diff options
author | Simo Sorce <ssorce@redhat.com> | 2009-04-07 19:25:48 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2009-04-08 10:55:03 -0400 |
commit | 6b5d45693f01eec55128eb3508266cda73071d93 (patch) | |
tree | c51ca00f2fb243e5eaf06128e8092583fba1bd8c /server | |
parent | e8a7526b06acf4af322fdab593c8bafbd9f4a103 (diff) | |
download | sssd2-6b5d45693f01eec55128eb3508266cda73071d93.tar.gz sssd2-6b5d45693f01eec55128eb3508266cda73071d93.tar.xz sssd2-6b5d45693f01eec55128eb3508266cda73071d93.zip |
Change the way we retrieve domains
To be able to correctly filter out duplicate names when multiple non-fully
qualified domains are in use we need to be able to specify the domains order.
This is now accomplished by the configuration paramets 'domains' in the
config/domains entry. 'domains' is a comma separated list of domain names.
This paramter allows also to have disbaled domains in the configuration without
requiring to completely delete them.
The domains list is now kept in a linked list of sss_domain_info objects.
The first domain is also the "default" domain.
Diffstat (limited to 'server')
-rw-r--r-- | server/confdb/confdb.c | 144 | ||||
-rw-r--r-- | server/confdb/confdb.h | 10 | ||||
-rw-r--r-- | server/examples/config.ldif | 1 | ||||
-rw-r--r-- | server/infopipe/infopipe.c | 24 | ||||
-rw-r--r-- | server/infopipe/infopipe_groups.c | 21 | ||||
-rw-r--r-- | server/infopipe/infopipe_private.h | 2 | ||||
-rw-r--r-- | server/infopipe/infopipe_users.c | 35 | ||||
-rw-r--r-- | server/monitor/monitor.c | 21 | ||||
-rw-r--r-- | server/responder/common/responder.h | 3 | ||||
-rw-r--r-- | server/responder/common/responder_common.c | 36 | ||||
-rw-r--r-- | server/responder/nss/nsssrv.c | 32 | ||||
-rw-r--r-- | server/responder/nss/nsssrv_cmd.c | 232 | ||||
-rw-r--r-- | server/responder/pam/pam_LOCAL_domain.c | 5 | ||||
-rw-r--r-- | server/responder/pam/pam_LOCAL_domain.h | 2 | ||||
-rw-r--r-- | server/responder/pam/pamsrv_cmd.c | 29 | ||||
-rw-r--r-- | server/tools/sss_groupadd.c | 9 | ||||
-rw-r--r-- | server/tools/sss_groupdel.c | 12 | ||||
-rw-r--r-- | server/tools/sss_groupmod.c | 11 | ||||
-rw-r--r-- | server/tools/sss_useradd.c | 10 | ||||
-rw-r--r-- | server/tools/sss_userdel.c | 11 | ||||
-rw-r--r-- | server/tools/sss_usermod.c | 12 | ||||
-rw-r--r-- | server/tools/tools_util.h | 2 |
22 files changed, 273 insertions, 391 deletions
diff --git a/server/confdb/confdb.c b/server/confdb/confdb.c index 0c46100b..88700e30 100644 --- a/server/confdb/confdb.c +++ b/server/confdb/confdb.c @@ -640,58 +640,86 @@ int confdb_init(TALLOC_CTX *mem_ctx, return EOK; } -/* domain names are case insensitive for now - * NOTE: this function is not utf-8 safe, - * only ASCII names for now */ -static int _domain_comparator(const void *key1, const void *key2) -{ - int ret; - - ret = strcasecmp((const char *)key1, (const char *)key2); - if (ret) { - /* special case LOCAL to be always the first domain */ - if (strcmp(key1, "LOCAL") == 0) return -1; - if (strcmp(key2, "LOCAL") == 0) return 1; - } - return ret; -} - int confdb_get_domains(struct confdb_ctx *cdb, TALLOC_CTX *mem_ctx, - struct btreemap **domains) + struct sss_domain_info **domains) { TALLOC_CTX *tmp_ctx; struct ldb_dn *dn; struct ldb_result *res; - struct btreemap *domain_map; - struct sss_domain_info *domain; + struct sss_domain_info *domain, *prevdom; + struct sss_domain_info *first = NULL; + const char *attrs[] = { "domains", NULL }; const char *tmp; - int ret, i; + char *cur, *p, *t; + int ret; tmp_ctx = talloc_new(mem_ctx); if (!tmp_ctx) return ENOMEM; - dn = ldb_dn_new(tmp_ctx,cdb->ldb, CONFDB_DOMAIN_BASEDN); + dn = ldb_dn_new(tmp_ctx, cdb->ldb, CONFDB_DOMAIN_BASEDN); if (!dn) { ret = EIO; goto done; } ret = ldb_search(cdb->ldb, tmp_ctx, &res, dn, - LDB_SCOPE_ONELEVEL, NULL, NULL); + LDB_SCOPE_BASE, attrs, NULL); if (ret != LDB_SUCCESS) { ret = EIO; goto done; } - domain_map = NULL; - for(i = 0; i < res->count; i++) { - /* allocate the domain on the tmp_ctx. It will be stolen - * by btreemap_set_value - */ + if (res->count != 1) { + ret = EFAULT; + goto done; + } + + tmp = ldb_msg_find_attr_as_string(res->msgs[0], "domains", NULL); + if (!tmp) { + DEBUG(0, ("No domains configured, fatal error!\n")); + ret = EINVAL; + goto done; + } + cur = p = talloc_strdup(tmp_ctx, tmp); + + while (p && *p) { + + for (cur = p; (*cur == ' ' || *cur == '\t'); cur++) /* trim */ ; + if (!*cur) break; + + p = strchr(cur, ','); + if (p) { + /* terminate element */ + *p = '\0'; + /* trim spaces */ + for (t = p-1; (*t == ' ' || *t == '\t'); t--) *t = '\0'; + p++; + } + + dn = ldb_dn_new_fmt(tmp_ctx, cdb->ldb, + "cn=%s,%s", cur, CONFDB_DOMAIN_BASEDN); + if (!dn) { + ret = ENOMEM; + goto done; + } + + ret = ldb_search(cdb->ldb, tmp_ctx, &res, dn, + LDB_SCOPE_BASE, NULL, NULL); + if (ret != LDB_SUCCESS) { + ret = EIO; + goto done; + } + + if (res->count != 1) { + DEBUG(0, ("Unknown domain [%s]\n", cur)); + ret = EINVAL; + goto done; + } + domain = talloc_zero(mem_ctx, struct sss_domain_info); - tmp = ldb_msg_find_attr_as_string(res->msgs[i], "cn", NULL); + tmp = ldb_msg_find_attr_as_string(res->msgs[0], "cn", NULL); if (!tmp) { DEBUG(0, ("Invalid configuration entry, fatal error!\n")); ret = EINVAL; @@ -703,7 +731,7 @@ int confdb_get_domains(struct confdb_ctx *cdb, goto done; } - tmp = ldb_msg_find_attr_as_string(res->msgs[i], "provider", NULL); + tmp = ldb_msg_find_attr_as_string(res->msgs[0], "provider", NULL); if (tmp) { domain->provider = talloc_strdup(domain, tmp); if (!domain->provider) { @@ -712,82 +740,54 @@ int confdb_get_domains(struct confdb_ctx *cdb, } } - domain->timeout = ldb_msg_find_attr_as_int(res->msgs[i], + domain->timeout = ldb_msg_find_attr_as_int(res->msgs[0], "timeout", 0); /* Determine if this domain can be enumerated */ - domain->enumerate = ldb_msg_find_attr_as_int(res->msgs[i], + domain->enumerate = ldb_msg_find_attr_as_int(res->msgs[0], "enumerate", 0); if (domain->enumerate == 0) { DEBUG(1, ("No enumeration for [%s]!