From 5d78919c955c945e78865f322726aac075c71203 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sun, 6 Jan 2013 17:54:02 -0500 Subject: Add domain argument to sysdb_get_user_attr() --- src/db/sysdb.h | 1 + src/db/sysdb_search.c | 3 ++- src/providers/krb5/krb5_access.c | 4 ++-- src/providers/krb5/krb5_auth.c | 14 +++++++------- src/providers/krb5/krb5_utils.c | 3 ++- src/providers/krb5/krb5_utils.h | 1 + src/providers/ldap/ldap_auth.c | 7 ++++--- src/providers/ldap/sdap_access.c | 4 ++-- src/responder/pam/pam_LOCAL_domain.c | 4 ++-- src/responder/ssh/sshsrv_cmd.c | 2 +- src/tests/sysdb-tests.c | 4 ++-- 11 files changed, 26 insertions(+), 21 deletions(-) (limited to 'src') diff --git a/src/db/sysdb.h b/src/db/sysdb.h index fcb5ba5b2..097e0a1aa 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -513,6 +513,7 @@ int sysdb_initgroups(TALLOC_CTX *mem_ctx, int sysdb_get_user_attr(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, const char **attributes, struct ldb_result **res); diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index aab53bbca..0bc813a69 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -484,6 +484,7 @@ done: int sysdb_get_user_attr(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, const char **attributes, struct ldb_result **_res) @@ -500,7 +501,7 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx, } base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, - SYSDB_TMPL_USER_BASE, sysdb->domain->name); + SYSDB_TMPL_USER_BASE, domain->name); if (!base_dn) { ret = ENOMEM; goto done; diff --git a/src/providers/krb5/krb5_access.c b/src/providers/krb5/krb5_access.c index 970633eb2..41e62d368 100644 --- a/src/providers/krb5/krb5_access.c +++ b/src/providers/krb5/krb5_access.c @@ -88,8 +88,8 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx, attrs[2] = SYSDB_GIDNUM; attrs[3] = NULL; - ret = sysdb_get_user_attr(state, be_ctx->sysdb, state->pd->user, attrs, - &res); + ret = sysdb_get_user_attr(state, be_ctx->sysdb, be_ctx->domain, + state->pd->user, attrs, &res); if (ret) { DEBUG(5, ("sysdb search for upn of user [%s] failed.\n", pd->user)); goto done; diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index 398f06a84..f03cfcf4c 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -429,6 +429,7 @@ struct krb5_auth_state { struct be_ctx *be_ctx; struct pam_data *pd; struct sysdb_ctx *sysdb; + struct sss_domain_info *domain; struct krb5_ctx *krb5_ctx; struct krb5child_req *kr; @@ -456,7 +457,6 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, struct tevent_req *req; struct tevent_req *subreq; int ret; - struct sss_domain_info *dom; req = tevent_req_create(mem_ctx, &state, struct krb5_auth_state); if (req == NULL) { @@ -472,13 +472,13 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, state->pam_status = PAM_SYSTEM_ERR; state->dp_err = DP_ERR_FATAL; - ret = get_domain_or_subdomain(state, be_ctx, pd->domain, &dom); + ret = get_domain_or_subdomain(state, be_ctx, pd->domain, &state->domain); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("get_domain_or_subdomain failed.\n")); goto done; } - state->sysdb = dom->sysdb; + state->sysdb = state->domain->sysdb; switch (pd->cmd) { case SSS_PAM_AUTHENTICATE: @@ -541,8 +541,8 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, } kr = state->kr; - ret = sysdb_get_user_attr(state, state->sysdb, state->pd->user, attrs, - &res); + ret = sysdb_get_user_attr(state, state->sysdb, state->domain, + state->pd->user, attrs, &res); if (ret) { DEBUG(5, ("sysdb search for upn of user [%s] failed.\n", pd->user)); state->pam_status = PAM_SYSTEM_ERR; @@ -901,8 +901,8 @@ static void krb5_auth_done(struct tevent_req *subreq) goto done; } - ret = check_if_cached_upn_needs_update(state->sysdb, pd->user, - res->correct_upn); + ret = check_if_cached_upn_needs_update(state->sysdb, state->domain, + pd->user, res->correct_upn); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("check_if_cached_upn_needs_update failed.