summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFabiano Fidêncio <fidencio@redhat.com>2017-04-25 14:14:05 +0200
committerJakub Hrozek <jhrozek@redhat.com>2017-05-10 15:03:11 +0200
commitf24ee5cca4cd43e7edf26fec453fbd99392bbe4b (patch)
tree6cb5c491b35e56046caa0cf31901a176456a989c
parenta012a71f21bf1a4687e58085f19c18cc5b2bbadd (diff)
downloadsssd-f24ee5cca4cd43e7edf26fec453fbd99392bbe4b.tar.gz
sssd-f24ee5cca4cd43e7edf26fec453fbd99392bbe4b.tar.xz
sssd-f24ee5cca4cd43e7edf26fec453fbd99392bbe4b.zip
CACHE_REQ: Add a new cache_req_ncache_filter_fn() plugin function
This function will be responsible for filtering out all the results that we have that are also present in the negative cache. This is useful mainly for plugins which don't use name as an input token but can still be affected by filter_{users,groups} options. For now this new function is not being used anywhere. Related: https://pagure.io/SSSD/sssd/issue/3362 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat
-rw-r--r--src/responder/common/cache_req/cache_req_plugin.h13
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_enum_groups.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_enum_svc.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_enum_users.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_group_by_filter.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_group_by_id.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_group_by_name.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_host_by_name.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_object_by_id.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_object_by_name.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_object_by_sid.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_svc_by_name.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_svc_by_port.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_user_by_cert.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_user_by_filter.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_user_by_id.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_user_by_name.c1
-rw-r--r--src/responder/common/cache_req/plugins/cache_req_user_by_upn.c1
21 files changed, 33 insertions, 0 deletions
diff --git a/src/responder/common/cache_req/cache_req_plugin.h b/src/responder/common/cache_req/cache_req_plugin.h
index e0b619528..811732550 100644
--- a/src/responder/common/cache_req/cache_req_plugin.h
+++ b/src/responder/common/cache_req/cache_req_plugin.h
@@ -93,6 +93,18 @@ typedef errno_t
struct cache_req_data *data);
/**
+ * Filter the result through the negative cache.
+ *
+ * This is useful for plugins which don't use name as an input
+ * token but can be affected by filter_users and filter_groups
+ * options.
+ */
+typedef errno_t
+(*cache_req_ncache_filter_fn)(struct sss_nc_ctx *ncache,
+ struct sss_domain_info *domain,
+ const char *name);
+
+/**
* Add an object into global negative cache.
*
* @return EOK If everything went fine.
@@ -207,6 +219,7 @@ struct cache_req_plugin {
cache_req_global_ncache_add_fn global_ncache_add_fn;
cache_req_ncache_check_fn ncache_check_fn;
cache_req_ncache_add_fn ncache_add_fn;
+ cache_req_ncache_filter_fn ncache_filter_fn;
cache_req_lookup_fn lookup_fn;
cache_req_dp_send_fn dp_send_fn;
cache_req_dp_recv_fn dp_recv_fn;
diff --git a/src/responder/common/cache_req/plugins/cache_req_enum_groups.c b/src/responder/common/cache_req/plugins/cache_req_enum_groups.c
index 49ce3508e..11ce9e90f 100644
--- a/src/responder/common/cache_req/plugins/cache_req_enum_groups.c
+++ b/src/responder/common/cache_req/plugins/cache_req_enum_groups.c
@@ -75,6 +75,7 @@ const struct cache_req_plugin cache_req_enum_groups = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = NULL,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_enum_groups_lookup,
.dp_send_fn = cache_req_enum_groups_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_enum_svc.c b/src/responder/common/cache_req/plugins/cache_req_enum_svc.c
index 499b99473..72b2f1a7d 100644
--- a/src/responder/common/cache_req/plugins/cache_req_enum_svc.c
+++ b/src/responder/common/cache_req/plugins/cache_req_enum_svc.c
@@ -76,6 +76,7 @@ const struct cache_req_plugin cache_req_enum_svc = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = NULL,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_enum_svc_lookup,
.dp_send_fn = cache_req_enum_svc_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_enum_users.c b/src/responder/common/cache_req/plugins/cache_req_enum_users.c
index b635354be..e0647a010 100644
--- a/src/responder/common/cache_req/plugins/cache_req_enum_users.c
+++ b/src/responder/common/cache_req/plugins/cache_req_enum_users.c
@@ -75,6 +75,7 @@ const struct cache_req_plugin cache_req_enum_users = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = NULL,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_enum_users_lookup,
.dp_send_fn = cache_req_enum_users_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c b/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c
