summaryrefslogtreecommitdiffstats
path: root/src/providers/proxy
Commit message (Collapse)AuthorAgeFilesLines
* SBUS: Chown the sbus socket if neededJakub Hrozek2014-10-221-1/+1
| | | | | | | | | When setting up the sbus server, we might need to chown the sbus socket to make sure non-root peers, running as the SSSD user are able to access the file. Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* SSSD: Add the options to specify a UID and GID to run asJakub Hrozek2014-10-201-1/+4
| | | | | | | | | Adds new command line options --uid and --gid to all SSSD servers, making it possible to switch to another user ID if needed. So far all code still runs as root. Reviewed-by: Pavel Reichl <preichl@redhat.com>
* sbus: Add the sbus_request_parse_or_finish() methodStef Walter2014-03-141-14/+5
| | | | | | | | | | | | | | | | | | | | | | Some DBus types returned from dbus_message_get_args() require memory to be released when done. We automatically attach these to the talloc struct sbus_request memory context in this function. This accepts varargs similar to dbus_message_get_args(), which are rather awkward. However instead of reworking them completely, future generated marshalling code will replace most uses of these varargs. If parsing the dbus message fails, then it responds to the DBus caller with an appropriate error such as o.f.D.Error.InvalidArgs. In these cases (ie: when it returns FALSE) the sbus_request is finished. Migrated some, but not all, uses of dbus_message_get_args() to the new function. Some instances have uncommon semantics such as terminating the connection upon failure to parse a message. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* sbus: Refactor how we export DBus interfacesStef Walter2014-03-142-30/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most importantly, stop using per connection private data. This doesn't scale when you have more than one thing exporting or exported on a connection. Remove struct sbus_interface and expand sbus_conn_add_interface() function. Remove various struct sbus_interface args to connection initialization functions and make callers use sbus_conn_add_interface() directly. The old method was optimized for exporting one interface on a connection. We'll have connections that export zero, one or more interfaces. To export an interface on a DBus server, call sbus_conn_add_interface() from within the sbus_server_conn_init_fn. To export an interface on a DBus client, call sbus_conn_add_interface() after sbus_new_connection() returns. As before struct sbus_interface represents an object exported via DBus. However it is now talloc allocated. One can set instance data on the struct sbus_interface. This instance data is passed to the various handlers and used in their implementation. However, we now have type safe interface exporting in the various high level sss_process_init() sss_monitor_init() and so on. Introspection support was not in use, and is now gone until we implement it using the metadata (future patch). Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* sbus: Add struct sbus_request to represent a DBus invocationStef Walter2014-03-142-32/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | struct sbus_request represents a request from a dbus client being handled by a dbus server implementation. The struct contains the message, connection and method (and in the future teh property) which is being requested. In the future it will contain caller information as well. sbus_request is a talloc memory context, and is a good place to attach any allocations and memory specific to the request. Each handler accepts an sbus_request. If a handler returns EOK, it is assumed that the handler will finish the request. Any of the sbus_request_*finish() methods can be used to complete the request and send back a reply. sbus_request_return_and_finish() uses the same argument varargs syntax as dbus_message_append_args(), which isn't a great syntax. Document it a bit, but don't try to redesign: The marshalling work (will follow this patch set) will remove the need to use varargs for most DBus implementation code. This patch migrates the monitor and data provider dbus code to use sbus_request, but does not try to rework the talloc context's to use it. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* sbus: Use constants to make dbus callsStef Walter2014-02-242-4/+4
| | | | | | | | | | | This allows us to remove duplicated information, and have the compiler check that when an method name is changed or removed the callers are updated. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* sbus: Rework sbus to use interface metadata and vtablesStef Walter2014-02-242-12/+20