\n", domain->name)); } /* Determine if this is a legacy domain */ - if (ldb_msg_find_attr_as_bool(res->msgs[i], "legacy", 0)) { + if (ldb_msg_find_attr_as_bool(res->msgs[0], "legacy", 0)) { domain->legacy = true; } /* Determine if this is domain uses MPG */ - if (ldb_msg_find_attr_as_bool(res->msgs[i], CONFDB_MPG, 0)) { + if (ldb_msg_find_attr_as_bool(res->msgs[0], CONFDB_MPG, 0)) { domain->mpg = true; } /* Determine if user/group names will be Fully Qualified * in NSS interfaces */ - if (ldb_msg_find_attr_as_bool(res->msgs[i], CONFDB_FQ, 0)) { + if (ldb_msg_find_attr_as_bool(res->msgs[0], CONFDB_FQ, 0)) { domain->fqnames = true; } - - domain->id_min = ldb_msg_find_attr_as_uint(res->msgs[i], + domain->id_min = ldb_msg_find_attr_as_uint(res->msgs[0], "minId", SSSD_MIN_ID); - domain->id_max = ldb_msg_find_attr_as_uint(res->msgs[i], + domain->id_max = ldb_msg_find_attr_as_uint(res->msgs[0], "maxId", 0); - ret = btreemap_set_value(mem_ctx, &domain_map, - domain->name, domain, - _domain_comparator); - if (ret != EOK) { - DEBUG(1, ("Failed to store domain info for [%s]!\n", domain->name)); - talloc_free(domain_map); - goto done; + if (first == NULL) { + first = domain; + prevdom = first; + } else { + prevdom->next = domain; + prevdom = domain; } } - if (domain_map == NULL) { + if (first == NULL) { DEBUG(0, ("No domains configured, fatal error!\n")); ret = EINVAL; } - *domains = domain_map; + *domains = first; done: talloc_free(tmp_ctx); return ret; } - -int confdb_get_domains_list(struct confdb_ctx *cdb, - TALLOC_CTX *mem_ctx, - struct btreemap **domain_map, - const char ***domain_names, - int *count) -{ - const void **names; - int num; - int ret; - - if (*domain_map == NULL) { - ret = confdb_get_domains(cdb, mem_ctx, domain_map); - if (ret != EOK) return ret; - } - - ret = btreemap_get_keys(mem_ctx, *domain_map, &names, &num); - if (ret != EOK) { - DEBUG(0, ("Couldn't get domain list\n")); - return ret; - } - - *domain_names = (const char **)names; - *count = num; - return EOK; -} diff --git a/server/confdb/confdb.h b/server/confdb/confdb.h index 6d385443..b366d60d 100644 --- a/server/confdb/confdb.h +++ b/server/confdb/confdb.h @@ -40,6 +40,8 @@ struct sss_domain_info { bool mpg; uint32_t id_min; uint32_t id_max; + + struct sss_domain_info *next; }; struct confdb_ctx; @@ -76,12 +78,6 @@ int confdb_init(TALLOC_CTX *mem_ctx, int confdb_get_domains(struct confdb_ctx *cdb, TALLOC_CTX *mem_ctx, - struct btreemap **domains); - -int confdb_get_domains_list(struct confdb_ctx *cdb, - TALLOC_CTX *mem_ctx, - struct btreemap **domain_map, - const char ***domain_names, - int *count); + struct sss_domain_info **domains); #endif diff --git a/server/examples/config.ldif b/server/examples/config.ldif index 6101f085..b9eb3340 100644 --- a/server/examples/config.ldif +++ b/server/examples/config.ldif @@ -41,6 +41,7 @@ description: InfoPipe Configuration dn: cn=domains,cn=config cn: domains description: Domains served by SSSD +domains: LOCAL, EXAMPLE.COM, TEST dn: cn=LOCAL,cn=domains,cn=config cn: LOCAL diff --git a/server/infopipe/infopipe.c b/server/infopipe/infopipe.c index 535d41e3..72998301 100644 --- a/server/infopipe/infopipe.c +++ b/server/infopipe/infopipe.c @@ -36,8 +36,6 @@ #define INFP_CONF_ENTRY "config/services/info" -struct infp_ctx; - static int service_identity(DBusMessage *message, struct sbus_conn_ctx *sconn) { dbus_uint16_t version = INFOPIPE_VERSION; @@ -366,23 +364,13 @@ static int infp_process_init(TALLOC_CTX *mem_ctx, } /* Read in the domain map */ - ret = confdb_get_domains(cdb, infp_ctx, &infp_ctx->domain_map); + ret = confdb_get_domains(cdb, infp_ctx, &infp_ctx->domains); if (ret != EOK) { DEBUG(0, ("Failed to populate the domain map\n")); talloc_free(infp_ctx); return EIO; } - if (infp_ctx->domain_map == NULL) { - /* No domains configured! - * Note: this should never happen, since LOCAL - * should always be configured - */ - DEBUG(0, ("No domains configured on this client!\n")); - talloc_free(infp_ctx); - return EIO; - } - infp_ctx->cache_timeout = 600; /* FIXME: read from confdb */ /* Add the infp_ctx to the sbus_conn_ctx private data @@ -482,9 +470,15 @@ bool infp_get_permissions(const char *caller, return false; } -struct sss_domain_info *infp_get_domain_obj(struct infp_ctx *infp, const char *domain_name) +struct sss_domain_info *infp_get_domain_obj(struct infp_ctx *infp, + const char *domain_name) { - return talloc_get_type(btreemap_get_value(infp->domain_map, (const void *) domain_name), struct sss_domain_info); + struct sss_domain_info *dom; + + for (dom = infp->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, domain_name) == 0) break; + } + return dom; } /* CheckPermissions(STRING domain, STRING object, STRING instance diff --git a/server/infopipe/infopipe_groups.c b/server/infopipe/infopipe_groups.c index 4b2c881c..34e78958 100644 --- a/server/infopipe/infopipe_groups.c +++ b/server/infopipe/infopipe_groups.c @@ -150,9 +150,8 @@ int infp_groups_create(DBusMessage *message, struct sbus_conn_ctx *sconn) } grcreate_req->infp_req->domain = - btreemap_get_value(grcreate_req->infp_req->infp->domain_map, - (const void *)arg_domain); - if(grcreate_req->infp_req->domain == NULL) { + infp_get_domain_obj(grcreate_req->infp_req->infp, arg_domain); + if (grcreate_req->infp_req->domain == NULL) { einval_msg = talloc_strdup(grcreate_req, "Invalid domain."); goto einval; } @@ -319,9 +318,8 @@ int infp_groups_delete(DBusMessage *message, struct sbus_conn_ctx *sconn) } grdel_req->infp_req->domain = - btreemap_get_value(grdel_req->infp_req->infp->domain_map, - (const void *)arg_domain); - if(grdel_req->infp_req->domain == NULL) { + infp_get_domain_obj(grdel_req->infp_req->infp, arg_domain); + if (grdel_req->infp_req->domain == NULL) { einval_msg = talloc_strdup(grdel_req, "Invalid domain."); goto einval; } @@ -546,10 +544,9 @@ static int infp_groups_modify_members(DBusMessage *message, } grmod_req->infp_req->domain = - btreemap_get_value(grmod_req->infp_req->infp->domain_map, - (const void *)arg_domain); + infp_get_domain_obj(grmod_req->infp_req->infp, arg_domain); /* Check for a valid domain */ - if(grmod_req->infp_req->domain == NULL) { + if (grmod_req->infp_req->domain == NULL) { einval_msg = talloc_strdup(grmod_req, "Invalid domain."); goto einval; } @@ -772,11 +769,9 @@ int