summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2016-10-12 13:27:26 +0200
committerJakub Hrozek <jhrozek@redhat.com>2016-10-20 09:56:41 +0200
commite083a6bcf19a32f81f3fbbc6fff5fa2ff4c1b17a (patch)
tree355b1826b1c1643c6d316a7f1f2fb16977e272b2 /src
parent4169fb26ea2ff93c19ecdad6e09382732ea5deeb (diff)
cache_req: delete old code
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src')
-rw-r--r--src/responder/common/responder_cache_req.c1700
-rw-r--r--src/responder/common/responder_cache_req.h186
2 files changed, 0 insertions, 1886 deletions
diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c
deleted file mode 100644
index 507d1c243..000000000
--- a/src/responder/common/responder_cache_req.c
+++ /dev/null
@@ -1,1700 +0,0 @@
-/*
- Authors:
- Pavel Březina <pbrezina@redhat.com>
-
- Copyright (C) 2014 Red Hat
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include <dbus/dbus.h>
-#include <ldb.h>
-#include <talloc.h>
-#include <tevent.h>
-
-#include "util/util.h"
-#include "db/sysdb.h"
-#include "responder/common/responder_cache_req.h"
-#include "providers/data_provider.h"
-
-#define CACHE_REQ_DEBUG(level, cr, fmt, ...) \
- DEBUG(level, "Cache Request [%s #%u]: " fmt, \
- (cr)->reqname, (cr)->reqid, ##__VA_ARGS__)
-
-static errno_t updated_users_by_filter(TALLOC_CTX *mem_ctx,
- struct sss_domain_info *domain,
- const char *name_filter,
- time_t since,
- struct ldb_result **_res)
-{
- int ret;
- char *recent_filter;
-
- recent_filter = talloc_asprintf(mem_ctx, "(%s>=%lu)",
- SYSDB_LAST_UPDATE, since);
- if (recent_filter == NULL) {
- return ENOMEM;
- }
-
- ret = sysdb_enumpwent_filter_with_views(mem_ctx, domain,
- name_filter, recent_filter,
- _res);
- talloc_free(recent_filter);
- return ret;
-}
-
-static errno_t updated_groups_by_filter(TALLOC_CTX *mem_ctx,
- struct sss_domain_info *domain,
- const char *name_filter,
- time_t since,
- struct ldb_result **_res)
-{
- int ret;
- char *recent_filter;
-
- recent_filter = talloc_asprintf(mem_ctx, "(%s>=%lu)",
- SYSDB_LAST_UPDATE, since);
- if (recent_filter == NULL) {
- return ENOMEM;
- }
-
- ret = sysdb_enumgrent_filter_with_views(mem_ctx, domain,
- name_filter, recent_filter,
- _res);
- talloc_free(recent_filter);
- return ret;
-}
-
-struct cache_req_data {
- enum cache_req_type type;
- struct {
- const char *input; /* Original input. */
- const char *name; /* Parsed name or UPN. */
- const char *lookup; /* Converted per domain rules. */
- } name;
- uint32_t id;
- const char *cert;
- const char *sid;
- const char **attrs;
-};
-
-static struct cache_req_data *
-cache_req_data_create(TALLOC_CTX *mem_ctx,
- enum cache_req_type type,
- struct cache_req_data *input)
-{
- struct cache_req_data *data;
- errno_t ret;
-
- data = talloc_zero(mem_ctx, struct cache_req_data);
- if (data == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zero() failed\n");
- return NULL;
- }
-
- data->type = type;
-
- switch (type) {
- case CACHE_REQ_USER_BY_NAME:
- case CACHE_REQ_USER_BY_UPN:
- case CACHE_REQ_GROUP_BY_NAME:
- case CACHE_REQ_USER_BY_FILTER:
- case CACHE_REQ_GROUP_BY_FILTER:
- case CACHE_REQ_INITGROUPS:
- case CACHE_REQ_INITGROUPS_BY_UPN:
- if (input->name.input == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: name cannot be NULL!\n");
- ret = ERR_INTERNAL;
- goto done;
- }
-
- data->name.input = talloc_strdup(data, input->name.input);
- if (data->name.input == NULL) {
- ret = ENOMEM;
- goto done;
- }
- break;
- case CACHE_REQ_USER_BY_CERT:
- if (input->cert == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: certificate cannot be NULL!\n");
- ret = ERR_INTERNAL;
- goto done;
- }
-
- data->cert = talloc_strdup(data, input->cert);
- if (data->cert == NULL) {
- ret = ENOMEM;
- goto done;
- }
- break;
- case CACHE_REQ_USER_BY_ID:
- case CACHE_REQ_GROUP_BY_ID:
- if (input->id == 0) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: id cannot be 0!\n");
- ret = ERR_INTERNAL;
- goto done;
- }
-
- data->id = input->id;
- break;
- case CACHE_REQ_OBJECT_BY_SID:
- if (input->sid == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: SID cannot be NULL!\n");
- ret = ERR_INTERNAL;
- goto done;
- }
-
- data->sid = talloc_strdup(data, input->sid);
- if (data->sid == NULL) {
- ret = ENOMEM;
- goto done;
- }
- break;
- }
-
- if (input->attrs != NULL) {
- data->attrs = dup_string_list(data, input->attrs);
- if (data->attrs == NULL) {
- ret = ENOMEM;
- goto done;
- }
- }
-
- ret = EOK;
-
-done:
- if (ret != EOK) {
- talloc_zfree(data);
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create cache_req data "
- "[%d]: %s\n", ret, sss_strerror(ret));
- return NULL;
- }
-
- return data;
-}
-
-struct cache_req_data *
-cache_req_data_name(TALLOC_CTX *mem_ctx,
- enum cache_req_type type,
- const char *name)
-{
- struct cache_req_data input = {0};
-
- input.name.input = name;
-
- return cache_req_data_create(mem_ctx, type, &input);
-}
-
-struct cache_req_data *
-cache_req_data_id(TALLOC_CTX *mem_ctx,
- enum cache_req_type type,
- uint32_t id)
-{
- struct cache_req_data input = {0};
-
- input.id = id;
-
- return cache_req_data_create(mem_ctx, type, &input);
-}
-
-struct cache_req_data *
-cache_req_data_cert(TALLOC_CTX *mem_ctx,
- enum cache_req_type type,
- const char *cert)
-{
- struct cache_req_data input = {0};
-
- input.cert = cert;
-
- return cache_req_data_create(mem_ctx, type, &input);
-}
-
-struct cache_req_data *
-cache_req_data_sid(TALLOC_CTX *mem_ctx,
- enum cache_req_type type,
- const char *sid,
- const char **attrs)
-{
- struct cache_req_data input = {0};
-
- input.sid = sid;
- input.attrs = attrs;
-
- return cache_req_data_create(mem_ctx, type, &input);
-}
-
-struct cache_req {
- /* Provided input. */
- struct cache_req_data *data;
-
- /* Data Provider request type resolved from @type.