index 4377a476c..aa89953b8 100644
--- a/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c
+++ b/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c
@@ -131,6 +131,7 @@ const struct cache_req_plugin cache_req_group_by_filter = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = NULL,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_group_by_filter_lookup,
.dp_send_fn = cache_req_group_by_filter_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_group_by_id.c b/src/responder/common/cache_req/plugins/cache_req_group_by_id.c
index ad5b7d890..5613bf67c 100644
--- a/src/responder/common/cache_req/plugins/cache_req_group_by_id.c
+++ b/src/responder/common/cache_req/plugins/cache_req_group_by_id.c
@@ -144,6 +144,7 @@ const struct cache_req_plugin cache_req_group_by_id = {
.global_ncache_add_fn = cache_req_group_by_id_global_ncache_add,
.ncache_check_fn = cache_req_group_by_id_ncache_check,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_group_by_id_lookup,
.dp_send_fn = cache_req_group_by_id_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_group_by_name.c b/src/responder/common/cache_req/plugins/cache_req_group_by_name.c
index de1e8f944..770605181 100644
--- a/src/responder/common/cache_req/plugins/cache_req_group_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_group_by_name.c
@@ -194,6 +194,7 @@ const struct cache_req_plugin cache_req_group_by_name = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = cache_req_group_by_name_ncache_check,
.ncache_add_fn = cache_req_group_by_name_ncache_add,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_group_by_name_lookup,
.dp_send_fn = cache_req_group_by_name_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_host_by_name.c b/src/responder/common/cache_req/plugins/cache_req_host_by_name.c
index 1171cd63f..9cb32f6b1 100644
--- a/src/responder/common/cache_req/plugins/cache_req_host_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_host_by_name.c
@@ -92,6 +92,7 @@ const struct cache_req_plugin cache_req_host_by_name = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = NULL,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_host_by_name_lookup,
.dp_send_fn = cache_req_host_by_name_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c
index f100aefe5..75ac44e1a 100644
--- a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c
@@ -209,6 +209,7 @@ const struct cache_req_plugin cache_req_initgroups_by_name = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = cache_req_initgroups_by_name_ncache_check,
.ncache_add_fn = cache_req_initgroups_by_name_ncache_add,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_initgroups_by_name_lookup,
.dp_send_fn = cache_req_initgroups_by_name_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c
index 266ec7b8a..b6fb43ee0 100644
--- a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c
+++ b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c
@@ -120,6 +120,7 @@ const struct cache_req_plugin cache_req_initgroups_by_upn = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = cache_req_initgroups_by_upn_ncache_check,
.ncache_add_fn = cache_req_initgroups_by_upn_ncache_add,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_initgroups_by_upn_lookup,
.dp_send_fn = cache_req_initgroups_by_upn_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c b/src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c
index ab3e553d3..4d8bb1857 100644
--- a/src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c
@@ -128,6 +128,7 @@ const struct cache_req_plugin cache_req_netgroup_by_name = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = cache_req_netgroup_by_name_ncache_check,
.ncache_add_fn = cache_req_netgroup_by_name_ncache_add,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_netgroup_by_name_lookup,
.dp_send_fn = cache_req_netgroup_by_name_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_object_by_id.c b/src/responder/common/cache_req/plugins/cache_req_object_by_id.c
index 9557bd152..ff3d0e678 100644
--- a/src/responder/common/cache_req/plugins/cache_req_object_by_id.c
+++ b/src/responder/common/cache_req/plugins/cache_req_object_by_id.c
@@ -111,6 +111,7 @@ const struct cache_req_plugin cache_req_object_by_id = {
.global_ncache_add_fn = cache_req_object_by_id_global_ncache_add,
.ncache_check_fn = cache_req_object_by_id_ncache_check,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_object_by_id_lookup,
.dp_send_fn = cache_req_object_by_id_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_object_by_name.c b/src/responder/common/cache_req/plugins/cache_req_object_by_name.c
index e236d1fa4..854d0b83c 100644
--- a/src/responder/common/cache_req/plugins/cache_req_object_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_object_by_name.c
@@ -204,6 +204,7 @@ const struct cache_req_plugin cache_req_object_by_name = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = cache_req_object_by_name_ncache_check,