infp_groups_set_gid(DBusMessage *message, struct sbus_conn_ctx *sconn) } grmod_req->infp_req->domain = - btreemap_get_value(grmod_req->infp_req->infp->domain_map, - (const void *)arg_domain); - + infp_get_domain_obj(grmod_req->infp_req->infp, arg_domain); /* Check for a valid domain */ - if(grmod_req->infp_req->domain == NULL) { + if (grmod_req->infp_req->domain == NULL) { einval_msg = talloc_strdup(grmod_req, "Invalid domain."); goto einval; } diff --git a/server/infopipe/infopipe_private.h b/server/infopipe/infopipe_private.h index 066f11e9..7317f7a6 100644 --- a/server/infopipe/infopipe_private.h +++ b/server/infopipe/infopipe_private.h @@ -28,7 +28,7 @@ struct infp_ctx { struct service_sbus_ctx *ss_ctx; struct sysbus_ctx *sysbus; struct sysdb_ctx *sysdb; - struct btreemap *domain_map; + struct sss_domain_info *domains; char *introspect_xml; int cache_timeout; diff --git a/server/infopipe/infopipe_users.c b/server/infopipe/infopipe_users.c index 656d1525..14037774 100644 --- a/server/infopipe/infopipe_users.c +++ b/server/infopipe/infopipe_users.c @@ -144,10 +144,9 @@ int infp_users_get_cached(DBusMessage *message, struct sbus_conn_ctx *sconn) infp_getcached_req->min_last_login = arg_minlastlogin; infp_getcached_req->infp_req->domain = - btreemap_get_value(infp_getcached_req->infp_req->infp->domain_map, - (const void *)arg_domain); + infp_get_domain_obj(infp_getcached_req->infp_req->infp, arg_domain); /* Check for a valid domain */ - if(infp_getcached_req->infp_req->domain == NULL) { + if (infp_getcached_req->infp_req->domain == NULL) { einval_msg = talloc_strdup(infp_getcached_req, "Invalid domain."); goto einval; } @@ -320,10 +319,10 @@ int infp_users_create(DBusMessage *message, struct sbus_conn_ctx *sconn) goto denied; } - infp_createuser_req->infp_req->domain = btreemap_get_value(infp_createuser_req->infp_req->infp->domain_map, - (const void *)arg_domain); + infp_createuser_req->infp_req->domain = + infp_get_domain_obj(infp_createuser_req->infp_req->infp, arg_domain); /* Check for a valid domain */ - if(infp_createuser_req->infp_req->domain == NULL) { + if (infp_createuser_req->infp_req->domain == NULL) { einval_msg = talloc_strdup(infp_createuser_req, "Invalid domain."); goto einval; } @@ -523,10 +522,9 @@ int infp_users_delete(DBusMessage *message, struct sbus_conn_ctx *sconn) } infp_deleteuser_req->infp_req->domain = - btreemap_get_value(infp_deleteuser_req->infp_req->infp->domain_map, - (const void *)arg_domain); + infp_get_domain_obj(infp_deleteuser_req->infp_req->infp, arg_domain); /* Check for a valid domain */ - if(infp_deleteuser_req->infp_req->domain == NULL) { + if (infp_deleteuser_req->infp_req->domain == NULL) { einval_msg = talloc_strdup(infp_deleteuser_req, "Invalid domain."); goto einval; } @@ -1213,8 +1211,11 @@ int infp_users_get_attr(DBusMessage *message, struct sbus_conn_ctx *sconn) goto end; } - infp_getattr_req->infp_req->domain = btreemap_get_value(infp_getattr_req->infp_req->infp->domain_map, (const void *)domain); - infp_getattr_req->check_provider = strcasecmp(domain, "LOCAL"); + infp_getattr_req->infp_req->domain = + infp_get_domain_obj(infp_getattr_req->infp_req->infp, domain); + if (infp_getattr_req->infp_req->domain->provider) { + infp_getattr_req->check_provider = true; + } /* Copy the username list */ infp_getattr_req->usernames = talloc_array(infp_getattr_req, char *, username_count); @@ -1469,9 +1470,9 @@ int infp_users_set_attr(DBusMessage *message, struct sbus_conn_ctx *sconn) } dbus_message_iter_get_basic(&iter, &domain_name); - infp_setattr_req->infp_req->domain = btreemap_get_value(infp_setattr_req->infp_req->infp->domain_map, - (const void *)domain_name); - if(infp_setattr_req->infp_req->domain == NULL) { + infp_setattr_req->infp_req->domain = + infp_get_domain_obj(infp_setattr_req->infp_req->infp, domain_name); + if (infp_setattr_req->infp_req->domain == NULL) { einval_msg = talloc_strdup(infp_setattr_req, "Invalid domain."); goto einval; } @@ -1770,10 +1771,10 @@ int infp_users_set_uid(DBusMessage *message, struct sbus_conn_ctx *sconn) infp_setuid_req->username = talloc_strdup(infp_setuid_req, arg_username); - infp_setuid_req->infp_req->domain = btreemap_get_value(infp_setuid_req->infp_req->infp->domain_map, - (const void *)arg_domain); + infp_setuid_req->infp_req->domain = + infp_get_domain_obj(infp_setuid_req->infp_req->infp, arg_domain); /* Check for a valid domain */ - if(infp_setuid_req->infp_req->domain == NULL) { + if (infp_setuid_req->infp_req->domain == NULL) { einval_msg = talloc_strdup(infp_setuid_req, "Invalid domain."); goto einval; } diff --git a/server/monitor/monitor.c b/server/monitor/monitor.c index 9320ed82..7fef0822 100644 --- a/server/monitor/monitor.c +++ b/server/monitor/monitor.c @@ -71,7 +71,7 @@ struct mt_svc { struct mt_ctx { struct tevent_context *ev; struct confdb_ctx *cdb; - struct btreemap *dom_map; + struct sss_domain_info *domains; char **services; struct mt_svc *svc_list; struct sbus_srv_ctx *sbus_srv; @@ -380,8 +380,7 @@ int monitor_process_init(TALLOC_CTX *mem_ctx, struct mt_ctx *ctx; struct mt_svc *svc; struct sysdb_ctx *sysdb; - const char **doms; - int dom_count; + struct sss_domain_info *dom; char *path; int ret, i; @@ -485,14 +484,14 @@ int monitor_process_init(TALLOC_CTX *mem_ctx, } /* now start the data providers */ - ret = confdb_get_domains_list(cdb, ctx, - &(ctx->dom_map), &doms, &dom_count); + ret = confdb_get_domains(cdb, ctx, &ctx->domains); if (ret != EOK) { DEBUG(2, ("No domains configured. LOCAL should always exist!