- * FIXME: This is currently needed for data provider calls. We should
- * refactor responder_dp.c to get rid of this member. */
- enum sss_dp_acct_type dp_type;
-
- /* Domain related informations. */
- struct sss_domain_info *domain;
-
- /* Debug information */
- uint32_t reqid;
- const char *reqname;
- const char *debugobj;
-
- /* Time when the request started. Useful for by-filter lookups */
- time_t req_start;
-};
-
-static void
-cache_req_set_dp(struct cache_req *cr, enum cache_req_type type)
-{
- switch (type) {
- case CACHE_REQ_USER_BY_NAME:
- case CACHE_REQ_USER_BY_UPN:
- case CACHE_REQ_USER_BY_ID:
- cr->dp_type = SSS_DP_USER;
- break;
-
- case CACHE_REQ_GROUP_BY_NAME:
- case CACHE_REQ_GROUP_BY_ID:
- cr->dp_type = SSS_DP_GROUP;
- break;
-
- case CACHE_REQ_INITGROUPS:
- case CACHE_REQ_INITGROUPS_BY_UPN:
- cr->dp_type = SSS_DP_INITGROUPS;
- break;
-
- case CACHE_REQ_USER_BY_CERT:
- cr->dp_type = SSS_DP_CERT;
- break;
-
- case CACHE_REQ_USER_BY_FILTER:
- cr->dp_type = SSS_DP_WILDCARD_USER;
- break;
-
- case CACHE_REQ_GROUP_BY_FILTER:
- cr->dp_type = SSS_DP_WILDCARD_GROUP;
- break;
-
- case CACHE_REQ_OBJECT_BY_SID:
- cr->dp_type = SSS_DP_SECID;
- break;
- }
-
- return;
-}
-
-static void
-cache_req_set_reqname(struct cache_req *cr, enum cache_req_type type)
-{
- switch (type) {
- case CACHE_REQ_USER_BY_NAME:
- cr->reqname = "User by name";
- break;
- case CACHE_REQ_USER_BY_UPN:
- cr->reqname = "User by UPN";
- break;
- case CACHE_REQ_USER_BY_ID:
- cr->reqname = "User by ID";
- break;
- case CACHE_REQ_GROUP_BY_NAME:
- cr->reqname = "Group by name";
- break;
- case CACHE_REQ_GROUP_BY_ID:
- cr->reqname = "Group by ID";
- break;
- case CACHE_REQ_INITGROUPS:
- cr->reqname = "Initgroups by name";
- break;
- case CACHE_REQ_INITGROUPS_BY_UPN:
- cr->reqname = "Initgroups by UPN";
- break;
- case CACHE_REQ_USER_BY_CERT:
- cr->reqname = "User by certificate";
- break;
- case CACHE_REQ_USER_BY_FILTER:
- cr->reqname = "User by filter";
- break;
- case CACHE_REQ_GROUP_BY_FILTER:
- cr->reqname = "Group by filter";
- break;
- case CACHE_REQ_OBJECT_BY_SID:
- cr->reqname = "Object by SID";
- break;
- }
-
- return;
-}
-
-static struct cache_req *
-cache_req_create(TALLOC_CTX *mem_ctx,
- struct resp_ctx *rctx,
- struct cache_req_data *data)
-{
- struct cache_req *cr;
-
- cr = talloc_zero(mem_ctx, struct cache_req);
- if (cr == NULL) {
- return NULL;
- }
-
- cr->data = data;
- cr->req_start = time(NULL);
-
- /* It is perfectly fine to just overflow here. */
- cr->reqid = rctx->cache_req_num++;
-
- cache_req_set_reqname(cr, data->type);
- cache_req_set_dp(cr, data->type);
-
- return cr;
-}
-
-static errno_t
-cache_req_set_name(struct cache_req *cr, const char *name)
-{
- const char *dup_name;
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, cr, "Setting name [%s]\n", name);
-
- dup_name = talloc_strdup(cr->data, name);
- if (dup_name == NULL) {
- return ENOMEM;
- }
-
- talloc_zfree(cr->data->name.name);
- cr->data->name.name = dup_name;
-
- return EOK;
-}
-
-static errno_t
-cache_req_domain_lookup_name(TALLOC_CTX *mem_ctx,
- struct cache_req *cr,
- struct sss_domain_info *domain,
- struct resp_ctx *rctx,
- const char **_name,
- const char **_debugobj)
-{
- const char *name = NULL;
- const char *debugobj = NULL;
- TALLOC_CTX *tmp_ctx = NULL;
- errno_t ret;
-
- if (cr->data->name.name == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: parsed name is NULL?\n");
- ret = ERR_INTERNAL;
- goto done;
- }
-
- tmp_ctx = talloc_new(NULL);
- if (tmp_ctx == NULL) {
- return ENOMEM;
- }
-
- name = sss_get_cased_name(tmp_ctx, cr->data->name.name,
- domain->case_sensitive);
- if (name == NULL) {
- ret = ENOMEM;
- goto done;
- }
-
- name = sss_reverse_replace_space(tmp_ctx, name, rctx->override_space);
- if (name == NULL) {
- ret = ENOMEM;
- goto done;
- }
-
- debugobj = talloc_asprintf(tmp_ctx, "%s@%s", name, domain->name);
- if (debugobj == NULL) {
- ret = ENOMEM;
- goto done;
- }
-
- ret = EOK;
- *_name = talloc_steal(mem_ctx, name);
- *_debugobj = talloc_steal(mem_ctx, debugobj);
-done:
- talloc_free(tmp_ctx);
- return ret;
-}
-
-static errno_t
-cache_req_set_domain(struct cache_req *cr,
- struct sss_domain_info *domain,
- struct resp_ctx *rctx)
-{
- TALLOC_CTX *tmp_ctx = NULL;
- const char *name = NULL;
- const char *debugobj = NULL;
- errno_t ret;
-
- tmp_ctx = talloc_new(NULL);
- if (tmp_ctx == NULL) {
- return ENOMEM;
- }
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, cr, "Using domain [%s]\n", domain->name);
-
- talloc_zfree(cr->data->name.lookup);
- talloc_zfree(cr->debugobj);
-
- switch (cr->data->type) {
- case CACHE_REQ_USER_BY_NAME:
- case CACHE_REQ_GROUP_BY_NAME:
- case CACHE_REQ_INITGROUPS:
- ret = cache_req_domain_lookup_name(tmp_ctx, cr, domain, rctx,
- &name, &debugobj);
- if (ret != EOK) {
- goto done;
- }
-
- name = sss_create_internal_fqname(tmp_ctx, name, domain->name);
- if (name == NULL) {
- ret = ENOMEM;
- goto done;
- }
-
- break;
-
- case CACHE_REQ_USER_BY_FILTER:
- case CACHE_REQ_GROUP_BY_FILTER:
- ret = cache_req_domain_lookup_name(tmp_ctx, cr, domain, rctx,
- &name, &debugobj);
- if (ret != EOK) {
- goto done;
- }
-
- break;
-
- case CACHE_REQ_USER_BY_UPN:
- case CACHE_REQ_INITGROUPS_BY_UPN:
- if (cr->data->name.name == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: parsed UPN is NULL?\n");
- ret = ERR_INTERNAL;
- goto done;
- }
-
- /* When looking up UPNs we don't want to reverse-replace spaces,
- * just search whatever the user passed in. strdup the name so we
- * can safely steal it later.
