summaryrefslogtreecommitdiffstats
path: root/src/sss_client
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2016-04-26 13:13:43 +0200
committerLukas Slebodnik <lslebodn@redhat.com>2016-06-09 16:12:25 +0200
commit9c88f837ffacf6548c13825589b327de1a5525f3 (patch)
tree1332f430c8a47b065fefd43c80c6558ee02fb005 /src/sss_client
parent1a45124f3f300f9afdcb08eab0938e5e7d0534d9 (diff)
downloadsssd-9c88f837ffacf6548c13825589b327de1a5525f3.tar.gz
sssd-9c88f837ffacf6548c13825589b327de1a5525f3.tar.xz
sssd-9c88f837ffacf6548c13825589b327de1a5525f3.zip
nss-idmap: add sss_nss_getnamebycert()
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/sss_client')
-rw-r--r--src/sss_client/idmap/sss_nss_idmap.c26
-rw-r--r--src/sss_client/idmap/sss_nss_idmap.exports6
-rw-r--r--src/sss_client/idmap/sss_nss_idmap.h15
3 files changed, 46 insertions, 1 deletions
diff --git a/src/sss_client/idmap/sss_nss_idmap.c b/src/sss_client/idmap/sss_nss_idmap.c
index 55d8043bd..fa5a499e3 100644
--- a/src/sss_client/idmap/sss_nss_idmap.c
+++ b/src/sss_client/idmap/sss_nss_idmap.c
@@ -159,7 +159,8 @@ static int sss_nss_getyyybyxxx(union input inp, enum sss_cli_command cmd ,
case SSS_NSS_GETNAMEBYSID:
case SSS_NSS_GETIDBYSID:
case SSS_NSS_GETORIGBYNAME:
- ret = sss_strnlen(inp.str, SSS_NAME_MAX, &inp_len);
+ case SSS_NSS_GETNAMEBYCERT:
+ ret = sss_strnlen(inp.str, 2048, &inp_len);
if (ret != EOK) {
return EINVAL;
}
@@ -209,6 +210,7 @@ static int sss_nss_getyyybyxxx(union input inp, enum sss_cli_command cmd ,
case SSS_NSS_GETSIDBYID:
case SSS_NSS_GETSIDBYNAME:
case SSS_NSS_GETNAMEBYSID:
+ case SSS_NSS_GETNAMEBYCERT:
if (data_len <= 1 || repbuf[replen - 1] != '\0') {
ret = EBADMSG;
goto done;
@@ -368,3 +370,25 @@ int sss_nss_getorigbyname(const char *fq_name, struct sss_nss_kv **kv_list,
return ret;
}
+
+int sss_nss_getnamebycert(const char *cert, char **fq_name,
+ enum sss_id_type *type)
+{
+ int ret;
+ union input inp;
+ struct output out;
+
+ if (fq_name == NULL || cert == NULL || *cert == '\0') {
+ return EINVAL;
+ }
+
+ inp.str = cert;
+
+ ret = sss_nss_getyyybyxxx(inp, SSS_NSS_GETNAMEBYCERT, &out);
+ if (ret == EOK) {
+ *fq_name = out.d.str;
+ *type = out.type;
+ }
+
+ return ret;
+}
diff --git a/src/sss_client/idmap/sss_nss_idmap.exports b/src/sss_client/idmap/sss_nss_idmap.exports
index 8aa470241..bd5d80212 100644
--- a/src/sss_client/idmap/sss_nss_idmap.exports
+++ b/src/sss_client/idmap/sss_nss_idmap.exports
@@ -19,3 +19,9 @@ SSS_NSS_IDMAP_0.1.0 {
sss_nss_getorigbyname;
sss_nss_free_kv;
} SSS_NSS_IDMAP_0.0.1;
+
+SSS_NSS_IDMAP_0.2.0 {
+ # public functions
+ global:
+ sss_nss_getnamebycert;
+} SSS_NSS_IDMAP_0.1.0;
diff --git a/src/sss_client/idmap/sss_nss_idmap.h b/src/sss_client/idmap/sss_nss_idmap.h
index 78a8a11c1..8a6299194 100644
--- a/src/sss_client/idmap/sss_nss_idmap.h
+++ b/src/sss_client/idmap/sss_nss_idmap.h
@@ -124,6 +124,21 @@ int sss_nss_getorigbyname(const char *fq_name, struct sss_nss_kv **kv_list,
enum sss_id_type *type);
/**
+ * @brief Return the fully qualified name for the given base64 encoded
+ * X.509 certificate in DER format
+ *
+ * @param[in] cert base64 encoded certificate
+ * @param[out] fq_name Fully qualified name of a user or a group,
+ * must be freed by the caller
+ * @param[out] type Type of the object related to the SID
+ *
+ * @return
+ * - see #sss_nss_getsidbyname
+ */
+int sss_nss_getnamebycert(const char *cert, char **fq_name,
+ enum sss_id_type *type);
+
+/**
* @brief Free key-value list returned by sss_nss_getorigbyname()
*
* @param[in] kv_list Key-value list returned by sss_nss_getorigbyname().
generated by cgit (git 2.34.1) at 2024-06-11 05:45:43 +0000