\n")); return ret; } - for (i = 0; i < dom_count; i++) { + for (dom = ctx->domains; dom; dom = dom->next) { + svc = talloc_zero(ctx, struct mt_svc); if (!svc) { talloc_free(ctx); @@ -500,7 +499,7 @@ int monitor_process_init(TALLOC_CTX *mem_ctx, } svc->mt_ctx = ctx; - svc->name = talloc_strdup(svc, doms[i]); + svc->name = talloc_strdup(svc, dom->name); if (!svc->name) { talloc_free(ctx); return ENOMEM; @@ -512,7 +511,7 @@ int monitor_process_init(TALLOC_CTX *mem_ctx, return ENOMEM; } - path = talloc_asprintf(svc, "config/domains/%s", doms[i]); + path = talloc_asprintf(svc, "config/domains/%s", svc->name); if (!path) { talloc_free(ctx); return ENOMEM; @@ -521,7 +520,7 @@ int monitor_process_init(TALLOC_CTX *mem_ctx, ret = confdb_get_string(cdb, svc, path, "provider", NULL, &svc->provider); if (ret != EOK) { - DEBUG(0, ("Failed to find provider from [%s] configuration\n", doms[i])); + DEBUG(0, ("Failed to find provider from [%s] configuration\n", svc->name)); talloc_free(svc); continue; } @@ -529,7 +528,7 @@ int monitor_process_init(TALLOC_CTX *mem_ctx, ret = confdb_get_string(cdb, svc, path, "command", NULL, &svc->command); if (ret != EOK) { - DEBUG(0, ("Failed to find command from [%s] configuration\n", doms[i])); + DEBUG(0, ("Failed to find command from [%s] configuration\n", svc->name)); talloc_free(svc); continue; } @@ -564,7 +563,7 @@ int monitor_process_init(TALLOC_CTX *mem_ctx, ret = start_service(svc); if (ret != EOK) { - DEBUG(0,("Failed to start provider for '%s'\n", doms[i])); + DEBUG(0,("Failed to start provider for '%s'\n", svc->name)); talloc_free(svc); continue; } diff --git a/server/responder/common/responder.h b/server/responder/common/responder.h index 4b6bfeee..6f737a14 100644 --- a/server/responder/common/responder.h +++ b/server/responder/common/responder.h @@ -63,8 +63,7 @@ struct resp_ctx { struct service_sbus_ctx *ss_ctx; struct service_sbus_ctx *dp_ctx; - struct btreemap *domain_map; - char *default_domain; + struct sss_domain_info *domains; struct sbus_method *sss_sbus_methods; struct sss_cmd_table *sss_cmds; diff --git a/server/responder/common/responder_common.c b/server/responder/common/responder_common.c index 855c78a7..50cda623 100644 --- a/server/responder/common/responder_common.c +++ b/server/responder/common/responder_common.c @@ -453,40 +453,6 @@ failed: return EIO; } -static int sss_init_domains(struct resp_ctx *rctx) -{ - int ret; - int retval; - - ret = confdb_get_domains(rctx->cdb, rctx, &rctx->domain_map); - if (ret != EOK) { - retval = ret; - goto done; - } - - if (rctx->domain_map == NULL) { - /* No domains configured! - * Note: this should never happen, since LOCAL should - * always be configured */ - DEBUG(0, ("No domains configured on this client!\n")); - retval = EINVAL; - goto done; - } - - ret = confdb_get_string(rctx->cdb, rctx, - "config/domains", "default", - NULL, &rctx->default_domain); - if (ret != EOK) { - retval = ret; - goto done; - } - - retval = EOK; - -done: - return retval; -} - int sss_names_init(struct resp_ctx *rctx) { struct sss_names_ctx *ctx; @@ -571,7 +537,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, rctx->confdb_service_path = confdb_service_path; rctx->dp_methods = dp_methods; - ret = sss_init_domains(rctx); + ret = confdb_get_domains(rctx->cdb, rctx, &rctx->domains); if (ret != EOK) { DEBUG(0, ("fatal error setting up domain map\n")); return ret; diff --git a/server/responder/nss/nsssrv.c b/server/responder/nss/nsssrv.c index 834c42d9..58b09fb3 100644 --- a/server/responder/nss/nsssrv.c +++ b/server/responder/nss/nsssrv.c @@ -123,10 +123,10 @@ static int nss_get_config(struct nss_ctx *nctx, struct confdb_ctx *cdb) { TALLOC_CTX *tmpctx; + struct sss_domain_info *dom; char *domain, *name; - const char **domains; char **filter_list; - int ret, num, i, j; + int ret, i; tmpctx = talloc_new(nctx); if (!tmpctx) return ENOMEM; @@ -166,20 +166,12 @@ static int nss_get_config(struct nss_ctx *nctx, continue; } } else { - ret = btreemap_get_keys(tmpctx, rctx->domain_map, - (const void ***)&domains, &num); - if (ret != EOK) { - DEBUG(0, ("Unable to find domains!\n")); - return ret; - } - - for (j = 0; j < num; j++) { - ret = nss_ncache_set_user(nctx->ncache, - true, domains[j], name); + for (dom = rctx->domains; dom; dom = dom->next) { + ret = nss_ncache_set_user(nctx->ncache, true, dom->name, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent user filter for" " [%s:%s] (%d [%s])\n", - domains[j], filter_list[i], + dom->name, filter_list[i], ret, strerror(ret))); continue; } @@ -208,20 +200,12 @@ static int nss_get_config(struct nss_ctx *nctx, continue; } } else { - ret = btreemap_get_keys(tmpctx, rctx->domain_map, - (const void ***)&domains, &num); - if (ret != EOK) { - DEBUG(0, ("Unable to find domains!\n")); - return ret; - } - - for (j = 0; j < num; j++) { - ret = nss_ncache_set_group(nctx->ncache, - true, domains[j], name); + for (dom = rctx->domains; dom; dom = dom->next) { + ret = nss_ncache_set_group(nctx->ncache, true, dom->name, name); if (ret != EOK) { DEBUG(1, ("Failed to store permanent group filter for" " [%s:%s] (%d [%s])\n", - domains[j], filter_list[i], + dom->name, filter_list[i], ret, strerror(ret))); continue; } diff --git a/server/responder/nss/nsssrv_cmd.c b/server/responder/nss/nsssrv_cmd.c index 367df36f..41f0c16a 100644 --- a/server/responder/nss/nsssrv_cmd.c +++ b/server/responder/nss/nsssrv_cmd.c @@ -80,18 +80,19 @@ static int nss_cmd_send_error(struct nss_cmd_ctx *cmdctx, int err) } while(0) static int nss_dom_ctx_init(struct nss_dom_ctx *dctx, - struct btreemap *domain_map, const char *domain) + struct sss_domain_info *doms, const char *domain) { - struct sss_domain_info *info; + struct sss_domain_info *dom; - /* Check for registered domain */ - info = btreemap_get_value(domain_map, (void *)domain); - if (!info) { + for (dom = doms; dom; dom = dom->next) { + if (strcasecmp(dom->name, domain) == 0) break; + } + if (!dom) { return EINVAL; } - dctx->domain = info; - dctx->check_provider = (info->provider != NULL); + dctx->domain = dom; + dctx->check_provider = (dom->provider != NULL); return EOK; } @@ -101,7 +102,7 @@ static int nss_dom_ctx_init(struct nss_dom_ctx *dctx, ***************************************************************************/ static int fill_pwent(struct sss_packet *packet, - struct sss_domain_info *info, + struct sss_domain_info *dom, struct nss_ctx *nctx, bool filter_users, struct ldb_message **msgs, @@ -120,8 +121,8 @@ static int fill_pwent(struct sss_packet *packet, size_t dom_len = 0; int delim = 1; int i, ret, num, t; - bool add_domain = info->fqnames; - const char *domain = info->name; + bool add_domain = dom->fqnames; + const char *domain = dom->name; const char *namefmt = nctx->rctx->names->fq_fmt; int ncret; @@ -157,8 +158,8 @@ static