- */
- name = talloc_strdup(tmp_ctx, cr->data->name.name);
- if (name == NULL) {
- ret = ENOMEM;
- goto done;
- }
-
- debugobj = talloc_asprintf(tmp_ctx, "%s@%s", name, domain->name);
- if (debugobj == NULL) {
- ret = ENOMEM;
- goto done;
- }
-
- break;
-
- case CACHE_REQ_USER_BY_ID:
- debugobj = talloc_asprintf(tmp_ctx, "UID:%d@%s",
- cr->data->id, domain->name);
- if (debugobj == NULL) {
- ret = ENOMEM;
- goto done;
- }
- break;
-
- case CACHE_REQ_GROUP_BY_ID:
- debugobj = talloc_asprintf(tmp_ctx, "GID:%d@%s",
- cr->data->id, domain->name);
- if (debugobj == NULL) {
- ret = ENOMEM;
- goto done;
- }
- break;
- case CACHE_REQ_USER_BY_CERT:
- /* certificates might be quite long, only use the last 10 charcters
- * for logging */
- debugobj = talloc_asprintf(tmp_ctx, "CERT:%s@%s",
- get_last_x_chars(cr->data->cert, 10),
- domain->name);
- if (debugobj == NULL) {
- ret = ENOMEM;
- goto done;
- }
- break;
- case CACHE_REQ_OBJECT_BY_SID:
- debugobj = talloc_asprintf(tmp_ctx, "SID:%s@%s",
- cr->data->sid, domain->name);
- if (debugobj == NULL) {
- ret = ENOMEM;
- goto done;
- }
- break;
- }
-
- cr->domain = domain;
- cr->data->name.lookup = talloc_steal(cr->data, name);
- cr->debugobj = talloc_steal(cr, debugobj);
-
- ret = EOK;
-
-done:
- talloc_free(tmp_ctx);
- return ret;
-}
-
-static bool
-cache_req_is_upn(struct cache_req *cr)
-{
- switch (cr->data->type) {
- case CACHE_REQ_USER_BY_UPN:
- case CACHE_REQ_INITGROUPS_BY_UPN:
- return true;
- default:
- return false;
- }
-}
-
-static bool
-cache_req_assume_upn(struct cache_req *cr)
-{
- errno_t ret;
- bool bret;
-
- if (cr->data->name.input == NULL
- || strchr(cr->data->name.input, '@') == NULL) {
- return false;
- }
-
- switch (cr->data->type) {
- case CACHE_REQ_USER_BY_NAME:
- cr->data->type = CACHE_REQ_USER_BY_UPN;
- bret = true;
- break;
- case CACHE_REQ_INITGROUPS:
- cr->data->type = CACHE_REQ_INITGROUPS_BY_UPN;
- bret = true;
- break;
- default:
- bret = false;
- break;
- }
-
- if (bret == true) {
- ret = cache_req_set_name(cr, cr->data->name.input);
- if (ret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE, "cache_req_set_name() failed\n");
- return false;
- }
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, cr, "Assuming UPN [%s]\n",
- cr->data->name.input);
- }
-
- return bret;
-}
-
-static errno_t cache_req_check_ncache(struct cache_req *cr,
- struct sss_nc_ctx *ncache)
-{
- errno_t ret = ERR_INTERNAL;
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, cr, "Checking negative cache "
- "for [%s]\n", cr->debugobj);
-
- switch (cr->data->type) {
- case CACHE_REQ_USER_BY_NAME:
- case CACHE_REQ_USER_BY_UPN:
- case CACHE_REQ_INITGROUPS:
- case CACHE_REQ_INITGROUPS_BY_UPN:
- ret = sss_ncache_check_user(ncache, cr->domain, cr->data->name.lookup);
- break;
- case CACHE_REQ_GROUP_BY_NAME:
- ret = sss_ncache_check_group(ncache, cr->domain, cr->data->name.lookup);
- break;
- case CACHE_REQ_USER_BY_ID:
- ret = sss_ncache_check_uid(ncache, NULL, cr->data->id);
- break;
- case CACHE_REQ_GROUP_BY_ID:
- ret = sss_ncache_check_gid(ncache, NULL, cr->data->id);
- break;
- case CACHE_REQ_USER_BY_CERT:
- ret = sss_ncache_check_cert(ncache, cr->data->cert);
- break;
- case CACHE_REQ_USER_BY_FILTER:
- case CACHE_REQ_GROUP_BY_FILTER:
- ret = EOK;
- break;
- case CACHE_REQ_OBJECT_BY_SID:
- ret = sss_ncache_check_sid(ncache, cr->data->sid);
- break;
- }
-
- if (ret == EEXIST) {
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, cr, "[%s] does not exist "
- "(negative cache)\n", cr->debugobj);
- }
-
- return ret;
-}
-
-static void cache_req_add_to_ncache(struct cache_req *cr,
- struct sss_nc_ctx *ncache)
-{
- errno_t ret = ERR_INTERNAL;
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, cr, "Adding [%s] to negative cache\n",
- cr->debugobj);
-
- switch (cr->data->type) {
- case CACHE_REQ_USER_BY_NAME:
- case CACHE_REQ_USER_BY_UPN:
- case CACHE_REQ_INITGROUPS:
- case CACHE_REQ_INITGROUPS_BY_UPN:
- ret = sss_ncache_set_user(ncache, false, cr->domain,
- cr->data->name.lookup);
- break;
- case CACHE_REQ_GROUP_BY_NAME:
- ret = sss_ncache_set_group(ncache, false, cr->domain,
- cr->data->name.lookup);
- break;
- case CACHE_REQ_USER_BY_FILTER:
- case CACHE_REQ_GROUP_BY_FILTER:
- /* Nothing to do, adding a wildcard request to ncache doesn't
- * make sense */
- case CACHE_REQ_USER_BY_ID:
- case CACHE_REQ_GROUP_BY_ID:
- case CACHE_REQ_USER_BY_CERT:
- case CACHE_REQ_OBJECT_BY_SID:
- /* Nothing to do. Those types must be unique among all domains so
- * the don't contain domain part. Therefore they must be set only
- * if all domains are search and the entry is not found. */
- ret = EOK;
- break;
- }
-
- if (ret != EOK) {
- CACHE_REQ_DEBUG(SSSDBG_MINOR_FAILURE, cr,
- "Cannot set negative cache for [%s] [%d]: %s\n",
- cr->debugobj, ret, sss_strerror(ret));
-
- /* not fatal */
- }
-
- return;
-}
-
-static void cache_req_add_to_ncache_global(struct cache_req *cr,
- struct sss_nc_ctx *ncache)
-{
- errno_t ret = ERR_INTERNAL;
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, cr, "Adding [%s] to global "
- "negative cache\n", cr->debugobj);
-
- switch (cr->data->type) {
- case CACHE_REQ_USER_BY_FILTER:
- case CACHE_REQ_GROUP_BY_FILTER:
- /* Nothing to do, adding a wildcard request to ncache doesn't
- * make sense */
- case CACHE_REQ_USER_BY_NAME:
- case CACHE_REQ_USER_BY_UPN:
- case CACHE_REQ_GROUP_BY_NAME:
- case CACHE_REQ_INITGROUPS:
- case CACHE_REQ_INITGROUPS_BY_UPN:
- /* Nothing to do. Those types are already in ncache for selected
- * domains. */
- ret = EOK;
- break;
- case CACHE_REQ_USER_BY_ID:
- ret = sss_ncache_set_uid(ncache, false, NULL, cr->data->id);
- break;
- case CACHE_REQ_GROUP_BY_ID:
- ret = sss_ncache_set_gid(ncache, false, NULL, cr->data->id);
- break;
- case CACHE_REQ_USER_BY_CERT:
- ret = sss_ncache_set_cert(ncache, false, cr->data->cert);
- break;
- case CACHE_REQ_OBJECT_BY_SID:
- ret = sss_ncache_set_sid(ncache, false, cr->data->sid);
- break;
- }
-
- if (ret != EOK) {
- CACHE_REQ_DEBUG(SSSDBG_MINOR_FAILURE, cr, "Cannot set negcache for "
- "[%s] [%d]: %s\n", cr->debugobj,
- ret, sss_strerror(ret));
-
- /* not fatal */
- }
-
- return;
-}
-
-static errno_t cache_req_get_object(TALLOC_CTX *mem_ctx,
- struct cache_req *cr,
- struct ldb_result **_result)
-{
- struct ldb_result *result = NULL;
- bool one_item_only = false;
- errno_t ret = ERR_INTERNAL;
-
- CACHE_REQ_DEBUG(SSSDBG_FUNC_DATA, cr, "Requesting info for [%s]\n",
- cr->debugobj);
-
- switch (cr->data->type) {
- case CACHE_REQ_USER_BY_NAME:
- one_item_only = true;
- ret = sysdb_getpwnam_with_views(mem_ctx, cr->domain,
- cr->data->name.lookup, &result);
- break;
- case CACHE_REQ_USER_BY_UPN:
- one_item_only = true;
- ret = sysdb_getpwupn(mem_ctx, cr->domain,
- cr->data->name.lookup, &result);
- break;
- case CACHE_REQ_USER_BY_ID:
- one_item_only = true;
- ret = sysdb_getpwuid_with_views(mem_ctx, cr->domain,
- cr->data->id, &result);
- break;
- case CACHE_REQ_GROUP_BY_NAME:
- one_item_only = true;
- ret = sysdb_getgrnam_with_views(mem_ctx, cr->domain,
- cr->data->name.lookup, &result);
- break;
- case CACHE_REQ_GROUP_BY_ID:
- one_item_only = true;
- ret = sysdb_getgrgid_with_views(mem_ctx, cr->domain,
- cr->data->id, &result);
- break;
- case CACHE_REQ_INITGROUPS:
- one_item_only = false;
- ret = sysdb_initgroups_with_views(mem_ctx, cr->domain,
- cr->data->name.lookup, &result);
- break;
- case CACHE_REQ_INITGROUPS_BY_UPN:
- one_item_only = false;
- ret = sysdb_initgroups_by_upn(mem_ctx, cr->domain,
- cr->data->name.lookup, &result);
- break;
- case CACHE_REQ_USER_BY_CERT:
- one_item_only = true;
- ret = sysdb_search_user_by_cert_with_views(mem_ctx, cr->domain,
- cr->data->cert, &result);
- break;
- case CACHE_REQ_USER_BY_FILTER:
- one_item_only = false;
- ret = updated_users_by_filter(mem_ctx, cr->domain,
- cr->data->name.lookup, cr->req_start,
- &result);
- break;
- case CACHE_REQ_GROUP_BY_FILTER:
- one_item_only = false;
- ret = updated_groups_by_filter(mem_ctx, cr->domain,
- cr->data->name.lookup, cr->req_start,
- &result);
- break;
- case CACHE_REQ_OBJECT_BY_SID:
- one_item_only = true;
- ret = sysdb_search_object_by_sid(mem_ctx, cr->domain,
- cr->data->sid, cr->data->attrs,
- &result);
- break;
- }
-
- if (ret != EOK) {
- goto done;
- } else if (result->count == 0) {
- ret = ENOENT;
- goto done;
- } else if (one_item_only && result->count > 1) {
- ret = ERR_INTERNAL;
- CACHE_REQ_DEBUG(SSSDBG_CRIT_FAILURE, cr,
- "Multiple objects were found when "
- "sysdb search expected only one!\n");
- goto done;
- }
-
- *_result = result;
-
-done:
- return ret;
-}
-
-/* Return true if the request bypasses cache or false if the cache_req
- * code can leverage sysdb for this request.
