diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2016-10-14 13:55:57 +0200 |
|---|---|---|
| committer | Lukas Slebodnik <lslebodn@redhat.com> | 2016-12-19 23:22:58 +0100 |
| commit | 3df5c41c19ef852021819954a2db1d067844d136 (patch) | |
| tree | 3b619cfc1dfd5e4327c67fce30d1674a340fa321 /src | |
| parent | b206e1abb7f6ea373d12537b3338552aed6b656d (diff) | |
| download | sssd-3df5c41c19ef852021819954a2db1d067844d136.tar.gz sssd-3df5c41c19ef852021819954a2db1d067844d136.tar.xz sssd-3df5c41c19ef852021819954a2db1d067844d136.zip | |
cache_req: add ability to gather result from all domains
This is preparation for enumeration support inside cache_req.
Resolves:
https://fedorahosted.org/sssd/ticket/3151
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src')
13 files changed, 71 insertions, 17 deletions
diff --git a/src/responder/common/cache_req/cache_req.c b/src/responder/common/cache_req/cache_req.c index e71a59a25..327ef1dc1 100644 --- a/src/responder/common/cache_req/cache_req.c +++ b/src/responder/common/cache_req/cache_req.c @@ -472,9 +472,17 @@ static errno_t cache_req_next_domain(struct tevent_req *req) return EAGAIN; } - /* If the object searched has to be unique among all maintained domains, - * we have to add it into negative cache here when all domains have - * been searched. */ + /* If we've got some result from previous searches we want to return + * EOK here so the whole cache request is successfully finished. */ + if (state->num_results > 0) { + return EOK; + } + + /* We have searched all available domains and no result was found. + * + * If the plug-in uses a negative cache which is shared among all domains + * (e.g. unique identifires such as user or group id or sid), we add it + * here and return object not found error. */ cache_req_global_ncache_add(cr); return ENOENT; @@ -543,35 +551,64 @@ static void cache_req_done(struct tevent_req *subreq) ret = cache_req_search_recv(state, subreq, &result); talloc_zfree(subreq); - if (ret == EOK) { + + switch (ret) { + case EOK: + /* We got some data from this search. Save it. */ ret = cache_req_create_and_add_result(state, state->selected_domain, - result, state->cr->data->name.lookup); - goto done; - } + result, + state->cr->data->name.lookup); + if (ret != EOK) { + /* We were unable to save data. */ + goto done; + } - if (state->check_next == false) { - if (ret == ENOENT && cache_req_assume_upn(state->cr)) { - /* search by upn now */ - cache_req_select_domains(req, NULL); - return; + if (!state->check_next || !state->cr->plugin->search_all_domains) { + /* We are not interested in more results. */ + ret = EOK; + goto done; } - goto done; - } + break; + case ENOENT: + if (state->check_next == false) { + /* Lookup domain was specified as input. + * We don't want to try the next domain, + * but we may want to try UPN search. */ + + if (cache_req_assume_upn(state->cr)) { + /* Try UPN now. */ + ret = cache_req_select_domains(req, NULL); + goto done; + } + + /* Not found. */ + ret = ENOENT; + goto done; + } - ret = cache_req_next_domain(req); - if (ret != EAGAIN) { + break; + default: + /* Some serious error has happened. Finish. */ goto done; } - return; + /* This is a domain less search, continue with the next domain. */ + ret = cache_req_next_domain(req); done: + if (ret == ENOENT && state->results != NULL) { + /* We have at least one result. */ + ret = EOK; + } + switch (ret) { case EOK: CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr, "Finished: Success\n"); tevent_req_done(req); break; + case EAGAIN: + break; case ENOENT: CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr, "Finished: Not found\n"); tevent_req_error(req, ret); diff --git a/src/responder/common/cache_req/cache_req_plugin.h b/src/responder/common/cache_req/cache_req_plugin.h index 6f318df0b..65e52ad09 100644 --- a/src/responder/common/cache_req/cache_req_plugin.h +++ b/src/responder/common/cache_req/cache_req_plugin.h @@ -151,6 +151,12 @@ struct cache_req_plugin { bool only_one_result; /** + * If true, cache request will iterate over all domains on domain-less + * search and merge acquired results. + */ + bool search_all_domains; + + /** * Allow missing domain part even if domain requires fully qualified name * on domain less searches. */ diff --git a/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c b/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c index fc21aff56..00d9a44a0 100644 --- a/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c +++ b/src/responder/common/cache_req/plugins/cache_req_group_by_filter.c @@ -121,6 +121,7 @@ struct cache_req_plugin cache_req_group_by_filter = { .parse_name = true, .bypass_cache = true, .only_one_result = false, + .search_all_domains = false, .allow_missing_fqn = false, .allow_switch_to_upn = false, .upn_equivalent = CACHE_REQ_SENTINEL, diff --git a/src/responder/common/cache_req/plugins/cache_req_group_by_id.c b/src/responder/common/cache_req/plugins/cache_req_group_by_id.c index 7d84d4aeb..5356fd592 100644 --- a/src/responder/common/cache_req/plugins/cache_req_group_by_id.c +++ b/src/responder/common/cache_req/plugins/cache_req_group_by_id.c @@ -109,6 +109,7 @@ struct cache_req_plugin cache_req_group_by_id = { .parse_name = false, .bypass_cache = false, .only_one_result = true, + .search_all_domains = false, .allow_missing_fqn = false, .allow_switch_to_upn = false, .upn_equivalent = CACHE_REQ_SENTINEL, diff --git a/src/responder/common/cache_req/plugins/cache_req_group_by_name.c b/src/responder/common/cache_req/plugins/cache_req_group_by_name.c index 863082ef9..4bf330155 100644 --- a/src/responder/common/cache_req/plugins/cache_req_group_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_group_by_name.c @@ -159,6 +159,7 @@ struct cache_req_plugin cache_req_group_by_name = { .parse_name = true, .bypass_cache = false, .only_one_result = true, + .search_all_domains = false, .allow_missing_fqn = false, .allow_switch_to_upn = false, .upn_equivalent = CACHE_REQ_SENTINEL, diff --git a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c index 8755d7e9c..fdc30c9f0 100644 --- a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c @@ -174,6 +174,7 @@ struct cache_req_plugin cache_req_initgroups_by_name = { .parse_name = true, .bypass_cache = false, .only_one_result = false, + .search_all_domains = false, .allow_missing_fqn = false, .allow_switch_to_upn = true, .upn_equivalent = CACHE_REQ_INITGROUPS_BY_UPN, diff --git a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c index a8cf81ee0..04e337c9a 100644 --- a/src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c +++ b/src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c @@ -110,6 +110,7 @@ struct cache_req_plugin cache_req_initgroups_by_upn = { .parse_name = false, .bypass_cache = false, .only_one_result = false, + .search_all_domains = false, .allow_missing_fqn = true, .allow_switch_to_upn = false, .upn_equivalent = CACHE_REQ_SENTINEL, diff --git a/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c b/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c index b519ee92d..20d5eaa36 100644 --- a/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c +++ b/src/responder/common/cache_req/plugins/cache_req_object_by_sid.c @@ -82,6 +82,7 @@ struct cache_req_plugin cache_req_object_by_sid = { .parse_name = false, .bypass_cache = false, .only_one_result = true, + .search_all_domains = false, .allow_missing_fqn = false, .allow_switch_to_upn = false, .upn_equivalent = CACHE_REQ_SENTINEL, diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c b/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c index 4b0cdaaa3..18baaf436 100644 --- a/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c +++ b/src/responder/common/cache_req/plugins/cache_req_user_by_cert.c @@ -85,6 +85,7 @@ struct cache_req_plugin cache_req_user_by_cert = { .parse_name = false, .bypass_cache = false, .only_one_result = true, + .search_all_domains = false, .allow_missing_fqn = true, .allow_switch_to_upn = false, .upn_equivalent = CACHE_REQ_SENTINEL, diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c b/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c index a1bde5d36..f4a3bf4cf 100644 --- a/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c +++ b/src/responder/common/cache_req/plugins/cache_req_user_by_filter.c @@ -121,6 +121,7 @@ struct cache_req_plugin cache_req_user_by_filter = { .parse_name = true, .bypass_cache = true, .only_one_result = false, + .search_all_domains = false, .allow_missing_fqn = false, .allow_switch_to_upn = false, .upn_equivalent = CACHE_REQ_SENTINEL, diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_id.c b/src/responder/common/cache_req/plugins/cache_req_user_by_id.c index f799a4d58..7e20e7468 100644 --- a/src/responder/common/cache_req/plugins/cache_req_user_by_id.c +++ b/src/responder/common/cache_req/plugins/cache_req_user_by_id.c @@ -109,6 +109,7 @@ struct cache_req_plugin cache_req_user_by_id = { .parse_name = false, .bypass_cache = false, .only_one_result = true, + .search_all_domains = false, .allow_missing_fqn = false, .allow_switch_to_upn = false, .upn_equivalent = CACHE_REQ_SENTINEL, diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_name.c b/src/responder/common/cache_req/plugins/cache_req_user_by_name.c index af7dd4513..9a4fbcf00 100644 --- a/src/responder/common/cache_req/plugins/cache_req_user_by_name.c +++ b/src/responder/common/cache_req/plugins/cache_req_user_by_name.c @@ -159,6 +159,7 @@ struct cache_req_plugin cache_req_user_by_name = { .parse_name = true, .bypass_cache = false, .only_one_result = true, + .search_all_domains = false, .allow_missing_fqn = false, .allow_switch_to_upn = true, .upn_equivalent = CACHE_REQ_USER_BY_UPN, diff --git a/src/responder/common/cache_req/plugins/cache_req_user_by_upn.c b/src/responder/common/cache_req/plugins/cache_req_user_by_upn.c index e5f4b9905..c419d703f 100644 --- a/src/responder/common/cache_req/plugins/cache_req_user_by_upn.c +++ b/src/responder/common/cache_req/plugins/cache_req_user_by_upn.c @@ -109,6 +109,7 @@ struct cache_req_plugin cache_req_user_by_upn = { .parse_name = false, .bypass_cache = false, .only_one_result = true, + .search_all_domains = false, .allow_missing_fqn = true, .allow_switch_to_upn = false, .upn_equivalent = CACHE_REQ_SENTINEL, |