int fill_pwent(struct sss_packet *packet, } /* check that the uid is valid for this domain */ - if ((info->id_min && (uid < info->id_min)) || - (info->id_max && (uid > info->id_max))) { + if ((dom->id_min && (uid < dom->id_min)) || + (dom->id_max && (uid > dom->id_max))) { DEBUG(4, ("User [%s@%s] filtered out! (id out of range)\n", name, domain)); continue; @@ -444,14 +445,13 @@ static int nss_cmd_getpwnam(struct cli_ctx *cctx) { struct nss_cmd_ctx *cmdctx; struct nss_dom_ctx *dctx; - struct sss_domain_info *info; + struct sss_domain_info *dom; struct nss_ctx *nctx; - const char **domains; const char *rawname; char *domname; uint8_t *body; size_t blen; - int ret, num, i; + int ret; int ncret; nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx); @@ -502,7 +502,7 @@ static int nss_cmd_getpwnam(struct cli_ctx *cctx) } dctx->cmdctx = cmdctx; - ret = nss_dom_ctx_init(dctx, cctx->rctx->domain_map, domname); + ret = nss_dom_ctx_init(dctx, cctx->rctx->domains, domname); if (ret != EOK) { DEBUG(2, ("Invalid domain name received [%s]\n", domname)); goto done; @@ -520,30 +520,22 @@ static int nss_cmd_getpwnam(struct cli_ctx *cctx) } else { dctx = NULL; - domains = NULL; - num = 0; - /* get domains list */ - ret = btreemap_get_keys(cmdctx, cctx->rctx->domain_map, - (const void ***)&domains, &num); - if (ret != EOK) goto done; cmdctx->nr = 0; - for (i = 0; i < num; i++) { + for (dom = cctx->rctx->domains; dom; dom = dom->next) { /* verify this user has not yet been negatively cached, * or has been permanently filtered */ ncret = nss_ncache_check_user(nctx->ncache, nctx->neg_timeout, - domains[i], cmdctx->name); + dom->name, cmdctx->name); if (ncret != ENOENT) { DEBUG(3, ("User [%s] does not exist! (neg cache)\n", rawname)); continue; } - info = btreemap_get_value(cctx->rctx->domain_map, domains[i]); - /* skip domains that require FQnames */ - if (info->fqnames) continue; + if (dom->fqnames) continue; cmdctx->nr++; @@ -554,8 +546,8 @@ static int nss_cmd_getpwnam(struct cli_ctx *cctx) } dctx->cmdctx = cmdctx; - dctx->domain = info; - dctx->check_provider = (info->provider != NULL); + dctx->domain = dom; + dctx->check_provider = (dom->provider != NULL); DEBUG(4, ("Requesting info for [%s@%s]\n", cmdctx->name, dctx->domain->name)); @@ -808,12 +800,11 @@ static int nss_cmd_getpwuid(struct cli_ctx *cctx) { struct nss_cmd_ctx *cmdctx; struct nss_dom_ctx *dctx; - struct sss_domain_info *info; + struct sss_domain_info *dom; struct nss_ctx *nctx; - const char **domains; uint8_t *body; size_t blen; - int i, num, ret; + int ret; int ncret; nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx); @@ -836,36 +827,25 @@ static int nss_cmd_getpwuid(struct cli_ctx *cctx) /* FIXME: Just ask all backends for now, until we check for ranges */ dctx = NULL; - domains = NULL; - num = 0; - /* get domains list */ - ret = btreemap_get_keys(cmdctx, cctx->rctx->domain_map, - (const void ***)&domains, &num); - if (ret != EOK) { - goto done; - } - cmdctx->nr = 0; - for (i = 0; i < num; i++) { + for (dom = cctx->rctx->domains; dom; dom = dom->next) { /* verify this user has not yet been negatively cached, * or has been permanently filtered */ ncret = nss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, - cmdctx->id); + cmdctx->id); if (ncret != ENOENT) { DEBUG(3, ("Uid [%lu] does not exist! (negative cache)\n", (unsigned long)cmdctx->id)); continue; } - info = btreemap_get_value(cctx->rctx->domain_map, domains[i]); - /* check that the uid is valid for this domain */ - if ((info->id_min && (cmdctx->id < info->id_min)) || - (info->id_max && (cmdctx->id > info->id_max))) { + if ((dom->id_min && (cmdctx->id < dom->id_min)) || + (dom->id_max && (cmdctx->id > dom->id_max))) { DEBUG(4, ("Uid [%lu] does not exist in domain [%s]! " "(id out of range)\n", - (unsigned long)cmdctx->id, domains[i])); + (unsigned long)cmdctx->id, dom->name)); continue; } @@ -878,8 +858,8 @@ static int nss_cmd_getpwuid(struct cli_ctx *cctx) } dctx->cmdctx = cmdctx; - dctx->domain = info; - dctx->check_provider = (info->provider != NULL); + dctx->domain = dom; + dctx->check_provider = (dom->provider != NULL); DEBUG(4, ("Requesting info for [%lu@%s]\n", cmdctx->id, dctx->domain->name)); @@ -1036,16 +1016,15 @@ static void nss_cmd_setpw_dp_callback(uint16_t err_maj, uint32_t err_min, static int nss_cmd_setpwent_ext(struct cli_ctx *cctx, bool immediate) { - struct sss_domain_info *info; + struct sss_domain_info *dom; struct nss_cmd_ctx *cmdctx; struct nss_dom_ctx *dctx; struct getent_ctx *pctx; struct nss_ctx *nctx; - const char **domains; time_t now = time(NULL); bool cached = false; int timeout; - int i, ret, num; + int ret; DEBUG(4, ("Requesting info for all users\n")); @@ -1067,15 +1046,6 @@ static int nss_cmd_setpwent_ext(struct cli_ctx *cctx, bool immediate) cmdctx->immediate = immediate; - domains = NULL; - num = 0; - /* get domains list */ - ret = btreemap_get_keys(cmdctx, cctx->rctx->domain_map, - (const void ***)&domains, &num); - if (ret != EOK) { - return ret; - } - /* do not query backends if we have a recent enumeration */ if (nctx->enum_cache_timeout) { if (nctx->last_user_enum + @@ -1085,10 +1055,9 @@ static int nss_cmd_setpwent_ext(struct cli_ctx *cctx, bool immediate) } /* check if enumeration is enabled in any domain */ - for (i = 0; i < num; i++) { - info = btreemap_get_value(cctx->rctx->domain_map, domains[i]); + for (dom = cctx->rctx->domains; dom; dom = dom->next) { - if ((info->enumerate & NSS_ENUM_USERS) == 0) { + if ((dom->enumerate & NSS_ENUM_USERS) == 0) { continue; } @@ -1099,19 +1068,19 @@ static int nss_cmd_setpwent_ext(struct cli_ctx *cctx, bool immediate) if (!dctx) return ENOMEM; dctx->cmdctx = cmdctx; - dctx->domain = info; + dctx->domain = dom; if (cached) { dctx->check_provider = false; } else { - dctx->check_provider = (info->provider != NULL); + dctx->check_provider = (dom->provider != NULL); } if (dctx->check_provider) { - timeout = SSS_CLI_SOCKET_TIMEOUT/(i+2); + timeout = SSS_CLI_SOCKET_TIMEOUT; ret = nss_dp_send_acct_req(cctx->rctx, cmdctx, nss_cmd_setpw_dp_callback, dctx, - timeout, domains[i], NSS_DP_USER, + timeout, dom->name, NSS_DP_USER, NULL, 0); } else { ret = sysdb_enumpwent(dctx, cctx->rctx->sysdb, @@ -1121,7 +1090,7 @@ static int nss_cmd_setpwent_ext(struct cli_ctx *cctx, bool immediate) if (ret != EOK) { /* FIXME: shutdown ? */ DEBUG(1, ("Failed to send enumeration request for domain [%s]!