- */
-static bool cache_req_bypass_cache(struct cache_req *cr)
-{
- if (cr->data->type == CACHE_REQ_USER_BY_FILTER ||
- cr->data->type == CACHE_REQ_GROUP_BY_FILTER) {
- return true;
- }
-
- return false;
-}
-
-static errno_t cache_req_expiration_status(struct cache_req *cr,
- struct ldb_result *result,
- time_t cache_refresh_percent)
-{
- time_t expire;
-
- if (result == NULL || result->count == 0 || cache_req_bypass_cache(cr)) {
- return ENOENT;
- }
-
- if (cr->data->type == CACHE_REQ_INITGROUPS) {
- expire = ldb_msg_find_attr_as_uint64(result->msgs[0],
- SYSDB_INITGR_EXPIRE, 0);
- } else {
- expire = ldb_msg_find_attr_as_uint64(result->msgs[0],
- SYSDB_CACHE_EXPIRE, 0);
- }
-
- return sss_cmd_check_cache(result->msgs[0], cache_refresh_percent, expire);
-}
-
-static void cache_req_dpreq_params(TALLOC_CTX *mem_ctx,
- struct cache_req *cr,
- struct ldb_result *result,
- const char **_string,
- uint32_t *_id,
- const char **_flag)
-{
- struct ldb_result *user = NULL;
- const char *name = NULL;
- uint32_t id = 0;
- errno_t ret;
-
- *_id = cr->data->id;
- *_string = cr->data->name.lookup;
- *_flag = NULL;
-
- if (cache_req_is_upn(cr)) {
- *_flag = EXTRA_NAME_IS_UPN;
- return;
- }
-
- if (cr->data->type == CACHE_REQ_USER_BY_CERT) {
- *_string = cr->data->cert;
- return;
- } else if (cr->data->type == CACHE_REQ_OBJECT_BY_SID) {
- *_string = cr->data->sid;
- return;
- }
-
- if (!DOM_HAS_VIEWS(cr->domain)) {
- return;
- }
-
- /* We must search with views. */
- if (result == NULL || result->count == 0) {
- *_flag = EXTRA_INPUT_MAYBE_WITH_VIEW;
- return;
- }
-
- /* If domain has views we will try to user original values instead of the
- * overridden ones. This is a must for the LOCAL view since we can't look
- * it up otherwise. But it is also a shortcut for non-local views where
- * we will not fail over to the overridden value. */
-
- switch (cr->data->type) {
- case CACHE_REQ_USER_BY_NAME:
- case CACHE_REQ_GROUP_BY_NAME:
- name = ldb_msg_find_attr_as_string(result->msgs[0], SYSDB_NAME, NULL);
- if (name == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: name cannot be NULL\n");
- }
- break;
- case CACHE_REQ_USER_BY_ID:
- id = ldb_msg_find_attr_as_uint64(result->msgs[0], SYSDB_UIDNUM, 0);
- if (id == 0) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: id cannot be 0\n");
- }
- break;
- case CACHE_REQ_GROUP_BY_ID:
- id = ldb_msg_find_attr_as_uint64(result->msgs[0], SYSDB_GIDNUM, 0);
- if (id == 0) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: id cannot be 0\n");
- }
- break;
- case CACHE_REQ_INITGROUPS:
- ret = sysdb_getpwnam_with_views(NULL, cr->domain,
- cr->data->name.lookup, &user);
- if (ret != EOK || user == NULL || user->count != 1) {
- /* Case where the user is not found has been already handled. If
- * this is not OK, it is an error. */
- CACHE_REQ_DEBUG(SSSDBG_CRIT_FAILURE, cr,
- "Unable to match initgroups user [%d]: %s\n",
- ret, sss_strerror(ret));
- break;
- }
-
- name = ldb_msg_find_attr_as_string(user->msgs[0], SYSDB_NAME,
- NULL);
- if (name == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Bug: name cannot be NULL\n");
- break;
- }
-
- talloc_steal(mem_ctx, name);
- talloc_free(user);
- break;
- default:
- return;
- }
-
- /* Now we have the original name and id. We don't have to search with
- * views unless some error occurred. */
- if (name == NULL && id == 0) {
- *_flag = EXTRA_INPUT_MAYBE_WITH_VIEW;
- return;
- }
-
- *_string = talloc_steal(mem_ctx, name);
- *_id = id;
-}
-
-struct cache_req_cache_state {
- /* input data */
- struct tevent_context *ev;
- struct resp_ctx *rctx;
- struct sss_nc_ctx *ncache;
- int cache_refresh_percent;
- struct cache_req *cr;
-
- /* output data */
- struct ldb_result *result;
-};
-
-static errno_t cache_req_cache_search(struct tevent_req *req);
-static errno_t cache_req_cache_check(struct tevent_req *req);
-static void cache_req_cache_done(struct tevent_req *subreq);
-
-static struct tevent_req *cache_req_cache_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- struct cache_req *cr)
-{
- struct cache_req_cache_state *state = NULL;
- struct tevent_req *req = NULL;
- errno_t ret;
-
- req = tevent_req_create(mem_ctx, &state, struct cache_req_cache_state);
- if (req == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "tevent_req_create() failed\n");
- return NULL;
- }
-
- state->ev = ev;
- state->rctx = rctx;
- state->ncache = ncache;
- state->cache_refresh_percent = cache_refresh_percent;
- state->cr = cr;
-
- /* Check negative cache first. */
- ret = cache_req_check_ncache(state->cr, state->ncache);
- if (ret == EEXIST) {
- ret = ENOENT;
- goto immediately;
- }
-
- /* We will first search the cache. If we get cache miss or the entry
- * is expired we will contact data provider and then search again. */
- ret = cache_req_cache_search(req);
- if (ret != EAGAIN) {
- goto immediately;
- }
-
- return req;
-
-immediately:
- if (ret == EOK) {
- tevent_req_done(req);
- } else {
- tevent_req_error(req, ret);
- }
- tevent_req_post(req, ev);
-
- return req;
-}
-
-static errno_t cache_req_cache_search(struct tevent_req *req)
-{
- struct cache_req_cache_state *state = NULL;
- errno_t ret;
-
- state = tevent_req_data(req, struct cache_req_cache_state);
-
- ret = cache_req_get_object(state, state->cr, &state->result);
- if (ret != EOK && ret != ENOENT) {
- CACHE_REQ_DEBUG(SSSDBG_CRIT_FAILURE, state->cr, "Failed to make "
- "request to our cache [%d]: %s\n",
