diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2017-03-24 10:39:12 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-03-30 14:09:22 +0200 |
commit | cee85e8fb9534ec997e5388fce59f392cf029573 (patch) | |
tree | 8d97dfaa6ddaf5ed379c1cfda3a52a36cc4aa731 /src/responder | |
parent | 825e8bf2f73a815c2eceb36ae805145fcbacf74d (diff) | |
download | sssd-cee85e8fb9534ec997e5388fce59f392cf029573.tar.gz sssd-cee85e8fb9534ec997e5388fce59f392cf029573.tar.xz sssd-cee85e8fb9534ec997e5388fce59f392cf029573.zip |
CACHE_REQ: Domain type selection in cache_req
Related to:
https://pagure.io/SSSD/sssd/issue/3310
Adds a new enumeration cache_req_dom_type. It is a tri-state that
allows the caller to select which domains can be contacted - either only
POSIX, only application domains or any type.
Not all plugins of cache_req have the new parameter added -- only those
that are usable/useful in a non-POSIX environment. For example, it makes
no sense to allow the selection for calls by ID because those are
inherently POSIX-specific. Also, services or netgroups are supported
only coming from POSIX domains.
At the moment, the patch should not change any behaviour as all calls
default to contacting POSIX domains only.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/responder')
28 files changed, 195 insertions, 36 deletions
diff --git a/src/responder/common/cache_req/cache_req.c b/src/responder/common/cache_req/cache_req.c index 483126396..3a5fecf34 100644 --- a/src/responder/common/cache_req/cache_req.c +++ b/src/responder/common/cache_req/cache_req.c @@ -89,12 +89,31 @@ static errno_t cache_req_set_plugin(struct cache_req *cr, return EOK; } +static const char * +cache_req_dom_type_as_str(struct cache_req *cr) +{ + if (cr == NULL) { + return "BUG: Invalid cache_req pointer\n"; + } + switch (cr->req_dom_type) { + case CACHE_REQ_POSIX_DOM: + return "POSIX-only"; + case CACHE_REQ_APPLICATION_DOM: + return "Application-only"; + case CACHE_REQ_ANY_DOM: + return "Any"; + } + + return "Unknown"; +} + static struct cache_req * cache_req_create(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct cache_req_data *data, struct sss_nc_ctx *ncache, - int midpoint) + int midpoint, + enum cache_req_dom_type req_dom_type) { struct cache_req *cr; errno_t ret; @@ -108,6 +127,7 @@ cache_req_create(TALLOC_CTX *mem_ctx, cr->data = data; cr->ncache = ncache; cr->midpoint = midpoint; + cr->req_dom_type = req_dom_type; cr->req_start = time(NULL); /* It is perfectly fine to just overflow here. */ @@ -145,8 +165,8 @@ cache_req_set_name(struct cache_req *cr, const char *name) } static bool -cache_req_validate_domain(struct cache_req *cr, - struct sss_domain_info *domain) +cache_req_validate_domain_enumeration(struct cache_req *cr, + struct sss_domain_info *domain) { if (!cr->plugin->require_enumeration) { return true; @@ -164,6 +184,52 @@ cache_req_validate_domain(struct cache_req *cr, return true; } +static bool +cache_req_validate_domain_type(struct cache_req *cr, + struct sss_domain_info *domain) +{ + bool valid = false; + + switch (cr->req_dom_type) { + case CACHE_REQ_POSIX_DOM: + valid = domain->type == DOM_TYPE_POSIX ? true : false; + break; + case CACHE_REQ_APPLICATION_DOM: + valid = domain->type == DOM_TYPE_APPLICATION ? true : false; + break; + case CACHE_REQ_ANY_DOM: + valid = true; + break; + } + + DEBUG(SSSDBG_TRACE_INTERNAL, + "Request type %s for domain %s type %s is %svalid\n", + cache_req_dom_type_as_str(cr), + domain->name, + sss_domain_type_str(domain), + valid ? "" : "not "); + return valid; +} + +static bool +cache_req_validate_domain(struct cache_req *cr, + struct sss_domain_info *domain) +{ + bool ok; + + ok = cache_req_validate_domain_enumeration(cr, domain); + if (ok == false) { + return false; + } + + ok = cache_req_validate_domain_type(cr, domain); + if (ok == false) { + return false; + } + + return true; +} + static errno_t cache_req_is_well_known_object(TALLOC_CTX *mem_ctx, struct cache_req *cr, @@ -651,6 +717,7 @@ struct tevent_req *cache_req_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int midpoint, + enum cache_req_dom_type req_dom_type, const char *domain, struct cache_req_data *data) { @@ -667,7 +734,8 @@ struct tevent_req *cache_req_send(TALLOC_CTX *mem_ctx, } state->ev = ev; - state->cr = cr = cache_req_create(state, rctx, data, ncache, midpoint); + state->cr = cr = cache_req_create(state, rctx, data, + ncache, midpoint, req_dom_type); if (state->cr == NULL) { ret = ENOMEM; goto done; @@ -952,13 +1020,15 @@ cache_req_steal_data_and_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, struct cache_req_data *data) { struct tevent_req *req; req = cache_req_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + req_dom_type, domain, data); if (req == NULL) { talloc_zfree(data); return NULL; diff --git a/src/responder/common/cache_req/cache_req.h b/src/responder/common/cache_req/cache_req.h index d0e5ff439..c04b2fba6 100644 --- a/src/responder/common/cache_req/cache_req.h +++ b/src/responder/common/cache_req/cache_req.h @@ -57,6 +57,18 @@ enum cache_req_type { CACHE_REQ_SENTINEL }; +/* Whether to limit the request type to a certain domain type + * (POSIX/non-POSIX) + */ +enum cache_req_dom_type { + /* Only look up data in POSIX domains */ + CACHE_REQ_POSIX_DOM, + /* Only look up data in application domains */ + CACHE_REQ_APPLICATION_DOM, + /* Look up data in any domain type */ + CACHE_REQ_ANY_DOM +}; + /* Input data. */ struct cache_req_data; @@ -172,6 +184,7 @@ struct tevent_req *cache_req_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int midpoint, + enum cache_req_dom_type req_dom_type, const char *domain, struct cache_req_data *data); @@ -191,6 +204,7 @@ cache_req_user_by_name_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, const char *name); @@ -228,6 +242,7 @@ cache_req_user_by_cert_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, const char *pem_cert); @@ -240,6 +255,7 @@ cache_req_group_by_name_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, const char *name); @@ -264,6 +280,7 @@ cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, const char *name); @@ -274,6 +291,7 @@ struct tevent_req * cache_req_user_by_filter_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct resp_ctx *rctx, + enum cache_req_dom_type req_dom_type, const char *domain, const char *filter); @@ -284,6 +302,7 @@ struct tevent_req * cache_req_group_by_filter_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct resp_ctx *rctx, + enum cache_req_dom_type req_dom_type, const char *domain, const char *filter); diff --git a/src/responder/common/cache_req/cache_req_private.h b/src/responder/common/cache_req/cache_req_private.h index 2d3c18707..851005c38 100644 --- a/src/responder/common/cache_req/cache_req_private.h +++ b/src/responder/common/cache_req/cache_req_private.h @@ -42,6 +42,8 @@ struct cache_req { struct sss_domain_info *domain; bool cache_first; bool bypass_cache; + /* Only contact domains with this type */ + enum cache_req_dom_type req_dom_type; /* Debug information */ uint32_t reqid; @@ -108,6 +110,7 @@ cache_req_steal_data_and_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, struct cache_req_data *data); diff --git a/src/responder/common/cache_req/plugins/cache_req_enum_groups.c b/src/responder/common/cache_req/plugins/cache_req_enum_groups.c index dbb40c983..49ce3508e 100644 --- a/src/responder/common/cache_req/plugins/cache_req_enum_groups.c +++ b/src/responder/common/cache_req/plugins/cache_req_enum_groups.c @@ -96,5 +96,7 @@ cache_req_enum_groups_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_enum_svc.c b/src/responder/common/cache_req/plugins/cache_req_enum_svc.c index 28dea33c6..499b99473 100644 --- a/src/responder/common/cache_req/plugins/cache_req_enum_svc.c +++ b/src/responder/common/cache_req/plugins/cache_req_enum_svc.c @@ -97,5 +97,6 @@ cache_req_enum_svc_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_enum_users.c b/src/responder/common/cache_req/plugins/cache_req_enum_users.c index 3b1a85841..b635354be 100644 --- a/src/responder/common/cache_req/plugins/cache_req_enum_users.c +++ b/src/responder/common/cache_req/plugins/cache_req_enum_users.c @@ -96,5 +96,7 @@ cache_req_enum_users_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c b/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c index 6ce6ae0d6..4377a476c 100644 --- a/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c +++ b/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c @@ -140,6 +140,7 @@ struct tevent_req * cache_req_group_by_filter_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct resp_ctx *rctx, + enum cache_req_dom_type req_dom_type, const char *domain, const