\n", - domains[i])); + dom->name)); continue; } @@ -1274,7 +1243,7 @@ done: ***************************************************************************/ static int fill_grent(struct sss_packet *packet, - struct sss_domain_info *info, + struct sss_domain_info *dom, struct nss_ctx *nctx, bool filter_groups, struct ldb_message **msgs, @@ -1292,8 +1261,8 @@ static int fill_grent(struct sss_packet *packet, size_t dom_len = 0; size_t name_len; int delim = 1; - bool add_domain = info->fqnames; - const char *domain = info->name; + bool add_domain = dom->fqnames; + const char *domain = dom->name; const char *namefmt = nctx->rctx->names->fq_fmt; int ncret; @@ -1343,8 +1312,8 @@ static int fill_grent(struct sss_packet *packet, } /* check that the gid is valid for this domain */ - if ((info->id_min && (gid < info->id_min)) || - (info->id_max && (gid > info->id_max))) { + if ((dom->id_min && (gid < dom->id_min)) || + (dom->id_max && (gid > dom->id_max))) { DEBUG(4, ("User [%s@%s] filtered out! (id out of range)\n", name, domain)); skip_members = true; @@ -1511,8 +1480,8 @@ static int fill_grent(struct sss_packet *packet, } /* check that the uid is valid for this domain */ - if ((info->id_min && (uid < info->id_min)) || - (info->id_max && (uid > info->id_max))) { + if ((dom->id_min && (uid < dom->id_min)) || + (dom->id_max && (uid > dom->id_max))) { DEBUG(4, ("User [%s@%s] filtered out! (id out of range)\n", name, domain)); continue; @@ -1772,14 +1741,13 @@ static int nss_cmd_getgrnam(struct cli_ctx *cctx) { struct nss_cmd_ctx *cmdctx; struct nss_dom_ctx *dctx; - struct sss_domain_info *info; + struct sss_domain_info *dom; struct nss_ctx *nctx; - const char **domains; const char *rawname; char *domname; uint8_t *body; size_t blen; - int ret, num, i; + int ret; int ncret; nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx); @@ -1828,7 +1796,7 @@ static int nss_cmd_getgrnam(struct cli_ctx *cctx) } dctx->cmdctx = cmdctx; - ret = nss_dom_ctx_init(dctx, cctx->rctx->domain_map, domname); + ret = nss_dom_ctx_init(dctx, cctx->rctx->domains, domname); if (ret != EOK) { DEBUG(2, ("Invalid domain name received [%s]\n", domname)); goto done; @@ -1846,30 +1814,21 @@ static int nss_cmd_getgrnam(struct cli_ctx *cctx) } else { dctx = NULL; - domains = NULL; - num = 0; - /* get domains list */ - ret = btreemap_get_keys(cmdctx, cctx->rctx->domain_map, - (const void ***)&domains, &num); - if (ret != EOK) goto done; - cmdctx->nr = 0; - for (i = 0; i < num; i++) { + for (dom = cctx->rctx->domains; dom; dom = dom->next) { /* verify this user has not yet been negatively cached, * or has been permanently filtered */ ncret = nss_ncache_check_group(nctx->ncache, nctx->neg_timeout, - domains[i], cmdctx->name); + dom->name, cmdctx->name); if (ncret != ENOENT) { DEBUG(3, ("Group [%s] does not exist! (negative cache)\n", rawname)); continue; } - info = btreemap_get_value(cctx->rctx->domain_map, domains[i]); - /* skip domains that require FQnames */ - if (info->fqnames) continue; + if (dom->fqnames) continue; cmdctx->nr++; @@ -1880,8 +1839,8 @@ static int nss_cmd_getgrnam(struct cli_ctx *cctx) } dctx->cmdctx = cmdctx; - dctx->domain = info; - dctx->check_provider = (info->provider != NULL); + dctx->domain = dom; + dctx->check_provider = (dom->provider != NULL); DEBUG(4, ("Requesting info for [%s@%s]\n", cmdctx->name, dctx->domain->name)); @@ -2115,12 +2074,11 @@ static int nss_cmd_getgrgid(struct cli_ctx *cctx) { struct nss_cmd_ctx *cmdctx; struct nss_dom_ctx *dctx; - struct sss_domain_info *info; + struct sss_domain_info *dom; struct nss_ctx *nctx; - const char **domains; uint8_t *body; size_t blen; - int i, num, ret; + int ret; int ncret; nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx); @@ -2143,33 +2101,22 @@ static int nss_cmd_getgrgid(struct cli_ctx *cctx) /* FIXME: Just ask all backends for now, until we check for ranges */ dctx = NULL; - domains = NULL; - num = 0; - /* get domains list */ - ret = btreemap_get_keys(cmdctx, cctx->rctx->domain_map, - (const void ***)&domains, &num); - if (ret != EOK) { - goto done; - } - cmdctx->nr = 0; - for (i = 0; i < num; i++) { + for (dom = cctx->rctx->domains; dom; dom = dom->next) { /* verify this user has not yet been negatively cached, * or has been permanently filtered */ ncret = nss_ncache_check_gid(nctx->ncache, nctx->neg_timeout, - cmdctx->id); + cmdctx->id); if (ncret != ENOENT) { DEBUG(3, ("Gid [%lu] does not exist! (negative cache)\n", (unsigned long)cmdctx->id)); continue; } - info = btreemap_get_value(cctx->rctx->domain_map, domains[i]); - /* check that the uid is valid for this domain */ - if ((info->id_min && (cmdctx->id < info->id_min)) || - (info->id_max && (cmdctx->id > info->id_max))) { + if ((dom->id_min && (cmdctx->id < dom->id_min)) || + (dom->id_max && (cmdctx->id > dom->id_max))) { DEBUG(4, ("Gid [%lu] does not exist! (id out of range)\n", (unsigned long)cmdctx->id)); continue; @@ -2185,8 +2132,8 @@ static int nss_cmd_getgrgid(struct cli_ctx *cctx) } dctx->cmdctx = cmdctx; - dctx->domain = info; - dctx->check_provider = (info->provider != NULL); + dctx->domain = dom; + dctx->check_provider = (dom->provider != NULL); DEBUG(4, ("Requesting info for [%lu@%s]\n", cmdctx->id, dctx->domain->name)); @@ -2344,16 +2291,15 @@ static void nss_cmd_setgr_dp_callback(uint16_t err_maj, uint32_t err_min, static int nss_cmd_setgrent_ext(struct cli_ctx *cctx, bool immediate) { - struct sss_domain_info *info; + struct sss_domain_info *dom; struct nss_cmd_ctx *cmdctx; struct nss_dom_ctx *dctx; struct getent_ctx *gctx; struct nss_ctx *nctx; - const char **domains; time_t now = time(NULL); bool cached = false; int timeout; - int i, ret, num; + int ret; DEBUG(4, ("Requesting info for all groups\n")); @@ -2375,15 +2321,6 @@ static int nss_cmd_setgrent_ext(struct cli_ctx *cctx, bool immediate) cmdctx->immediate = immediate; - domains = NULL; - num = 0; - /* get domains list */ - ret = btreemap_get_keys(cmdctx, cctx->rctx->domain_map, - (const void ***)&domains, &num); - if(ret != EOK) { - return ret; - } - /* do not query backends if we have a recent enumeration */ if (nctx->enum_cache_timeout) { if (nctx->last_group_enum + @@ -2393,10 +2330,9 @@ static int nss_cmd_setgrent_ext(struct cli_ctx *cctx, bool immediate) } /* check if enumeration is enabled in any domain */ - for (i = 0; i < num; i++) { - info = btreemap_get_value(cctx->rctx->domain_map, domains[i]); + for (dom = cctx->rctx->domains; dom; dom = dom->next) { - if ((info->enumerate & NSS_ENUM_GROUPS) == 0) { + if ((dom->enumerate & NSS_ENUM_GROUPS) == 0) { continue; } @@ -2407,19 +2343,19 @@ static int nss_cmd_setgrent_ext(struct cli_ctx *cctx, bool immediate) if (!dctx) return ENOMEM; dctx->cmdctx = cmdctx; - dctx->domain = info; + dctx->domain = dom; if (cached) { dctx->check_provider = false; } else { - dctx->check_provider = (info->provider != NULL); + dctx->check_provider = (dom->provider != NULL); } if (dctx->check_provider) { - timeout = SSS_CLI_SOCKET_TIMEOUT/(i+2); + timeout = SSS_CLI_SOCKET_TIMEOUT; ret = nss_dp_send_acct_req(cctx->rctx, cmdctx, nss_cmd_setgr_dp_callback, dctx, - timeout, domains[i], NSS_DP_GROUP, + timeout, dom->name, NSS_DP_GROUP, NULL, 0); } else { ret = sysdb_enumgrent(dctx, cctx->rctx->sysdb, @@ -2429,7 +2365,7 @@ static int nss_cmd_setgrent_ext(struct cli_ctx *cctx, bool immediate) if (ret != EOK) { /* FIXME: shutdown ? */ DEBUG(1, ("Failed to send enumeration request for domain [%s]!\n", - domains[i])); + dom->name)); continue; } @@ -2864,14 +2800,13 @@ static int nss_cmd_initgroups(struct cli_ctx *cctx) { struct nss_cmd_ctx *cmdctx; struct nss_dom_ctx *dctx; - struct sss_domain_info *info; + struct sss_domain_info *dom; struct nss_ctx *nctx; - const char **domains; const char *rawname; char *domname; uint8_t *body; size_t blen; - int ret, num, i; + int ret; int ncret; nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx); @@ -2920,7 +2855,7 @@ static int nss_cmd_initgroups(struct cli_ctx *cctx) } dctx->cmdctx = cmdctx; - ret = nss_dom_ctx_init(dctx, cctx->rctx->domain_map, domname); + ret = nss_dom_ctx_init(dctx, cctx->rctx->domains, domname); if (ret != EOK) { DEBUG(2, ("Invalid domain name received [%s]\n", domname)); goto done; @@ -2938,29 +2873,20 @@ static int nss_cmd_initgroups(struct cli_ctx *cctx) } else { dctx = NULL; - domains = NULL; - num = 0; - /* get domains list */ - ret = btreemap_get_keys(cmdctx, cctx->rctx->domain_map, - (const void ***)&domains, &num); - if (ret != EOK) goto done; - cmdctx->nr = 0; - for (i = 0; i < num; i++) { + for (dom = cctx->rctx->domains; dom; dom = dom->next) { /* verify this user has not yet been negatively cached, * or has been permanently filtered */ ncret = nss_ncache_check_user(nctx->ncache, nctx->neg_timeout, - domains[i], cmdctx->name); + dom->name, cmdctx->name); if (ncret != ENOENT) { DEBUG(3, ("User does not exist! (neg cache)\n")); continue; } - info = btreemap_get_value(cctx->rctx->domain_map, domains[i]); - /* skip domains that require FQnames */ - if (info->fqnames) continue; + if (dom->fqnames) continue; cmdctx->nr++; @@ -2971,8 +2897,8 @@ static int nss_cmd_initgroups(struct cli_ctx *cctx) } dctx->cmdctx = cmdctx; - dctx->domain = info; - dctx->check_provider = (info->provider != NULL); + dctx->domain = dom; + dctx->check_provider = (dom->provider != NULL); DEBUG(4, ("Requesting info for [%s@%s]\n", cmdctx->name, dctx->domain->name)); diff --git a/server/responder/pam/pam_LOCAL_domain.c b/server/responder/pam/pam_LOCAL_domain.c index 49a06ff3..28a95db8 100644 --- a/server/responder/pam/pam_LOCAL_domain.c +++ b/server/responder/pam/pam_LOCAL_domain.c @@ -347,7 +347,7 @@ done: } int LOCAL_pam_handler(struct cli_ctx *cctx, pam_dp_callback_t callback, - struct pam_data *pd) + struct sss_domain_info *dom, struct pam_data *pd) { int ret; struct LOCAL_request *lreq=NULL; @@ -377,8 +377,7 @@ int LOCAL_pam_handler(struct cli_ctx *cctx, pam_dp_callback_t callback, DEBUG(4, ("LOCAL pam handler.\n")); - lreq->domain_info = btreemap_get_value(lreq->cctx->rctx->domain_map, - lreq->pd->domain); + lreq->domain_info = dom; NULL_CHECK_OR_JUMP(lreq->domain_info, ("Domain info not found.\n"), ret, EINVAL, done); diff --git a/server/responder/pam/pam_LOCAL_domain.h b/server/responder/pam/pam_LOCAL_domain.h index 6cac6075..bc2064db 100644 --- a/server/responder/pam/pam_LOCAL_domain.h +++ b/server/responder/pam/pam_LOCAL_domain.h @@ -4,6 +4,6 @@ #include "responder/pam/pamsrv.h" int LOCAL_pam_handler(struct cli_ctx *cctx, pam_dp_callback_t callback, - struct pam_data *pd); + struct sss_domain_info *dom, struct pam_data *pd); #endif /* __PAM_LOCAL_DOMAIN_H__ */ diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c index 22a2b85d..db5f064f 100644 --- a/server/responder/pam/pamsrv_cmd.c +++ b/server/responder/pam/pamsrv_cmd.c @@ -197,7 +197,7 @@ done: static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) { - struct sss_domain_info *info; + struct sss_domain_info *dom; uint8_t *body; size_t blen; int ret; @@ -224,30 +224,27 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) pd->response_delay = 0; pd->resp_list = NULL; - if (pd->domain == NULL) { - if (cctx->rctx->default_domain != NULL) { - pd->domain = cctx->rctx->default_domain; - } else { - pd->domain = talloc_strdup(pd, "LOCAL"); - } - DEBUG(4, ("Using default domain [%s].\n", pd->domain)); - } if (pd->domain) { - /* Check for registered domain */ - info = btreemap_get_value(cctx->rctx->domain_map, - (void *)(pd->domain)); - if (!info) { + for (dom = cctx->rctx->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, pd->domain) == 0) break; + } + if (!dom) { talloc_free(pd); return EINVAL; } } + else { + DEBUG(4, ("Domain not provided, using default.