- ret, sss_strerror(ret));
- return ret;
- }
-
- /* Verify that the cache is up to date. */
- ret = cache_req_cache_check(req);
- if (ret != EOK) {
- CACHE_REQ_DEBUG(SSSDBG_OP_FAILURE, state->cr,
- "Cannot find info for [%s]\n", state->cr->debugobj);
- return ret;
- }
-
- /* One result found */
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr,
- "Returning info for [%s]\n", state->cr->debugobj);
- return EOK;
-}
-
-static errno_t cache_req_cache_check(struct tevent_req *req)
-{
- struct cache_req_cache_state *state = NULL;
- struct tevent_req *subreq = NULL;
- const char *extra_flag = NULL;
- const char *search_str;
- uint32_t search_id;
- errno_t ret;
-
- state = tevent_req_data(req, struct cache_req_cache_state);
-
- cache_req_dpreq_params(state, state->cr, state->result,
- &search_str, &search_id, &extra_flag);
-
- ret = cache_req_expiration_status(state->cr, state->result,
- state->cache_refresh_percent);
-
- switch (ret) {
- case EOK:
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr,
- "[%s] entry is valid\n", state->cr->debugobj);
- return EOK;
- case EAGAIN:
- /* Out of band update. The calling function will return the cached
- * entry immediately. No callback is required. */
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr,
- "Performing midpoint cache update of [%s]\n",
- state->cr->debugobj);
-
- subreq = sss_dp_get_account_send(state, state->rctx,
- state->cr->domain, true,
- state->cr->dp_type,
- search_str, search_id, extra_flag);
- if (subreq == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory sending out-of-band "
- "data provider request\n");
- /* This is non-fatal, so we'll continue here */
- }
-
- return EOK;
- case ENOENT:
- /* Cache miss or the cache is expired. We need to get the updated
- * information before returning it. */
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr,
- "Looking up [%s] in data provider\n",
- state->cr->debugobj);
-
- subreq = sss_dp_get_account_send(state, state->rctx,
- state->cr->domain, true,
- state->cr->dp_type,
- search_str, search_id, extra_flag);
- if (subreq == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Out of memory sending data provider request\n");
- return ENOMEM;
- }
-
- tevent_req_set_callback(subreq, cache_req_cache_done, req);
- return EAGAIN;
- default:
- /* error */
- CACHE_REQ_DEBUG(SSSDBG_CRIT_FAILURE, state->cr, "Error checking "
- "cache [%d]: %s\n", ret, sss_strerror(ret));
- return ret;
- }
-}
-
-static void cache_req_cache_done(struct tevent_req *subreq)
-{
- struct cache_req_cache_state *state = NULL;
- struct tevent_req *req = NULL;
- char *err_msg = NULL;
- dbus_uint16_t err_maj;
- dbus_uint32_t err_min;
- errno_t ret;
-
- req = tevent_req_callback_data(subreq, struct tevent_req);
- state = tevent_req_data(req, struct cache_req_cache_state);
-
- ret = sss_dp_get_account_recv(state, subreq, &err_maj, &err_min, &err_msg);
- talloc_zfree(subreq);
- if (ret != EOK) {
- CACHE_REQ_DEBUG(SSSDBG_OP_FAILURE, state->cr,
- "Could not get account info [%d]: %s\n",
- ret, sss_strerror(ret));
- }
-
- if (err_maj) {
- CACHE_REQ_DEBUG(SSSDBG_MINOR_FAILURE, state->cr,
- "Data Provider Error: %u, %u, %s (will return cached data)\n",
- (unsigned int)err_maj, (unsigned int)err_min, err_msg);
- }
-
- /* Get result from cache again. */
- ret = cache_req_get_object(state, state->cr, &state->result);
- if (ret == ENOENT) {
- cache_req_add_to_ncache(state->cr, state->ncache);
- ret = ENOENT;
- } else if (ret != EOK) {
- CACHE_REQ_DEBUG(SSSDBG_CRIT_FAILURE, state->cr,
- "Failed to make request to our cache [%d]: %s\n",
- ret, sss_strerror(ret));
- }
-
- if (ret != EOK) {
- tevent_req_error(req, ret);
- return;
- }
-
- /* One result found */
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr,
- "Returning %u results for [%s]\n", state->result->count,
- state->cr->debugobj);
-
- tevent_req_done(req);
-}
-
-static errno_t cache_req_cache_recv(TALLOC_CTX *mem_ctx,
- struct tevent_req *req,
- struct ldb_result **_result)
-{
- struct cache_req_cache_state *state = NULL;
- state = tevent_req_data(req, struct cache_req_cache_state);
-
- TEVENT_REQ_RETURN_ON_ERROR(req);
-
- *_result = talloc_steal(mem_ctx, state->result);
-
- return EOK;
-}
-
-
-struct cache_req_state {
- /* input data */
- struct tevent_context *ev;
- struct resp_ctx *rctx;
- struct sss_nc_ctx *ncache;
- int cache_refresh_percent;
- struct cache_req *cr;
-
- /* work data */
- struct ldb_result *result;
- struct sss_domain_info *domain;
- struct sss_domain_info *selected_domain;
- bool check_next;
-};
-
-static void cache_req_input_parsed(struct tevent_req *subreq);
-
-static errno_t cache_req_select_domains(struct tevent_req *req,
- const char *domain);
-
-static errno_t cache_req_next_domain(struct tevent_req *req);
-
-static void cache_req_done(struct tevent_req *subreq);
-
-struct tevent_req *cache_req_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- struct cache_req_data *data)
-{
- struct cache_req_state *state = NULL;
- struct cache_req *cr = NULL;
- struct tevent_req *req = NULL;
- struct tevent_req *subreq = NULL;
- errno_t ret;
-
- req = tevent_req_create(mem_ctx, &state, struct cache_req_state);
- if (req == NULL) {
- DEBUG(SSSDBG_CRIT_FAILURE, "tevent_req_create() failed\n");
- return NULL;
- }
-
- state->ev = ev;
- state->rctx = rctx;
- state->ncache = ncache;
- state->cache_refresh_percent = cache_refresh_percent;
