diff options
author | Sumit Bose <sbose@redhat.com> | 2016-04-26 13:13:43 +0200 |
---|---|---|
committer | Lukas Slebodnik <lslebodn@redhat.com> | 2016-06-09 16:12:25 +0200 |
commit | 9c88f837ffacf6548c13825589b327de1a5525f3 (patch) | |
tree | 1332f430c8a47b065fefd43c80c6558ee02fb005 /src/sss_client | |
parent | 1a45124f3f300f9afdcb08eab0938e5e7d0534d9 (diff) | |
download | sssd-9c88f837ffacf6548c13825589b327de1a5525f3.tar.gz sssd-9c88f837ffacf6548c13825589b327de1a5525f3.tar.xz sssd-9c88f837ffacf6548c13825589b327de1a5525f3.zip |
nss-idmap: add sss_nss_getnamebycert()
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/sss_client')
-rw-r--r-- | src/sss_client/idmap/sss_nss_idmap.c | 26 | ||||
-rw-r--r-- | src/sss_client/idmap/sss_nss_idmap.exports | 6 | ||||
-rw-r--r-- | src/sss_client/idmap/sss_nss_idmap.h | 15 |
3 files changed, 46 insertions, 1 deletions
diff --git a/src/sss_client/idmap/sss_nss_idmap.c b/src/sss_client/idmap/sss_nss_idmap.c index 55d8043bd..fa5a499e3 100644 --- a/src/sss_client/idmap/sss_nss_idmap.c +++ b/src/sss_client/idmap/sss_nss_idmap.c @@ -159,7 +159,8 @@ static int sss_nss_getyyybyxxx(union input inp, enum sss_cli_command cmd , case SSS_NSS_GETNAMEBYSID: case SSS_NSS_GETIDBYSID: case SSS_NSS_GETORIGBYNAME: - ret = sss_strnlen(inp.str, SSS_NAME_MAX, &inp_len); + case SSS_NSS_GETNAMEBYCERT: + ret = sss_strnlen(inp.str, 2048, &inp_len); if (ret != EOK) { return EINVAL; } @@ -209,6 +210,7 @@ static int sss_nss_getyyybyxxx(union input inp, enum sss_cli_command cmd , case SSS_NSS_GETSIDBYID: case SSS_NSS_GETSIDBYNAME: case SSS_NSS_GETNAMEBYSID: + case SSS_NSS_GETNAMEBYCERT: if (data_len <= 1 || repbuf[replen - 1] != '\0') { ret = EBADMSG; goto done; @@ -368,3 +370,25 @@ int sss_nss_getorigbyname(const char *fq_name, struct sss_nss_kv **kv_list, return ret; } + +int sss_nss_getnamebycert(const char *cert, char **fq_name, + enum sss_id_type *type) +{ + int ret; + union input inp; + struct output out; + + if (fq_name == NULL || cert == NULL || *cert == '\0') { + return EINVAL; + } + + inp.str = cert; + + ret = sss_nss_getyyybyxxx(inp, SSS_NSS_GETNAMEBYCERT, &out); + if (ret == EOK) { + *fq_name = out.d.str; + *type = out.type; + } + + return ret; +} diff --git a/src/sss_client/idmap/sss_nss_idmap.exports b/src/sss_client/idmap/sss_nss_idmap.exports index 8aa470241..bd5d80212 100644 --- a/src/sss_client/idmap/sss_nss_idmap.exports +++ b/src/sss_client/idmap/sss_nss_idmap.exports @@ -19,3 +19,9 @@ SSS_NSS_IDMAP_0.1.0 { sss_nss_getorigbyname; sss_nss_free_kv; } SSS_NSS_IDMAP_0.0.1; + +SSS_NSS_IDMAP_0.2.0 { + # public functions + global: + sss_nss_getnamebycert; +} SSS_NSS_IDMAP_0.1.0; diff --git a/src/sss_client/idmap/sss_nss_idmap.h b/src/sss_client/idmap/sss_nss_idmap.h index 78a8a11c1..8a6299194 100644 --- a/src/sss_client/idmap/sss_nss_idmap.h +++ b/src/sss_client/idmap/sss_nss_idmap.h @@ -124,6 +124,21 @@ int sss_nss_getorigbyname(const char *fq_name, struct sss_nss_kv **kv_list, enum sss_id_type *type); /** + * @brief Return the fully qualified name for the given base64 encoded + * X.509 certificate in DER format + * + * @param[in] cert base64 encoded certificate + * @param[out] fq_name Fully qualified name of a user or a group, + * must be freed by the caller + * @param[out] type Type of the object related to the SID + * + * @return + * - see #sss_nss_getsidbyname + */ +int sss_nss_getnamebycert(const char *cert, char **fq_name, + enum sss_id_type *type); + +/** * @brief Free key-value list returned by sss_nss_getorigbyname() * * @param[in] kv_list Key-value list returned by sss_nss_getorigbyname(). |