.ncache_add_fn = cache_req_object_by_name_ncache_add,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_object_by_name_lookup,
.dp_send_fn = cache_req_object_by_name_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c b/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c
index dfec79da0..039a79df7 100644
--- a/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c
+++ b/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c
@@ -120,6 +120,7 @@ const struct cache_req_plugin cache_req_object_by_sid = {
.global_ncache_add_fn = cache_req_object_by_sid_global_ncache_add,
.ncache_check_fn = cache_req_object_by_sid_ncache_check,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_object_by_sid_lookup,
.dp_send_fn = cache_req_object_by_sid_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_svc_by_name.c b/src/responder/common/cache_req/plugins/cache_req_svc_by_name.c
index b2bfb26ff..4c32d9977 100644
--- a/src/responder/common/cache_req/plugins/cache_req_svc_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_svc_by_name.c
@@ -152,6 +152,7 @@ const struct cache_req_plugin cache_req_svc_by_name = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = cache_req_svc_by_name_ncache_check,
.ncache_add_fn = cache_req_svc_by_name_ncache_add,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_svc_by_name_lookup,
.dp_send_fn = cache_req_svc_by_name_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_svc_by_port.c b/src/responder/common/cache_req/plugins/cache_req_svc_by_port.c
index 0e48437f4..1e998f642 100644
--- a/src/responder/common/cache_req/plugins/cache_req_svc_by_port.c
+++ b/src/responder/common/cache_req/plugins/cache_req_svc_by_port.c
@@ -125,6 +125,7 @@ const struct cache_req_plugin cache_req_svc_by_port = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = cache_req_svc_by_port_ncache_check,
.ncache_add_fn = cache_req_svc_by_port_ncache_add,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_svc_by_port_lookup,
.dp_send_fn = cache_req_svc_by_port_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c b/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c
index 286a34db2..7a0c7d8ce 100644
--- a/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c
+++ b/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c
@@ -94,6 +94,7 @@ const struct cache_req_plugin cache_req_user_by_cert = {
.global_ncache_add_fn = cache_req_user_by_cert_global_ncache_add,
.ncache_check_fn = cache_req_user_by_cert_ncache_check,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_user_by_cert_lookup,
.dp_send_fn = cache_req_user_by_cert_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c b/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c
index c47681437..dd3f42e85 100644
--- a/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c
+++ b/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c
@@ -131,6 +131,7 @@ const struct cache_req_plugin cache_req_user_by_filter = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = NULL,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_user_by_filter_lookup,
.dp_send_fn = cache_req_user_by_filter_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_id.c b/src/responder/common/cache_req/plugins/cache_req_user_by_id.c
index 9ba73292e..b14b3738a 100644
--- a/src/responder/common/cache_req/plugins/cache_req_user_by_id.c
+++ b/src/responder/common/cache_req/plugins/cache_req_user_by_id.c
@@ -144,6 +144,7 @@ const struct cache_req_plugin cache_req_user_by_id = {
.global_ncache_add_fn = cache_req_user_by_id_global_ncache_add,
.ncache_check_fn = cache_req_user_by_id_ncache_check,
.ncache_add_fn = NULL,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_user_by_id_lookup,
.dp_send_fn = cache_req_user_by_id_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_name.c b/src/responder/common/cache_req/plugins/cache_req_user_by_name.c
index 15da7d0d2..2e49de938 100644
--- a/src/responder/common/cache_req/plugins/cache_req_user_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_user_by_name.c
@@ -199,6 +199,7 @@ const struct cache_req_plugin cache_req_user_by_name = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = cache_req_user_by_name_ncache_check,
.ncache_add_fn = cache_req_user_by_name_ncache_add,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_user_by_name_lookup,
.dp_send_fn = cache_req_user_by_name_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_upn.c b/src/responder/common/cache_req/plugins/cache_req_user_by_upn.c
index 40a097b16..b8bcd241e 100644
--- a/src/responder/common/cache_req/plugins/cache_req_user_by_upn.c
+++ b/src/responder/common/cache_req/plugins/cache_req_user_by_upn.c
@@ -125,6 +125,7 @@ const struct cache_req_plugin cache_req_user_by_upn = {
.global_ncache_add_fn = NULL,
.ncache_check_fn = cache_req_user_by_upn_ncache_check,
.ncache_add_fn = cache_req_user_by_upn_ncache_add,
+ .ncache_filter_fn = NULL,
.lookup_fn = cache_req_user_by_upn_lookup,
.dp_send_fn = cache_req_user_by_upn_dp_send,
.dp_recv_fn = cache_req_common_dp_recv
generated by cgit (git 2.34.1) at 2024-05-08 07:51:36 +0000