summaryrefslogtreecommitdiffstats
path: root/src/responder/common/negcache.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/responder/common/negcache.c')
-rw-r--r--src/responder/common/negcache.c135
1 files changed, 117 insertions, 18 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c
index 3926574a1..0b25baf56 100644
--- a/src/responder/common/negcache.c
+++ b/src/responder/common/negcache.c
@@ -21,6 +21,7 @@
#include "util/util.h"
#include "confdb/confdb.h"
+#include "responder/common/responder.h"
#include <fcntl.h>
#include <time.h>
#include "tdb.h"
@@ -158,8 +159,8 @@ done:
return ret;
}
-int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl,
- const char *domain, const char *name)
+static int sss_ncache_check_user_int(struct sss_nc_ctx *ctx, int ttl,
+ const char *domain, const char *name)
{
char *str;
int ret;
@@ -175,8 +176,8 @@ int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl,
return ret;
}
-int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl,
- const char *domain, const char *name)
+static int sss_ncache_check_group_int(struct sss_nc_ctx *ctx, int ttl,
+ const char *domain, const char *name)
{
char *str;
int ret;
@@ -192,8 +193,8 @@ int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl,
return ret;
}
-int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl,
- const char *domain, const char *name)
+static int sss_ncache_check_netgr_int(struct sss_nc_ctx *ctx, int ttl,
+ const char *domain, const char *name)
{
char *str;
int ret;
@@ -209,6 +210,49 @@ int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl,
return ret;
}
+typedef int (*ncache_check_byname_fn_t)(struct sss_nc_ctx *, int,
+ const char *, const char *);
+
+static int sss_cache_check_ent(struct sss_nc_ctx *ctx, int ttl,
+ struct sss_domain_info *dom, const char *name,
+ ncache_check_byname_fn_t checker)
+{
+ char *lower;
+ errno_t ret;
+
+ if (dom->case_sensitive == false) {
+ lower = sss_tc_utf8_str_tolower(ctx, name);
+ if (!lower) return ENOMEM;
+ ret = checker(ctx, ttl, dom->name, lower);
+ talloc_free(lower);
+ } else {
+ ret = checker(ctx, ttl, dom->name, name);
+ }
+
+ return ret;
+}
+
+int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl,
+ struct sss_domain_info *dom, const char *name)
+{
+ return sss_cache_check_ent(ctx, ttl, dom, name,
+ sss_ncache_check_user_int);
+}
+
+int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl,
+ struct sss_domain_info *dom, const char *name)
+{
+ return sss_cache_check_ent(ctx, ttl, dom, name,
+ sss_ncache_check_group_int);
+}
+
+int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl,
+ struct sss_domain_info *dom, const char *name)
+{
+ return sss_cache_check_ent(ctx, ttl, dom, name,
+ sss_ncache_check_netgr_int);
+}
+
int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, uid_t uid)
{
char *str;
@@ -237,8 +281,8 @@ int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, gid_t gid)
return ret;
}
-int sss_ncache_set_user(struct sss_nc_ctx *ctx, bool permanent,
- const char *domain, const char *name)
+static int sss_ncache_set_user_int(struct sss_nc_ctx *ctx, bool permanent,
+ const char *domain, const char *name)
{
char *str;
int ret;
@@ -254,8 +298,8 @@ int sss_ncache_set_user(struct sss_nc_ctx *ctx, bool permanent,
return ret;
}
-int sss_ncache_set_group(struct sss_nc_ctx *ctx, bool permanent,
- const char *domain, const char *name)
+static int sss_ncache_set_group_int(struct sss_nc_ctx *ctx, bool permanent,
+ const char *domain, const char *name)
{
char *str;
int ret;
@@ -271,8 +315,8 @@ int sss_ncache_set_group(struct sss_nc_ctx *ctx, bool permanent,
return ret;
}
-int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent,
- const char *domain, const char *name)
+static int sss_ncache_set_netgr_int(struct sss_nc_ctx *ctx, bool permanent,
