CACHE_REQ: Domain type selection in cache_req

Related to:
    https://pagure.io/SSSD/sssd/issue/3310

Adds a new enumeration cache_req_dom_type. It is a tri-state that
allows the caller to select which domains can be contacted - either only
POSIX, only application domains or any type.

Not all plugins of cache_req have the new parameter added -- only those
that are usable/useful in a non-POSIX environment. For example, it makes
no sense to allow the selection for calls by ID because those are
inherently POSIX-specific. Also, services or netgroups are supported
only coming from POSIX domains.

At the moment, the patch should not change any behaviour as all calls
default to contacting POSIX domains only.

Reviewed-by: Pavel Březina <pbrezina@redhat.com>

1 files changed, 4 insertions, 1 deletions

diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index ba2563c11..fa6d2cc10 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -1315,7 +1315,9 @@ static void pam_forwarder_cert_cb(struct tevent_req *req)
 
 
     req = cache_req_user_by_cert_send(preq, cctx->ev, cctx->rctx,
-                                      pctx->rctx->ncache, 0, NULL, cert);
+                                      pctx->rctx->ncache, 0,
+                                      CACHE_REQ_POSIX_DOM, NULL,
+                                      cert);
     if (req == NULL) {
         DEBUG(SSSDBG_OP_FAILURE, "cache_req_user_by_cert_send failed.\n");
         ret = ENOMEM;
@@ -1507,6 +1509,7 @@ static int pam_check_user_search(struct pam_auth_req *preq)
                            preq->cctx->rctx,
                            preq->cctx->rctx->ncache,
                            0,
+                           CACHE_REQ_POSIX_DOM,
                            preq->pd->domain,
                            data);
     if (!dpreq) {