- state->cr = cr = cache_req_create(state, rctx, data);
- if (state->cr == NULL) {
- ret = ENOMEM;
- goto immediately;
- }
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, cr, "New request\n");
-
- if (cr->data->name.input != NULL && domain == NULL) {
- /* Parse input name first, since it may contain domain name. */
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, cr, "Parsing input name [%s]\n",
- cr->data->name.input);
-
- subreq = sss_parse_inp_send(state, rctx, cr->data->name.input);
- if (subreq == NULL) {
- ret = ENOMEM;
- goto immediately;
- }
-
- tevent_req_set_callback(subreq, cache_req_input_parsed, req);
- } else {
- if (state->cr->data->name.input != NULL) {
- ret = cache_req_set_name(cr, cr->data->name.input);
- if (ret != EOK) {
- goto immediately;
- }
- }
-
- ret = cache_req_select_domains(req, domain);
- if (ret != EAGAIN) {
- goto immediately;
- }
- }
-
- return req;
-
-immediately:
- if (ret == EOK) {
- tevent_req_done(req);
- } else {
- tevent_req_error(req, ret);
- }
- tevent_req_post(req, ev);
-
- return req;
-}
-
-static void cache_req_input_parsed(struct tevent_req *subreq)
-{
- struct tevent_req *req;
- struct cache_req_state *state;
- char *name;
- char *domain;
- errno_t ret;
- bool maybe_upn;
-
- req = tevent_req_callback_data(subreq, struct tevent_req);
- state = tevent_req_data(req, struct cache_req_state);
-
- ret = sss_parse_inp_recv(subreq, state, &name, &domain);
- switch (ret) {
- case EOK:
- ret = cache_req_set_name(state->cr, name);
- if (ret != EOK) {
- tevent_req_error(req, ret);
- return;
- }
- break;
- case ERR_DOMAIN_NOT_FOUND:
- maybe_upn = cache_req_assume_upn(state->cr);
- if (!maybe_upn) {
- tevent_req_error(req, ret);
- return;
- }
-
- domain = NULL;
- break;
- default:
- tevent_req_error(req, ret);
- return;
- }
-
- ret = cache_req_select_domains(req, domain);
- if (ret != EAGAIN) {
- tevent_req_error(req, ret);
- return;
- }
-}
-
-static errno_t cache_req_select_domains(struct tevent_req *req,
- const char *domain)
-{
- struct cache_req_state *state = NULL;
-
- state = tevent_req_data(req, struct cache_req_state);
-
- if (domain != NULL) {
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr,
- "Performing a single domain search\n");
-
- state->domain = responder_get_domain(state->rctx, domain);
- if (state->domain == NULL) {
- return ERR_DOMAIN_NOT_FOUND;
- }
-
- state->check_next = false;
- } else {
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr,
- "Performing a multi-domain search\n");
-
- state->domain = state->rctx->domains;
- state->check_next = true;
- }
-
- return cache_req_next_domain(req);
-}
-
-static errno_t cache_req_next_domain(struct tevent_req *req)
-{
- struct cache_req_state *state = NULL;
- struct tevent_req *subreq = NULL;
- errno_t ret;
-
- state = tevent_req_data(req, struct cache_req_state);
-
- while (state->domain != NULL) {
- /* If it is a domainless search, skip domains that require fully
- * qualified names instead. */
- while (state->domain != NULL && state->check_next
- && state->domain->fqnames
- && state->cr->data->type != CACHE_REQ_USER_BY_CERT
- && !cache_req_is_upn(state->cr)) {
- state->domain = get_next_domain(state->domain, 0);
- }
-
- state->selected_domain = state->domain;
-
- if (state->domain == NULL) {
- break;
- }
-
- ret = cache_req_set_domain(state->cr, state->domain, state->rctx);
- if (ret != EOK) {
- return ret;
- }
-
- subreq = cache_req_cache_send(state, state->ev, state->rctx,
- state->ncache,
- state->cache_refresh_percent,
- state->cr);
- if (subreq == NULL) {
- return ENOMEM;
- }
-
- tevent_req_set_callback(subreq, cache_req_done, req);
-
- /* we will continue with the following domain the next time */
- if (state->check_next) {
- if (cache_req_is_upn(state->cr)
- || state->cr->data->type == CACHE_REQ_USER_BY_CERT ) {
- state->domain = get_next_domain(state->domain, SSS_GND_DESCEND);
- } else {
- state->domain = get_next_domain(state->domain, 0);
- }
- }
-
- return EAGAIN;
- }
-
- /* If the object searched has to be unique among all maintained domains,
- * we have to add it into negative cache here when all domains have
- * been searched. */
-
- cache_req_add_to_ncache_global(state->cr, state->ncache);
-
- return ENOENT;
-}
-
-static void cache_req_done(struct tevent_req *subreq)
-{
- struct cache_req_state *state = NULL;
- struct tevent_req *req = NULL;
- errno_t ret;
-
- req = tevent_req_callback_data(subreq, struct tevent_req);
- state = tevent_req_data(req, struct cache_req_state);
-
- ret = cache_req_cache_recv(state, subreq, &state->result);
- talloc_zfree(subreq);
- if (ret == EOK) {
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr, "Finished: Success\n");
- tevent_req_done(req);
- return;
- }
-
- if (state->check_next == false) {
- if (ret == ENOENT && cache_req_assume_upn(state->cr)) {
- /* search by upn now */
- cache_req_select_domains(req, NULL);
- return;
- }
-
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr, "Finished: Not found\n");
- tevent_req_error(req, ret);
- return;
- }
-
- ret = cache_req_next_domain(req);
- if (ret != EAGAIN) {
- CACHE_REQ_DEBUG(SSSDBG_TRACE_FUNC, state->cr,
- "Finished: Error %d: %s\n", ret, sss_strerror(ret));
- tevent_req_error(req, ret);
- }
-
- return;
-}
-
-errno_t cache_req_recv(TALLOC_CTX *mem_ctx,
- struct tevent_req *req,
- struct ldb_result **_result,
- struct sss_domain_info **_domain,
- char **_name)
-{