\n")); diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c index f99b0f99f..b770714be 100644 --- a/src/providers/krb5/krb5_utils.c +++ b/src/providers/krb5/krb5_utils.c @@ -58,6 +58,7 @@ errno_t find_or_guess_upn(TALLOC_CTX *mem_ctx, struct ldb_message *msg, } errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *user, const char *upn) { @@ -80,7 +81,7 @@ errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb, return ENOMEM; } - ret = sysdb_get_user_attr(tmp_ctx, sysdb, user, attrs, &res); + ret = sysdb_get_user_attr(tmp_ctx, sysdb, domain, user, attrs, &res); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("sysdb_get_user_attr failed.\n")); goto done; diff --git a/src/providers/krb5/krb5_utils.h b/src/providers/krb5/krb5_utils.h index 25d8c6cf2..a123a795d 100644 --- a/src/providers/krb5/krb5_utils.h +++ b/src/providers/krb5/krb5_utils.h @@ -38,6 +38,7 @@ errno_t find_or_guess_upn(TALLOC_CTX *mem_ctx, struct ldb_message *msg, const char *user_dom, char **_upn); errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *user, const char *upn); diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index 3dcb0b2de..cffdf088e 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -357,6 +357,7 @@ shadow_fail: static int get_user_dn(TALLOC_CTX *memctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sdap_options *opts, const char *username, char **user_dn, @@ -394,7 +395,7 @@ static int get_user_dn(TALLOC_CTX *memctx, attrs[9] = SYSDB_PWD_ATTRIBUTE; attrs[10] = NULL; - ret = sysdb_get_user_attr(tmpctx, sysdb, username, attrs, &res); + ret = sysdb_get_user_attr(tmpctx, sysdb, domain, username, attrs, &res); if (ret) { goto done; } @@ -619,8 +620,8 @@ static void auth_connect_done(struct tevent_req *subreq) state->srv, PORT_WORKING); } - ret = get_user_dn(state, state->ctx->be->sysdb, state->ctx->opts, - state->username, &state->dn, + ret = get_user_dn(state, state->ctx->be->sysdb, state->ctx->be->domain, + state->ctx->opts, state->username, &state->dn, &state->pw_expire_type, &state->pw_expire_data); if (ret) { tevent_req_error(req, ret); diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c index b198e0435..a0d4443fc 100644 --- a/src/providers/ldap/sdap_access.c +++ b/src/providers/ldap/sdap_access.c @@ -172,10 +172,10 @@ sdap_access_send(TALLOC_CTX *mem_ctx, ret = ENOMEM; goto done; } - ret = sysdb_get_user_attr(state, user_dom->sysdb, + ret = sysdb_get_user_attr(state, user_dom->sysdb, user_dom, pd->user, attrs, &res); } else { - ret = sysdb_get_user_attr(state, be_req->sysdb, + ret = sysdb_get_user_attr(state, be_req->sysdb, be_req->domain, pd->user, attrs, &res); } if (ret != EOK) { diff --git a/src/responder/pam/pam_LOCAL_domain.c b/src/responder/pam/pam_LOCAL_domain.c index 23eb7a2a8..a903fea9b 100644 --- a/src/responder/pam/pam_LOCAL_domain.c +++ b/src/responder/pam/pam_LOCAL_domain.c @@ -243,8 +243,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) pd->pam_status = PAM_SUCCESS; - ret = sysdb_get_user_attr(lreq, lreq->dbctx, preq->pd->user, - attrs, &res); + ret = sysdb_get_user_attr(lreq, lreq->dbctx, preq->domain, + preq->pd->user, attrs, &res); if (ret != EOK) { DEBUG(1, ("sysdb_get_user_attr failed.\n")); talloc_free(lreq); diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c index 687e8887e..5b0292628 100644 --- a/src/responder/ssh/sshsrv_cmd.c +++ b/src/responder/ssh/sshsrv_cmd.c @@ -232,7 +232,7 @@ ssh_user_pubkeys_search_next(struct ssh_cmd_ctx *cmd_ctx) return EFAULT; } - ret = sysdb_get_user_attr(cmd_ctx, sysdb, + ret = sysdb_get_user_attr(cmd_ctx, sysdb, cmd_ctx->domain, cmd_ctx->name, attrs, &res); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index 7cf5a3e0a..c0ea64018 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c @@ -1143,7 +1143,7 @@ START_TEST (test_sysdb_get_user_attr) username = talloc_asprintf(test_ctx, "testuser%d", _i); ret = sysdb_get_user_attr(test_ctx, test_ctx->sysdb, - username, attrs, &res); + test_ctx->domain, username, attrs, &res); if (ret) { fail("Could not get attributes for user %s", username); goto done; @@ -3751,7 +3751,7 @@ START_TEST(test_odd_characters) talloc_zfree(res); /* Attributes */ - ret = sysdb_get_user_attr(test_ctx, test_ctx->sysdb, + ret = sysdb_get_user_attr(test_ctx, test_ctx->sysdb, test_ctx->domain, odd_username, user_attrs, &res); fail_unless(ret == EOK, "sysdb_get_user_attr error [%d][%s]", ret, strerror(ret)); -- cgit