\n")); + dom = cctx->rctx->domains; + pd->domain = dom->name; + } - if (!info->provider) { - return LOCAL_pam_handler(cctx, pam_reply, pd); + if (!dom->provider) { + return LOCAL_pam_handler(cctx, pam_reply, dom, pd); }; - ret=pam_dp_send_req(cctx, pam_reply, PAM_DP_TIMEOUT, pd); + ret = pam_dp_send_req(cctx, pam_reply, PAM_DP_TIMEOUT, pd); DEBUG(4, ("pam_dp_send_req returned %d\n", ret)); return ret; diff --git a/server/tools/sss_groupadd.c b/server/tools/sss_groupadd.c index 5363dbba..d0559716 100644 --- a/server/tools/sss_groupadd.c +++ b/server/tools/sss_groupadd.c @@ -83,7 +83,7 @@ int main(int argc, const char **argv) { "gid", 'g', POPT_ARG_INT, &pc_gid, 0, "The GID of the group", NULL }, POPT_TABLEEND }; - + struct sss_domain_info *dom; poptContext pc = NULL; struct tools_ctx *ctx = NULL; struct group_add_ctx *group_ctx = NULL; @@ -128,12 +128,15 @@ int main(int argc, const char **argv) /* arguments processed, go on to actual work */ - group_ctx->domain = btreemap_get_value(ctx->domains, "LOCAL"); - if (group_ctx->domain == NULL) { + for (dom = ctx->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, "LOCAL") == 0) break; + } + if (dom == NULL) { DEBUG(0, ("Could not get domain info\n")); ret = EXIT_FAILURE; goto fini; } + group_ctx->domain = dom; /* add_group */ ret = sysdb_transaction(ctx, ctx->sysdb, add_group, group_ctx); diff --git a/server/tools/sss_groupdel.c b/server/tools/sss_groupdel.c index 1cbddf45..8e85003c 100644 --- a/server/tools/sss_groupdel.c +++ b/server/tools/sss_groupdel.c @@ -79,7 +79,7 @@ int main(int argc, const char **argv) int ret = EXIT_SUCCESS; struct group_del_ctx *group_ctx = NULL; struct tools_ctx *ctx = NULL; - + struct sss_domain_info *dom; poptContext pc = NULL; struct poptOption long_options[] = { @@ -121,12 +121,16 @@ int main(int argc, const char **argv) /* arguments processed, go on to actual work */ - group_ctx->domain = btreemap_get_value(ctx->domains, "LOCAL"); - if (group_ctx->domain == NULL) { - DEBUG(0, ("Could not set default values\n")); + for (dom = ctx->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, "LOCAL") == 0) break; + } + if (dom == NULL) { + DEBUG(0, ("Could not get domain info\n")); ret = EXIT_FAILURE; goto fini; } + group_ctx->domain = dom; + group_ctx->group_dn = sysdb_group_dn(ctx->sysdb, ctx, group_ctx->domain->name, diff --git a/server/tools/sss_groupmod.c b/server/tools/sss_groupmod.c index ed16033a..922555f0 100644 --- a/server/tools/sss_groupmod.c +++ b/server/tools/sss_groupmod.c @@ -186,6 +186,7 @@ int main(int argc, const char **argv) POPT_TABLEEND }; poptContext pc = NULL; + struct sss_domain_info *dom; struct group_mod_ctx *group_ctx = NULL; struct tools_ctx *ctx = NULL; char *groups; @@ -246,12 +247,16 @@ int main(int argc, const char **argv) group_ctx->gid = pc_gid; /* arguments processed, go on to actual work */ - group_ctx->domain = btreemap_get_value(ctx->domains, "LOCAL"); - if (group_ctx->domain == NULL) { - DEBUG(0, ("Could not get the domain\n")); + + for (dom = ctx->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, "LOCAL") == 0) break; + } + if (dom == NULL) { + DEBUG(0, ("Could not get domain info\n")); ret = EXIT_FAILURE; goto fini; } + group_ctx->domain = dom; ret = sysdb_transaction(ctx, ctx->sysdb, mod_group, group_ctx); if (ret != EOK) { diff --git a/server/tools/sss_useradd.c b/server/tools/sss_useradd.c index ba89276f..d3b930d1 100644 --- a/server/tools/sss_useradd.c +++ b/server/tools/sss_useradd.c @@ -233,6 +233,7 @@ int main(int argc, const char **argv) POPT_TABLEEND }; poptContext pc = NULL; + struct sss_domain_info *dom; struct user_add_ctx *user_ctx = NULL; struct tools_ctx *ctx = NULL; char *groups; @@ -332,12 +333,15 @@ int main(int argc, const char **argv) /* arguments processed, go on to actual work */ - user_ctx->domain = btreemap_get_value(ctx->domains, "LOCAL"); - if (user_ctx->domain == NULL) { - DEBUG(0, ("Could not set default values\n")); + for (dom = ctx->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, "LOCAL") == 0) break; + } + if (dom == NULL) { + DEBUG(0, ("Could not get domain info\n")); ret = EXIT_FAILURE; goto fini; } + user_ctx->domain = dom; /* useradd */ ret = sysdb_transaction(ctx, ctx->sysdb, add_user, user_ctx); diff --git a/server/tools/sss_userdel.c b/server/tools/sss_userdel.c index 1a56cf9d..47188824 100644 --- a/server/tools/sss_userdel.c +++ b/server/tools/sss_userdel.c @@ -78,7 +78,7 @@ int main(int argc, const char **argv) int ret = EXIT_SUCCESS; struct user_del_ctx *user_ctx = NULL; struct tools_ctx *ctx = NULL; - + struct sss_domain_info *dom; poptContext pc = NULL; struct poptOption long_options[] = { @@ -120,12 +120,15 @@ int main(int argc, const char **argv) /* arguments processed, go on to actual work */ - user_ctx->domain = btreemap_get_value(ctx->domains, "LOCAL"); - if (user_ctx->domain == NULL) { - DEBUG(0, ("Could not set default values\n")); + for (dom = ctx->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, "LOCAL") == 0) break; + } + if (dom == NULL) { + DEBUG(0, ("Could not get domain info\n")); ret = EXIT_FAILURE; goto fini; } + user_ctx->domain = dom; user_ctx->user_dn = sysdb_user_dn(ctx->sysdb, ctx, user_ctx->domain->name, diff --git a/server/tools/sss_usermod.c b/server/tools/sss_usermod.c index 6f1d4ce6..dae584e2 100644 --- a/server/tools/sss_usermod.c +++ b/server/tools/sss_usermod.c @@ -210,6 +210,7 @@ int main(int argc, const char **argv) POPT_TABLEEND }; poptContext pc = NULL; + struct sss_domain_info *dom; struct user_mod_ctx *user_ctx = NULL; struct tools_ctx *ctx = NULL; char *groups; @@ -328,10 +329,15 @@ int main(int argc, const char **argv) /* arguments processed, go on to actual work */ - user_ctx->domain = btreemap_get_value(ctx->domains, "LOCAL"); - if (user_ctx->domain == NULL) { - VAR_CHECK(ret, EOK, "Could not set default values\n"); + for (dom = ctx->domains; dom; dom = dom->next) { + if (strcasecmp(dom->name, "LOCAL") == 0) break; } + if (dom == NULL) { + DEBUG(0, ("Could not get domain info\n")); + ret = EXIT_FAILURE; + goto fini; + } + user_ctx->domain = dom; ret = sysdb_transaction(ctx, ctx->sysdb, mod_user, user_ctx); if (ret != EOK) { diff --git a/server/tools/tools_util.h b/server/tools/tools_util.h index 4a32e9c7..ef55dede 100644 --- a/server/tools/tools_util.h +++ b/server/tools/tools_util.h @@ -9,7 +9,7 @@ struct tools_ctx { struct confdb_ctx *confdb; struct sysdb_ctx *sysdb; - struct btreemap *domains; + struct sss_domain_info *domains; }; int setup_db(struct tools_ctx **ctx); |