ldap/sdap_access.c +++ b/src/providers/ldap/sdap_access.c @@ -718,7 +718,8 @@ static struct tevent_req *sdap_access_filter_send(TALLOC_CTX *mem_ctx, DEBUG(6, ("Checking filter against LDAP\n")); - state->sdap_op = sdap_id_op_create(state, state->sdap_ctx->conn_cache); + state->sdap_op = sdap_id_op_create(state, + state->sdap_ctx->conn->conn_cache); if (!state->sdap_op) { DEBUG(2, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/sdap_autofs.c b/src/providers/ldap/sdap_autofs.c index 0bb211aa3..e7947c9b2 100644 --- a/src/providers/ldap/sdap_autofs.c +++ b/src/providers/ldap/sdap_autofs.c @@ -154,7 +154,7 @@ sdap_autofs_get_map_send(TALLOC_CTX *mem_ctx, state->dp_error = DP_ERR_FATAL; state->map_name = map_name; - state->op = sdap_id_op_create(state, state->ctx->conn_cache); + state->op = sdap_id_op_create(state, state->ctx->conn->conn_cache); if (!state->op) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/sdap_dyndns.c b/src/providers/ldap/sdap_dyndns.c index d7e20ca4f..8fe2011d1 100644 --- a/src/providers/ldap/sdap_dyndns.c +++ b/src/providers/ldap/sdap_dyndns.c @@ -500,7 +500,7 @@ sdap_dyndns_get_addrs_send(TALLOC_CTX *mem_ctx, } /* Detect DYNDNS address from LDAP connection */ - state->sdap_op = sdap_id_op_create(state, sdap_ctx->conn_cache); + state->sdap_op = sdap_id_op_create(state, sdap_ctx->conn->conn_cache); if (!state->sdap_op) { ret = ENOMEM; DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); @@ -664,7 +664,7 @@ sdap_dyndns_timer_conn_send(TALLOC_CTX *mem_ctx, state->dyndns_ctx->timer_in_progress = true; /* Make sure to have a valid LDAP connection */ - state->sdap_op = sdap_id_op_create(state, state->sdap_ctx->conn_cache); + state->sdap_op = sdap_id_op_create(state, state->sdap_ctx->conn->conn_cache); if (state->sdap_op == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("sdap_id_op_create failed\n")); ret = ENOMEM; diff --git a/src/providers/ldap/sdap_id_op.c b/src/providers/ldap/sdap_id_op.c index 02142103b..be25b5da4 100644 --- a/src/providers/ldap/sdap_id_op.c +++ b/src/providers/ldap/sdap_id_op.c @@ -28,7 +28,7 @@ /* LDAP async connection cache */ struct sdap_id_conn_cache { - struct sdap_id_ctx *id_ctx; + struct sdap_id_conn_ctx *id_conn; /* list of all open connections */ struct sdap_id_conn_data *connections; @@ -103,6 +103,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq); /* Create a connection cache */ int sdap_id_conn_cache_create(TALLOC_CTX *memctx, struct sdap_id_ctx *id_ctx, + struct sdap_id_conn_ctx *id_conn, struct sdap_id_conn_cache** conn_cache_out) { int ret; @@ -113,9 +114,9 @@ int sdap_id_conn_cache_create(TALLOC_CTX *memctx, goto fail; } - conn_cache->id_ctx = id_ctx; + conn_cache->id_conn = id_conn; - ret = be_add_offline_cb(conn_cache, id_ctx->be, + ret = be_add_offline_cb(conn_cache, id_conn->id_ctx->be, sdap_id_conn_cache_be_offline_cb, conn_cache, NULL); if (ret != EOK) { @@ -123,7 +124,7 @@ int sdap_id_conn_cache_create(TALLOC_CTX *memctx, goto fail; } - ret = be_add_reconnect_cb(conn_cache, id_ctx->be, + ret = be_add_reconnect_cb(conn_cache, id_conn->id_ctx->be, sdap_id_conn_cache_fo_reconnect_cb, conn_cache, NULL); if (ret != EOK) { @@ -224,7 +225,7 @@ static bool sdap_can_reuse_connection(struct sdap_id_conn_data *conn_data) return false; } - timeout = dp_opt_get_int(conn_data->conn_cache->id_ctx->opts->basic, + timeout = dp_opt_get_int(conn_data->conn_cache->id_conn->id_ctx->opts->basic, SDAP_OPT_TIMEOUT); return !sdap_is_connection_expired(conn_data, timeout); } @@ -242,7 +243,7 @@ static int sdap_id_conn_data_set_expire_timer(struct sdap_id_conn_data *conn_dat return