diff options
Diffstat (limited to 'src/providers/ldap/sdap_async_sudo.c')
-rw-r--r-- | src/providers/ldap/sdap_async_sudo.c | 171 |
1 files changed, 106 insertions, 65 deletions
diff --git a/src/providers/ldap/sdap_async_sudo.c b/src/providers/ldap/sdap_async_sudo.c index b4899cbaa..124d35949 100644 --- a/src/providers/ldap/sdap_async_sudo.c +++ b/src/providers/ldap/sdap_async_sudo.c @@ -5,6 +5,7 @@ Authors: Pavel Březina <pbrezina@redhat.com> + MIchal Šrubař <xsruba03@stud.fit.vutbr.cz> Copyright (C) 2012 Red Hat @@ -34,23 +35,6 @@ #include "providers/ldap/sdap_sudo_cache.h" #include "db/sysdb_sudo.h" -struct sdap_sudo_refresh_state { - struct be_ctx *be_ctx; - struct sdap_options *opts; - struct sdap_id_op *sdap_op; - struct sdap_id_conn_cache *sdap_conn_cache; - struct sysdb_ctx *sysdb; - struct sss_domain_info *domain; - - const char *ldap_filter; /* search */ - const char *sysdb_filter; /* delete */ - - int dp_error; - int error; - char *highest_usn; - size_t num_rules; -}; - struct sdap_sudo_load_sudoers_state { struct tevent_context *ev; struct sdap_options *opts; @@ -79,27 +63,9 @@ static errno_t sdap_sudo_load_sudoers_next_base(struct tevent_req *req); static void sdap_sudo_load_sudoers_process(struct tevent_req *subreq); -static int sdap_sudo_load_sudoers_recv(struct tevent_req *req, - TALLOC_CTX *mem_ctx, - size_t *rules_count, - struct sysdb_attrs ***rules); - -static void sdap_sudo_refresh_load_done(struct tevent_req *subreq); - -static int sdap_sudo_purge_sudoers(struct sss_domain_info *dom, - const char *filter, - struct sdap_attr_map *map, - size_t rules_count, - struct sysdb_attrs **rules); - -static int sdap_sudo_store_sudoers(TALLOC_CTX *mem_ctx, - struct sss_domain_info *domain, - struct sdap_options *opts, - size_t rules_count, - struct sysdb_attrs **rules, - int cache_timeout, - time_t now, - char **_usn); +static void sdap_sudo_refresh_load_done_ex(struct tevent_req *subreq); +static void sdap_sudo_refresh_load_done_ldap(struct tevent_req *subreq); +static void sdap_sudo_refresh_load_done_ipa(struct tevent_req *subreq); struct tevent_req *sdap_sudo_refresh_send(TALLOC_CTX *mem_ctx, struct be_ctx *be_ctx, @@ -167,7 +133,8 @@ int sdap_sudo_refresh_recv(TALLOC_CTX *mem_ctx, int *dp_error, int *error, char **usn, - size_t *num_rules) + size_t *num_rules, + struct sysdb_attrs ***rules) { struct sdap_sudo_refresh_state *state; @@ -186,6 +153,10 @@ int sdap_sudo_refresh_recv(TALLOC_CTX *mem_ctx, *num_rules = state->num_rules; } + if (rules != NULL) { + *rules = talloc_steal(mem_ctx, state->ldap_rules); + } + return EOK; } @@ -264,7 +235,7 @@ static void sdap_sudo_refresh_connect_done(struct tevent_req *subreq) goto fail; } - tevent_req_set_callback(subreq, sdap_sudo_refresh_load_done, req); + tevent_req_set_callback(subreq, sdap_sudo_refresh_load_done_ex, req); return; @@ -279,9 +250,6 @@ static struct tevent_req * sdap_sudo_load_sudoers_send(TALLOC_CTX *mem_ctx, struct sdap_options *opts, struct sdap_handle *sh, const char *ldap_filter) - - - { struct tevent_req *req; struct sdap_sudo_load_sudoers_state *state; @@ -310,8 +278,16 @@ static struct tevent_req * sdap_sudo_load_sudoers_send(TALLOC_CTX *mem_ctx, } /* create attrs from map */ - ret = build_attrs_from_map(state, opts->sudorule_map, SDAP_OPTS_SUDO, - NULL, &state->attrs, NULL); + if (state->opts->schema_type == SDAP_SCHEMA_IPA_V1) { + /* req from ipa_sudo_refresh_send() */ + ret = build_attrs_from_map(state, opts->ipa_sudorule_map, + SDAP_OPTS_IPA_SUDO, NULL, &state->attrs, NULL); + } else { + /* req from sdap_sudo_refresh_send() */ + ret = build_attrs_from_map(state, opts->sudorule_map, SDAP_OPTS_SUDO, + NULL, &state->attrs, NULL); + } + if (ret != EOK) { goto fail; } @@ -337,6 +313,8 @@ static errno_t sdap_sudo_load_sudoers_next_base(struct tevent_req *req) struct sdap_sudo_load_sudoers_state *state; struct sdap_search_base *search_base; struct tevent_req *subreq; + struct sdap_attr_map *map; + int attr_count; char *filter; state = tevent_req_data(req, struct sdap_sudo_load_sudoers_state); @@ -359,6 +337,16 @@ static errno_t sdap_sudo_load_sudoers_next_base(struct tevent_req *req) "Searching for sudo rules with base [%s]\n", search_base->basedn); + if (state->opts->schema_type == SDAP_SCHEMA_IPA_V1) { + /* req from ipa_sudo_refresh_send() */ + attr_count = SDAP_OPTS_IPA_SUDO; + map = state->opts->ipa_sudorule_map; + } else { + /* req from sdap_sudo_refresh_send() */ + attr_count = SDAP_OPTS_SUDO; + map = state->opts->sudorule_map; + } + subreq = sdap_get_generic_send(state, state->ev, state->opts, @@ -367,8 +355,8 @@ static errno_t sdap_sudo_load_sudoers_next_base(struct tevent_req *req) search_base->scope, filter, state->attrs, - state->opts->sudorule_map, - SDAP_OPTS_SUDO, + map, + attr_count, state->timeout, true); if (subreq == NULL) { @@ -390,6 +378,7 @@ static void sdap_sudo_load_sudoers_process(struct tevent_req *subreq) int ret; int i; + /* req from sdap_sudo_load_sudoers_send */ req = tevent_req_callback_data(subreq, struct tevent_req); state = tevent_req_data(req, struct sdap_sudo_load_sudoers_state); search_base = state->search_bases[state->base_iter]; @@ -438,10 +427,10 @@ static void sdap_sudo_load_sudoers_process(struct tevent_req *subreq) tevent_req_done(req); } -static int sdap_sudo_load_sudoers_recv(struct tevent_req *req, - TALLOC_CTX *mem_ctx, - size_t *rules_count, - struct sysdb_attrs ***rules) +int sdap_sudo_load_sudoers_recv(struct tevent_req *req, + TALLOC_CTX *mem_ctx, + size_t *rules_count, + struct sysdb_attrs ***rules) { struct sdap_sudo_load_sudoers_state *state; @@ -455,7 +444,58 @@ static int sdap_sudo_load_sudoers_recv(struct tevent_req *req, return EOK; } -static void sdap_sudo_refresh_load_done(struct tevent_req *subreq) +static void sdap_sudo_refresh_load_done_ex(struct tevent_req *subreq) +{ + struct tevent_req *req; + struct sdap_sudo_refresh_state *state; + + /* req from sdap_sudo_refresh_send() */ + req = tevent_req_callback_data(subreq, struct tevent_req); + state = tevent_req_data(req, struct sdap_sudo_refresh_state); + + if (state->opts->schema_type == SDAP_SCHEMA_IPA_V1) { + /* req from ipa_sudo_refresh_send() */ + sdap_sudo_refresh_load_done_ipa(subreq); + } else { + /* req from sdap_sudo_refresh_send() */ + sdap_sudo_refresh_load_done_ldap(subreq); + } +} + +static void sdap_sudo_refresh_load_done_ipa(struct tevent_req *subreq) +{ + struct sdap_sudo_refresh_state *state; + struct tevent_req *req; + int ret; + + req = tevent_req_callback_data(subreq, struct tevent_req); + state = tevent_req_data(req, struct sdap_sudo_refresh_state); + + ret = sdap_sudo_load_sudoers_recv(subreq, state, &state->ldap_rules_count, + &state->ldap_rules); + talloc_zfree(subreq); + if (ret != EOK) { + goto done; + } + + DEBUG(SSSDBG_TRACE_FUNC, "Received %zu rules\n", state->ldap_rules_count); + DEBUG(SSSDBG_TRACE_FUNC, "Giving control back to IPA SUDO provider\n"); + + state->num_rules = state->ldap_rules_count; + +done: + /* req from ipa_sudo_refresh_send continue in ipa_sudo_sudoers_process */ + state->error = ret; + if (ret == EOK) { + state->dp_error = DP_ERR_OK; + tevent_req_done(req); + } else { + state->dp_error = DP_ERR_FATAL; + tevent_req_error(req, ret); + } +} + +static void sdap_sudo_refresh_load_done_ldap(struct tevent_req *subreq) { struct tevent_req *req; /* req from sdap_sudo_refresh_send() */ struct sdap_sudo_refresh_state *state; @@ -523,6 +563,7 @@ done: } } + /* finish sdap_sudo_refresh_send() */ state->error = ret; if (ret == EOK) { state->dp_error = DP_ERR_OK; @@ -533,11 +574,11 @@ done: } } -static int sdap_sudo_purge_sudoers(struct sss_domain_info *dom, - const char *filter, - struct sdap_attr_map *map, - size_t rules_count, - struct sysdb_attrs **rules) +int sdap_sudo_purge_sudoers(struct sss_domain_info *dom, + const char *filter, + struct sdap_attr_map *map, + size_t rules_count, + struct sysdb_attrs **rules) { const char *name; int i; @@ -586,14 +627,14 @@ done: return ret; } -static int sdap_sudo_store_sudoers(TALLOC_CTX *mem_ctx, - struct sss_domain_info *domain, - struct sdap_options *opts, - size_t rules_count, - struct sysdb_attrs **rules, - int cache_timeout, - time_t now, - char **_usn) +int sdap_sudo_store_sudoers(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + struct sdap_options *opts, + size_t rules_count, + struct sysdb_attrs **rules, + int cache_timeout, + time_t now, + char **_usn) { errno_t ret; |