char *filter) { @@ -151,5 +152,7 @@ cache_req_group_by_filter_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, NULL, - 0, domain, data); + 0, + req_dom_type, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_group_by_id.c b/src/responder/common/cache_req/plugins/cache_req_group_by_id.c index e98f76f8c..ad5b7d890 100644 --- a/src/responder/common/cache_req/plugins/cache_req_group_by_id.c +++ b/src/responder/common/cache_req/plugins/cache_req_group_by_id.c @@ -166,5 +166,7 @@ cache_req_group_by_id_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_group_by_name.c b/src/responder/common/cache_req/plugins/cache_req_group_by_name.c index af6f23ccf..de1e8f944 100644 --- a/src/responder/common/cache_req/plugins/cache_req_group_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_group_by_name.c @@ -205,6 +205,7 @@ cache_req_group_by_name_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, const char *name) { @@ -216,5 +217,7 @@ cache_req_group_by_name_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + req_dom_type, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_host_by_name.c b/src/responder/common/cache_req/plugins/cache_req_host_by_name.c index 77b46831f..1171cd63f 100644 --- a/src/responder/common/cache_req/plugins/cache_req_host_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_host_by_name.c @@ -117,5 +117,7 @@ cache_req_host_by_name_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c index 307b65a24..f100aefe5 100644 --- a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c @@ -220,6 +220,7 @@ cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, const char *name) { @@ -231,5 +232,7 @@ cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + req_dom_type, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c b/src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c index e49d6d84a..ab3e553d3 100644 --- a/src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c @@ -150,5 +150,7 @@ cache_req_netgroup_by_name_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_object_by_id.c b/src/responder/common/cache_req/plugins/cache_req_object_by_id.c index 046e313c8..9557bd152 100644 --- a/src/responder/common/cache_req/plugins/cache_req_object_by_id.c +++ b/src/responder/common/cache_req/plugins/cache_req_object_by_id.c @@ -134,5 +134,7 @@ cache_req_object_by_id_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_object_by_name.c b/src/responder/common/cache_req/plugins/cache_req_object_by_name.c index 74d2b3dea..e236d1fa4 100644 --- a/src/responder/common/cache_req/plugins/cache_req_object_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_object_by_name.c @@ -228,5 +228,7 @@ cache_req_object_by_name_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c b/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c index ab5776631..dfec79da0 100644 --- a/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c +++ b/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c @@ -143,5 +143,7 @@ cache_req_object_by_sid_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_svc_by_name.c b/src/responder/common/cache_req/plugins/cache_req_svc_by_name.c index ef13f097a..b2bfb26ff 100644 --- a/src/responder/common/cache_req/plugins/cache_req_svc_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_svc_by_name.c @@ -175,5 +175,7 @@ cache_req_svc_by_name_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_svc_by_port.c b/src/responder/common/cache_req/plugins/cache_req_svc_by_port.c index afa2eeeda..0e48437f4 100644 --- a/src/responder/common/cache_req/plugins/cache_req_svc_by_port.c +++ b/src/responder/common/cache_req/plugins/cache_req_svc_by_port.c @@ -149,5 +149,7 @@ cache_req_svc_by_port_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c b/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c index f237c8d0f..286a34db2 100644 --- a/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c +++ b/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c @@ -105,6 +105,7 @@ cache_req_user_by_cert_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, const char *pem_cert) { @@ -117,5 +118,6 @@ cache_req_user_by_cert_send(TALLOC_CTX *mem_ctx, return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, cache_refresh_percent, - domain, data); + req_dom_type, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c