| | | | | | | | | | | | | | | | | | | | Previous commits added support for interface metadata and handler vtables. This commit ports sbus_dbus_connection to use them. Port the internal uses of dbus to use the new scheme in a very minimal way. Further cleanup is possible here. This commit provides basic definitions of the internal dbus interfaces. The interfaces aren't fully defined, as the handlers will continue to unpack manually, and often overload DBus methods with different arguments (which is rather unorthodox, but not the end of the world). Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Remove DEBUG macro support for old debug levelsNikolai Kondrashov2014-02-121-1/+1
| | | | | | | | | | | | | | Remove support for specifying old debug levels to the DEBUG macro: * remove debug_get_level function which was used for conversion, * remove debug_get_level tests, * remove mentions of old/new levels from DEBUG and DEBUG_IS_SET macro descriptions, * rename "newlevel" argument of debug_fn to just "level". Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Update DEBUG* invocations to use new levelsNikolai Kondrashov2014-02-125-128/+183
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use a script to update DEBUG* macro invocations, which use literal numbers for levels, to use bitmask macros instead: grep -rl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e 'use strict; use File::Slurp; my @map=qw" SSSDBG_FATAL_FAILURE SSSDBG_CRIT_FAILURE SSSDBG_OP_FAILURE SSSDBG_MINOR_FAILURE SSSDBG_CONF_SETTINGS SSSDBG_FUNC_DATA SSSDBG_TRACE_FUNC SSSDBG_TRACE_LIBS SSSDBG_TRACE_INTERNAL SSSDBG_TRACE_ALL "; my $text=read_file(\*STDIN); my $repl; $text=~s/ ^ ( .* \b (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM) \s* \(\s* )( [0-9] )( \s*, ) ( \s* ) ( .* ) $ / $repl = $1.$map[$3].$4.$5.$6, length($repl) <= 80 ? $repl : $1.$map[$3].$4."\n".(" " x length($1)).$6 /xmge; print $text; ' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Make DEBUG macro invocations variadicNikolai Kondrashov2014-02-126-319/+319
| | | | | | | | | | | | | | | | | | | | | | | | Use a script to update DEBUG macro invocations to use it as a variadic macro, supplying format string and its arguments directly, instead of wrapping them in parens. This script was used to update the code: grep -rwl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e \ 'use strict; use File::Slurp; my $text=read_file(\*STDIN); $text=~s#(\bDEBUG\s*\([^(]+)\((.*?)\)\s*\)\s*;#$1$2);#gs; print $text;' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Use sysdb_attrs_add_lc_name_alias to add case-insensitive aliasSumit Bose2013-12-192-27/+3
|
* Remove unused memory context in proxyLukas Slebodnik2013-11-271-9/+6
|
* Remove unused parameter from save_netgroupLukas Slebodnik2013-11-273-6/+3
|
* Remove unused parameter from save_userLukas Slebodnik2013-11-271-10/+8
|
* Remove unused parameter from delete_userLukas Slebodnik2013-11-271-9/+7
|
* SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 2)Michal Zidek2013-11-153-15/+14
|
* SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 1)Michal Zidek2013-11-151-2/+2
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_services moduleMichal Zidek2013-11-153-21/+16
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_search moduleMichal Zidek2013-11-151-3/+3
|
* Include external headers with #include <foo.h>Jakub Hrozek2013-10-221-2/+2
| | | | | | I find it more readable to include headers from outside the sssd tree with <foo.h>, not "foo.h". The latter should be used for in-tree headers only.
* PROXY: Fix memory hierarchy when enumerating servicesJakub Hrozek2013-10-211-1/+7
|
* Fix formating of variables with type: gid_tLukas Slebodnik2013-09-111-10/+11
|
* Fix formating of variables with type: uid_tLukas Slebodnik2013-09-111-4/+7
|
* Fix formating of variables with type: id_tLukas Slebodnik2013-09-111-0/+2
|
* Fix formating of variables with type defined in stdint.hLukas Slebodnik2013-09-112-3/+4
|
* Fix formating of variables with type: unsigned longLukas Slebodnik2013-09-111-1/+1
|
* PROXY: Handle empty GECOSJakub Hrozek2013-09-031-1/+8
| | | | | If the user's GECOS as returned by the proxied module is an empty string (as opposed to NULL), the ldb transaction would error out.
* proxy: Allow initgroup to return NOTFOUNDSimo Sorce2013-08-221-0/+16
| | | | | | | | | When the user is only member of its own primary group, initgroups_dyn may return NOTFOUND as, at least for the 'files' nss provider the code skips the passed in group. Resolves: https://fedorahosted.org/sssd/ticket/2051
* Remove include recursionLukas Slebodnik2013-08-191-1/+0
| | | | Header file proxy.h included itself.