EOK; } - timeout = dp_opt_get_int(conn_data->conn_cache->id_ctx->opts->basic, + timeout = dp_opt_get_int(conn_data->conn_cache->id_conn->id_ctx->opts->basic, SDAP_OPT_TIMEOUT); if (timeout > 0) { tv.tv_sec -= timeout; @@ -255,10 +256,10 @@ static int sdap_id_conn_data_set_expire_timer(struct sdap_id_conn_data *conn_dat talloc_zfree(conn_data->expire_timer); conn_data->expire_timer = - tevent_add_timer(conn_data->conn_cache->id_ctx->be->ev, - conn_data, tv, - sdap_id_conn_data_expire_handler, - conn_data); + tevent_add_timer(conn_data->conn_cache->id_conn->id_ctx->be->ev, + conn_data, tv, + sdap_id_conn_data_expire_handler, + conn_data); if (!conn_data->expire_timer) { return ENOMEM; } @@ -349,8 +350,8 @@ static bool sdap_id_op_can_reconnect(struct sdap_id_op *op) int max_retries; int count; - count = be_fo_get_server_count(op->conn_cache->id_ctx->be, - op->conn_cache->id_ctx->service->name); + count = be_fo_get_server_count(op->conn_cache->id_conn->id_ctx->be, + op->conn_cache->id_conn->service->name); max_retries = 2 * count -1; if (max_retries < 1) { max_retries = 1; @@ -361,7 +362,7 @@ static bool sdap_id_op_can_reconnect(struct sdap_id_op *op) /* state of connect request */ struct sdap_id_op_connect_state { - struct sdap_id_ctx *id_ctx; + struct sdap_id_conn_ctx *id_conn; struct tevent_context *ev; struct sdap_id_op *op; int dp_error; @@ -411,8 +412,8 @@ struct tevent_req *sdap_id_op_connect_send(struct sdap_id_op *op, talloc_set_destructor((void*)state, sdap_id_op_connect_state_destroy); - state->id_ctx = op->conn_cache->id_ctx; - state->ev = state->id_ctx->be->ev; + state->id_conn = op->conn_cache->id_conn; + state->ev = state->id_conn->id_ctx->be->ev; state->op = op; op->connect_req = req; @@ -489,9 +490,9 @@ static int sdap_id_op_connect_step(struct tevent_req *req) conn_data->conn_cache = conn_cache; subreq = sdap_cli_connect_send(conn_data, state->ev, - state->id_ctx->opts, - state->id_ctx->be, - state->id_ctx->service, false, + state->id_conn->id_ctx->opts, + state->id_conn->id_ctx->be, + state->id_conn->service, false, CON_TLS_DFL, false); if (!subreq) { @@ -555,12 +556,12 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) /* be is going offline as there is no more servers to try */ DEBUG(1, ("Failed to connect, going offline (%d [%s])\n", ret, strerror(ret))); - be_mark_offline(conn_cache->id_ctx->be); + be_mark_offline(conn_cache->id_conn->id_ctx->be); is_offline = true; } if (ret == EOK) { - current_srv_opts = conn_cache->id_ctx->srv_opts; + current_srv_opts = conn_cache->id_conn->id_ctx->srv_opts; if (current_srv_opts) { DEBUG(8, ("Old USN: %lu, New USN: %lu\n", current_srv_opts->last_usn, srv_opts->last_usn)); @@ -579,7 +580,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) } } ret = sdap_id_conn_data_set_expire_timer(conn_data); - sdap_steal_server_opts(conn_cache->id_ctx, &srv_opts); + sdap_steal_server_opts(conn_cache->id_conn->id_ctx, &srv_opts); } if (can_retry) { @@ -596,7 +597,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) /* do not attempt to retry on errors like ENOMEM */ can_retry = false; is_offline = true; - be_mark_offline(conn_cache->id_ctx->be); + be_mark_offline(conn_cache->id_conn->id_ctx->be); break; } } @@ -635,7 +636,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) if (can_retry) { /* determining whether retry is possible */ - if (be_is_offline(conn_cache->id_ctx->be)) { + if (be_is_offline(conn_cache->id_conn->id_ctx->be)) { /* be is offline, no retry possible */ if (ret == EOK) { DEBUG(9, ("skipping automatic retry on op #%d as be is offline\n", notify_count)); @@ -686,12 +687,12 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) if ((ret == EOK) && conn_data->sh->connected && - !be_is_offline(conn_cache->id_ctx->be)) { + !be_is_offline(conn_cache->id_conn->id_ctx->be)) { DEBUG(9, ("caching successful connection after %d notifies\n", notify_count)); conn_cache->cached_connection = conn_data; /* Run any post-connection routines */ - be_run_online_cb(conn_cache->id_ctx->be); + be_run_online_cb(conn_cache->id_conn->id_ctx->be); } else { if (conn_cache->cached_connection == conn_data) { @@ -704,9 +705,9 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) if (reinit) { DEBUG(SSSDBG_TRACE_FUNC, ("Server reinitialization detected. " "Cleaning cache.\n")); - reinit_req = sdap_reinit_cleanup_send(conn_cache->id_ctx->be, - conn_cache->id_ctx->be, - conn_cache->id_ctx); + reinit_req = sdap_reinit_cleanup_send(conn_cache->id_conn->id_ctx->be, + conn_cache->id_conn->id_ctx->be, + conn_cache->id_conn->id_ctx); if (reinit_req == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to perform reinitialization " "clean up.\n")); @@ -804,14 +805,14 @@ int sdap_id_op_done(struct sdap_id_op *op, int retval, int *dp_err_out) op->conn_cache->cached_connection = NULL; DEBUG(5, ("communication error on cached connection, moving to next server\n")); - be_fo_try_next_server(op->conn_cache->id_ctx->be, - op->conn_cache->id_ctx->service->name); + be_fo_try_next_server(op->conn_cache->id_conn->id_ctx->be, + op->conn_cache->id_conn->service->name); } int dp_err; if (retval == EOK) { dp_err = DP_ERR_OK; - } else if (be_is_offline(op->conn_cache->id_ctx->be)) { + } else if (be_is_offline(op->conn_cache->id_conn->id_ctx->be)) { /* if backend is already offline, just report offline, do not duplicate errors */ dp_err = DP_ERR_OFFLINE; retval = EAGAIN; diff --git a/src/providers/ldap/sdap_id_op.h b/src/providers/ldap/sdap_id_op.h index f36037a9c..b808dd89a 100644 --- a/src/providers/ldap/sdap_id_op.h +++ b/src/providers/ldap/sdap_id_op.h @@ -26,6 +26,7 @@ #define _SDAP_ID_OP_H_ struct sdap_id_ctx; +struct sdap_id_conn_ctx; /* LDAP async connection cache */ struct sdap_id_conn_cache; @@ -38,6 +39,7 @@ struct sdap_id_op; /* Create a connection cache */ int sdap_id_conn_cache_create(TALLOC_CTX *memctx, struct sdap_id_ctx *id_ctx, + struct sdap_id_conn_ctx *id_conn, struct sdap_id_conn_cache** conn_cache_out); /* Create an operation object */ diff --git a/src/providers/ldap/sdap_sudo.c b/src/providers/ldap/sdap_sudo.c index 3472da67c..315f254a3 100644 --- a/src/providers/ldap/sdap_sudo.c +++ b/src/providers/ldap/sdap_sudo.c @@ -508,7 +508,7 @@ void sdap_sudo_handler(struct be_req *be_req) case BE_REQ_SUDO_RULES: DEBUG(SSSDBG_TRACE_FUNC, ("Issuing a refresh of specific sudo rules\n")); req = sdap_sudo_rules_refresh_send(be_req, sudo_ctx, id_ctx->be, - id_ctx->opts, id_ctx->conn_cache, + id_ctx->opts, id_ctx->conn->conn_cache, sudo_req->rules); break; default: @@ -585,7 +585,7 @@ static struct tevent_req *sdap_sudo_full_refresh_send(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_TRACE_FUNC, ("Issuing a full refresh of sudo rules\n")); subreq = sdap_sudo_refresh_send(state, id_ctx->be, id_ctx->opts, - id_ctx->conn_cache, + id_ctx->conn->conn_cache, ldap_full_filter, sysdb_filter); if (subreq == NULL) { ret = ENOMEM; @@ -901,7 +901,7 @@ static struct tevent_req *sdap_sudo_smart_refresh_send(TALLOC_CTX *mem_ctx, "(USN > %s)\n", (usn == NULL ? "0" : usn))); subreq = sdap_sudo_refresh_send(state, id_ctx->be, id_ctx->opts, - id_ctx->conn_cache, + id_ctx->conn->conn_cache, ldap_full_filter, NULL); if (subreq == NULL) { ret = ENOMEM; |