b/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c index eb71b42da..c47681437 100644 --- a/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c +++ b/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c @@ -140,6 +140,7 @@ struct tevent_req * cache_req_user_by_filter_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct resp_ctx *rctx, + enum cache_req_dom_type req_dom_type, const char *domain, const char *filter) { @@ -151,5 +152,7 @@ cache_req_user_by_filter_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, NULL, - 0, domain, data); + 0, + req_dom_type, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_id.c b/src/responder/common/cache_req/plugins/cache_req_user_by_id.c index fa783714b..9ba73292e 100644 --- a/src/responder/common/cache_req/plugins/cache_req_user_by_id.c +++ b/src/responder/common/cache_req/plugins/cache_req_user_by_id.c @@ -166,5 +166,7 @@ cache_req_user_by_id_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_name.c b/src/responder/common/cache_req/plugins/cache_req_user_by_name.c index 0670febdc..15da7d0d2 100644 --- a/src/responder/common/cache_req/plugins/cache_req_user_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_user_by_name.c @@ -210,6 +210,7 @@ cache_req_user_by_name_send(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx, struct sss_nc_ctx *ncache, int cache_refresh_percent, + enum cache_req_dom_type req_dom_type, const char *domain, const char *name) { @@ -221,7 +222,9 @@ cache_req_user_by_name_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + req_dom_type, domain, + data); } struct tevent_req * @@ -243,5 +246,7 @@ cache_req_user_by_name_attrs_send(TALLOC_CTX *mem_ctx, } return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache, - cache_refresh_percent, domain, data); + cache_refresh_percent, + CACHE_REQ_POSIX_DOM, domain, + data); } diff --git a/src/responder/ifp/ifp_groups.c b/src/responder/ifp/ifp_groups.c index 94d1e84cc..99908e96b 100644 --- a/src/responder/ifp/ifp_groups.c +++ b/src/responder/ifp/ifp_groups.c @@ -118,7 +118,9 @@ int ifp_groups_find_by_name(struct sbus_request *sbus_req, } req = cache_req_group_by_name_send(sbus_req, ctx->rctx->ev, ctx->rctx, - ctx->rctx->ncache, 0, NULL, name); + ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, NULL, + name); if (req == NULL) { return ENOMEM; } @@ -271,6 +273,7 @@ static int ifp_groups_list_by_name_step(struct ifp_list_ctx *list_ctx) req = cache_req_group_by_filter_send(list_ctx, list_ctx->ctx->rctx->ev, list_ctx->ctx->rctx, + CACHE_REQ_POSIX_DOM, list_ctx->dom->name, list_ctx->filter); if (req == NULL) { @@ -355,7 +358,8 @@ int ifp_groups_list_by_domain_and_name(struct sbus_request *sbus_req, } req = cache_req_group_by_filter_send(list_ctx, ctx->rctx->ev, ctx->rctx, - domain, filter); + CACHE_REQ_POSIX_DOM, + domain, filter); if (req == NULL) { return ENOMEM; } @@ -522,7 +526,10 @@ static struct tevent_req *resolv_ghosts_send(TALLOC_CTX *mem_ctx, } subreq = cache_req_group_by_name_send(state, ev, ctx->rctx, - ctx->rctx->ncache, 0, domain->name, name); + ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, + domain->name, + name); if (subreq == NULL) { ret = ENOMEM; goto immediately; @@ -601,6 +608,7 @@ errno_t resolv_ghosts_step(struct tevent_req *req) subreq = cache_req_user_by_name_send(state, state->ev, state->ctx->rctx, state->ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, state->domain->name, state->ghosts[state->index]); if (subreq == NULL) { diff --git a/src/responder/ifp/ifp_users.c b/src/responder/ifp/ifp_users.c index cc78300f3..436bb268f 100644 --- a/src/responder/ifp/ifp_users.c +++ b/src/responder/ifp/ifp_users.c @@ -99,7 +99,9 @@ int ifp_users_find_by_name(struct sbus_request *sbus_req, } req = cache_req_user_by_name_send(sbus_req, ctx->rctx->ev, ctx->rctx, - ctx->rctx->ncache, 0, NULL, name); + ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, + NULL, name); if (req == NULL) { return ENOMEM; } @@ -253,7 +255,9 @@ int ifp_users_find_by_cert(struct sbus_request *sbus_req, void *data, } req = cache_req_user_by_cert_send(sbus_req, ctx->rctx->ev, ctx->rctx, - ctx->rctx->ncache, 0, NULL, derb64); + ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, NULL, + derb64); if (req == NULL) { return ENOMEM; } @@ -367,6 +371,7 @@ static int ifp_users_list_by_cert_step(struct ifp_list_ctx *list_ctx) list_ctx->ctx->rctx, list_ctx->ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, list_ctx->dom->name, list_ctx->filter); if (req == NULL) { @@ -532,7 +537,9 @@ int ifp_users_find_by_name_and_cert(struct sbus_request *sbus_req, void *data, if (name_and_cert_ctx->name != NULL) { req = cache_req_user_by_name_send(sbus_req, ctx->rctx->ev, ctx->rctx, - ctx->rctx->ncache, 0, NULL, + ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, + NULL, name_and_cert_ctx->name); if (req == NULL) { return ENOMEM; @@ -614,6 +621,7 @@ static int ifp_users_find_by_name_and_cert_step( list_ctx->ctx->rctx, list_ctx->ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, list_ctx->dom->name, list_ctx->filter); if (req == NULL) { @@ -774,6 +782,7 @@ static int ifp_users_list_by_name_step(struct ifp_list_ctx *list_ctx) req = cache_req_user_by_filter_send(list_ctx, list_ctx->ctx->rctx->ev, list_ctx->ctx->rctx, + CACHE_REQ_POSIX_DOM, list_ctx->dom->name, list_ctx->filter); if (req == NULL) { @@ -858,6 +867,7 @@ int ifp_users_list_by_domain_and_name(struct sbus_request *sbus_req, } req = cache_req_user_by_filter_send(list_ctx, ctx->rctx->ev, ctx->rctx, + CACHE_REQ_POSIX_DOM, domain, filter); if (req == NULL) { return ENOMEM; @@ -1102,7 +1112,8 @@ int ifp_users_user_update_groups_list(struct sbus_request *sbus_req, } req = cache_req_initgr_by_name_send(sbus_req, ctx->rctx->ev, ctx->rctx, - ctx->rctx->ncache, 0, domain->name, + ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, domain->name, username); if (req == NULL) { return ENOMEM; diff --git a/src/responder/ifp/ifpsrv_cmd.c b/src/responder/ifp/ifpsrv_cmd.c index 07edcddff..118b5083b 100644 --- a/src/responder/ifp/ifpsrv_cmd.c +++ b/src/responder/ifp/ifpsrv_cmd.c @@ -509,7 +509,8 @@ ifp_user_get_attr_lookup(struct tevent_req *subreq) } subreq = cache_req_send(state, state->rctx->ev, state->rctx, - state->ncache, 0, state->domname, data); + state->ncache, 0, CACHE_REQ_POSIX_DOM, + state->domname, data); if (subreq == NULL) { tevent_req_error(req, ENOMEM); return; diff --git a/src/responder/nss/nss_enum.c b/src/responder/nss/nss_enum.c index b1cce2cde..aa7d8428f 100644 --- a/src/responder/nss/nss_enum.c +++ b/src/responder/nss/nss_enum.c @@ -93,7 +93,7 @@ nss_setent_internal_send(TALLOC_CTX *mem_ctx, /* Create new object. */ state->enum_ctx->is_ready = false; subreq = cache_req_send(req, ev, cli_ctx->rctx, cli_ctx->rctx->ncache, - 0, NULL, data); + 0, CACHE_REQ_POSIX_DOM, NULL, data); if (subreq == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to send cache request!\n"); ret = ENOMEM; diff --git a/src/responder/nss/nss_get_object.c b/src/responder/nss/nss_get_object.c index f83dd393c..9058793ea 100644 --- a/src/responder/nss/nss_get_object.c +++ b/src/responder/nss/nss_get_object.c @@ -190,7 +190,8 @@ nss_get_object_send(TALLOC_CTX *mem_ctx, } subreq = cache_req_send(req, ev, cli_ctx->rctx, cli_ctx->rctx->ncache, - state->nss_ctx->cache_refresh_percent, NULL, data); + state->nss_ctx->cache_refresh_percent, + CACHE_REQ_POSIX_DOM, NULL, data); if (subreq == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to send cache request!\n"); ret = ENOMEM; diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index ba2563c11..fa6d2cc10 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -1315,7 +1315,9 @@ static void pam_forwarder_cert_cb(struct tevent_req *req) req = cache_req_user_by_cert_send(preq, cctx->ev, cctx->rctx, - pctx->rctx->ncache, 0, NULL, cert); + pctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, NULL, + cert); if (req == NULL) { DEBUG(SSSDBG_OP_FAILURE, "cache_req_user_by_cert_send failed.\n"); ret = ENOMEM; @@ -1507,6 +1509,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) preq->cctx->rctx, preq->cctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, preq->pd->domain, data); if (!dpreq) { diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index 52dfd5c70..cfdbfc9c9 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -644,7 +644,8 @@ struct tevent_req *sudosrv_get_rules_send(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_TRACE_FUNC, "Running initgroups for [%s]\n", username); subreq = cache_req_initgr_by_name_send(state, ev, sudo_ctx->rctx, - sudo_ctx->rctx->ncache, 0, NULL, + sudo_ctx->rctx->ncache, 0, + CACHE_REQ_POSIX_DOM, NULL, username); if (subreq == NULL) { ret = ENOMEM; |