* proxy: Alocate auth tokens in struct authtok_convLukas Slebodnik2013-08-191-0/+20
| | | | | | | | | | | Struct sss_auth_token became opaque in commit 9acfb09f7969a69f58bd45c856b01700541853ca. All ocasions of "struct sss_auth_token" was replaced with pointer to this struct, but proper initialization of auth_tokens was missing in struct authtok_conv. Resolves: https://fedorahosted.org/sssd/ticket/2046
* Add secid filter to responder-dp protocolSumit Bose2013-05-021-0/+6
| | | | | This patch add a new filter type to the data-provider interface which can be used for SID-based lookups.
* Check for correct variable nameJakub Hrozek2013-04-031-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1864
* Making the authtok structure really opaque.Lukas Slebodnik2013-04-023-14/+10
| | | | | | | | | | | | | | | | | | | | Definition of structure sss_auth_token was removed from header file authtok.h and there left only declaration of this structure. Therefore only way how to use this structure is to use accessory function from same header file. To creating new empty authotok can only be used newly created function sss_authtok_new(). TALLOC context was removed from copy and setter functions, because pointer to stuct sss_auth_token is used as a memory context. All declaration of struct sss_auth_token variables was replaced with pointer to this structure and related changes was made in source code. Function copy_pam_data can copy from argument src which was dynamically allocated with function create_pam_data() or zero initialized struct pam_data allocated on stack. https://fedorahosted.org/sssd/ticket/1830
* Add be_req_get_data() helper funciton.Simo Sorce2013-01-212-3/+3
| | | | In preparation for making struct be_req opaque.
* Add be_req_get_be_ctx() helper.Simo Sorce2013-01-213-16/+17
| | | | In preparation for making be_req opaque
* Introduce be_req_terminate() helperSimo Sorce2013-01-215-60/+25
| | | | | Call it everywhere instead of directly dereferencing be_req->fn This is in preparation of making be_req opaque.
* Remove sysdb as a be context structure memberSimo Sorce2013-01-212-2/+2
| | | | The sysdb context is already available through the 'domain' structure.
* Remove outdated code.Simo Sorce2013-01-161-10/+0
| | | | | This code should not be necessary anymore since June 2010 with commit: 90acbcf20b5f896ca8f631923afe946c90d90de7
* Add domain arguments to sysdb services functionsSimo Sorce2013-01-151-2/+2
| | | | also fix sysdb_svc_add declarations
* Add domain argument to sysdb_remove_attrs()Simo Sorce2013-01-151-4/+5
|
* Add domain arg to sysdb_search/delete_netgroup()Simo Sorce2013-01-151-6/+6
|
* Add domain argument to sysdb_delete_group()Simo Sorce2013-01-151-2/+2
| | | | Also remove sysdb_delete_domgroup()
* Add domain argument to sysdb_delete_user()Simo Sorce2013-01-151-8/+12
| | | | Also remove sysdb_delete_domuser()
* Add domain argument to sysdb_cache_password()Simo Sorce2013-01-151-0/+1
|
* Add domain argument to sysdb_store_group()Simo Sorce2013-01-151-1/+1
| | | | Also remove sysdb_store_domgroup()
* Add domain argument to sysdb_store_user()Simo Sorce2013-01-151-9/+9
| | | | Also remove sysdb_store_domuser()
* Add domain arguments to sysdb_add_inetgroup fns.Simo Sorce2013-01-151-2/+4
|
* Add domain to sysdb_search_user_by_name()Simo Sorce2013-01-151-3/+5
| | | | Also remove unused sysdb_search_domuser_by_name()
* Pass domain to sysdb_get<pwu/grg><id() functionsSimo Sorce2013-01-151-3/+3
|
* Change pam data auth tokens.Simo Sorce2013-01-103-33/+39
| | | | Use the new authtok abstraction and interfaces throught the code.
generated by cgit (git 2.34.1) at 2024-06-02 03:57:44 +0000