+ const char *domain, const char *name)
{
char *str;
int ret;
@@ -288,6 +332,47 @@ int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent,
return ret;
}
+typedef int (*ncache_set_byname_fn_t)(struct sss_nc_ctx *, bool,
+ const char *, const char *);
+
+static int sss_ncache_set_ent(struct sss_nc_ctx *ctx, bool permanent,
+ struct sss_domain_info *dom, const char *name,
+ ncache_set_byname_fn_t setter)
+{
+ char *lower;
+ errno_t ret;
+
+ if (dom->case_sensitive == false) {
+ lower = sss_tc_utf8_str_tolower(ctx, name);
+ if (!lower) return ENOMEM;
+ ret = setter(ctx, permanent, dom->name, lower);
+ talloc_free(lower);
+ } else {
+ ret = setter(ctx, permanent, dom->name, name);
+ }
+
+ return ret;
+}
+
+
+int sss_ncache_set_user(struct sss_nc_ctx *ctx, bool permanent,
+ struct sss_domain_info *dom, const char *name)
+{
+ return sss_ncache_set_ent(ctx, permanent, dom, name, sss_ncache_set_user_int);
+}
+
+int sss_ncache_set_group(struct sss_nc_ctx *ctx, bool permanent,
+ struct sss_domain_info *dom, const char *name)
+{
+ return sss_ncache_set_ent(ctx, permanent, dom, name, sss_ncache_set_group_int);
+}
+
+int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent,
+ struct sss_domain_info *dom, const char *name)
+{
+ return sss_ncache_set_ent(ctx, permanent, dom, name, sss_ncache_set_netgr_int);
+}
+
int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, uid_t uid)
{
char *str;
@@ -409,7 +494,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
continue;
}
- ret = sss_ncache_set_user(ncache, true, dom->name, name);
+ ret = sss_ncache_set_user(ncache, true, dom, name);
if (ret != EOK) {
DEBUG(1, ("Failed to store permanent user filter for [%s]"
" (%d [%s])\n", filter_list[i],
@@ -447,7 +532,14 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
continue;
}
if (domainname) {
- ret = sss_ncache_set_user(ncache, true, domainname, name);
+ dom = responder_get_domain(domain_list, domainname);
+ if (!dom) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ ("Invalid domain name [%s]\n", domainname));
+ continue;
+ }
+
+ ret = sss_ncache_set_user(ncache, true, dom, name);
if (ret != EOK) {
DEBUG(1, ("Failed to store permanent user filter for [%s]"
" (%d [%s])\n", filter_list[i],
@@ -456,7 +548,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
}
} else {
for (dom = domain_list; dom; dom = dom->next) {
- ret = sss_ncache_set_user(ncache, true, dom->name, name);
+ ret = sss_ncache_set_user(ncache, true, dom, name);
if (ret != EOK) {
DEBUG(1, ("Failed to store permanent user filter for"
" [%s:%s] (%d [%s])\n",
@@ -499,7 +591,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
continue;
}
- ret = sss_ncache_set_group(ncache, true, dom->name, name);
+ ret = sss_ncache_set_group(ncache, true, dom, name);
if (ret != EOK) {
DEBUG(1, ("Failed to store permanent group filter for [%s]"
" (%d [%s])\n", filter_list[i],
@@ -537,7 +629,14 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
continue;
}
if (domainname) {
- ret = sss_ncache_set_group(ncache, true, domainname, name);
+ dom = responder_get_domain(domain_list, domainname);
+ if (!dom) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ ("Invalid domain name [%s]\n", domainname));
+ continue;
+ }
+
+ ret = sss_ncache_set_group(ncache, true, dom, name);
if (ret != EOK) {
DEBUG(1, ("Failed to store permanent group filter for"
" [%s] (%d [%s])\n", filter_list[i],
@@ -546,7 +645,7 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
}
} else {
for (dom = domain_list; dom; dom = dom->next) {
- ret = sss_ncache_set_group(ncache, true, dom->name, name);
+ ret = sss_ncache_set_group(ncache, true, dom, name);
if (ret != EOK) {
DEBUG(1, ("Failed to store permanent group filter for"
" [%s:%s] (%d [%s])\n",
generated by cgit (git 2.34.1) at 2024-05-07 19:00:11 +0000