- struct cache_req_state *state = NULL;
- char *name;
-
- state = tevent_req_data(req, struct cache_req_state);
-
- TEVENT_REQ_RETURN_ON_ERROR(req);
-
- if (_name != NULL) {
- if (state->cr->data->name.lookup == NULL) {
- *_name = NULL;
- } else {
- name = talloc_strdup(mem_ctx, state->cr->data->name.lookup);
- if (name == NULL) {
- return ENOMEM;
- }
-
- *_name = name;
- }
- }
-
- if (_result != NULL) {
- *_result = talloc_steal(mem_ctx, state->result);
- }
-
- if (_domain != NULL) {
- *_domain = state->selected_domain;
- }
-
- return EOK;
-}
-
-static struct tevent_req *
-cache_req_steal_data_and_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- struct cache_req_data *data)
-{
- struct tevent_req *req;
-
- req = cache_req_send(mem_ctx, ev, rctx, ncache,
- cache_refresh_percent, domain, data);
- if (req == NULL) {
- talloc_zfree(data);
- return NULL;
- }
-
- talloc_steal(req, data);
-
- return req;
-}
-
-struct tevent_req *
-cache_req_user_by_name_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *name)
-{
- struct cache_req_data *data;
-
- data = cache_req_data_name(mem_ctx, CACHE_REQ_USER_BY_NAME, name);
- if (data == NULL) {
- return NULL;
- }
-
- return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- cache_refresh_percent, domain, data);
-}
-
-struct tevent_req *
-cache_req_user_by_id_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- uid_t uid)
-{
- struct cache_req_data *data;
-
- data = cache_req_data_id(mem_ctx, CACHE_REQ_USER_BY_ID, uid);
- if (data == NULL) {
- return NULL;
- }
-
- return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- cache_refresh_percent, domain, data);
-}
-
-struct tevent_req *
-cache_req_user_by_cert_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *pem_cert)
-{
- struct cache_req_data *data;
-
- data = cache_req_data_cert(mem_ctx, CACHE_REQ_USER_BY_CERT, pem_cert);
- if (data == NULL) {
- return NULL;
- }
-
- return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- cache_refresh_percent,
- domain, data);
-}
-
-struct tevent_req *
-cache_req_group_by_name_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *name)
-{
- struct cache_req_data *data;
-
- data = cache_req_data_name(mem_ctx, CACHE_REQ_GROUP_BY_NAME, name);
- if (data == NULL) {
- return NULL;
- }
-
- return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- cache_refresh_percent, domain, data);
-}
-
-struct tevent_req *
-cache_req_group_by_id_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- gid_t gid)
-{
- struct cache_req_data *data;
-
- data = cache_req_data_id(mem_ctx, CACHE_REQ_GROUP_BY_ID, gid);
- if (data == NULL) {
- return NULL;
- }
-
- return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- cache_refresh_percent, domain, data);
-}
-
-struct tevent_req *
-cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *name)
-{
- struct cache_req_data *data;
-
- data = cache_req_data_name(mem_ctx, CACHE_REQ_INITGROUPS, name);
- if (data == NULL) {
- return NULL;
- }
-
- return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- cache_refresh_percent, domain, data);
-}
-
-struct tevent_req *
-cache_req_user_by_filter_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- const char *domain,
- const char *filter)
-{
- struct cache_req_data *data;
-
- data = cache_req_data_name(mem_ctx, CACHE_REQ_USER_BY_FILTER, filter);
- if (data == NULL) {
- return NULL;
- }
-
- return cache_req_steal_data_and_send(mem_ctx, ev, rctx, NULL,
- 0, domain, data);
-}
-
-struct tevent_req *
-cache_req_group_by_filter_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- const char *domain,
- const char *filter)
-{
- struct cache_req_data *data;
-
- data = cache_req_data_name(mem_ctx, CACHE_REQ_GROUP_BY_FILTER, filter);
- if (data == NULL) {
- return NULL;
- }
-
- return cache_req_steal_data_and_send(mem_ctx, ev, rctx, NULL,
- 0, domain, data);
-}
-
-struct tevent_req *
-cache_req_object_by_sid_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *sid,
- const char **attrs)
-{
- struct cache_req_data *data;
-
- data = cache_req_data_sid(mem_ctx, CACHE_REQ_OBJECT_BY_SID, sid, attrs);
- if (data == NULL) {
- return NULL;
- }
-
- return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- cache_refresh_percent, domain, data);
-}
diff --git a/src/responder/common/responder_cache_req.h b/src/responder/common/responder_cache_req.h
deleted file mode 100644
index 69fbaf416..000000000
--- a/src/responder/common/responder_cache_req.h
+++ /dev/null
@@ -1,186 +0,0 @@
-/*
- Authors:
- Pavel Březina <pbrezina@redhat.com>
-
- Copyright (C) 2014 Red Hat
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef RESPONDER_CACHE_H_
-#define RESPONDER_CACHE_H_
-
-#include <talloc.h>
-#include <tevent.h>
-#include "db/sysdb.h"
-#include "responder/common/responder.h"
-#include "responder/common/negcache.h"
-
-enum cache_req_type {
- CACHE_REQ_USER_BY_NAME,
- CACHE_REQ_USER_BY_UPN,
- CACHE_REQ_USER_BY_ID,
- CACHE_REQ_GROUP_BY_NAME,
- CACHE_REQ_GROUP_BY_ID,
- CACHE_REQ_INITGROUPS,
- CACHE_REQ_INITGROUPS_BY_UPN,
- CACHE_REQ_USER_BY_CERT,
- CACHE_REQ_USER_BY_FILTER,
- CACHE_REQ_GROUP_BY_FILTER,
- CACHE_REQ_OBJECT_BY_SID
-};
-
-struct cache_req_data;
-
-struct cache_req_data *
-cache_req_data_name(TALLOC_CTX *mem_ctx,
- enum cache_req_type type,
- const char *name);
-
-struct cache_req_data *
-cache_req_data_id(TALLOC_CTX *mem_ctx,
- enum cache_req_type type,
- uint32_t id);
-
-struct cache_req_data *
-cache_req_data_cert(TALLOC_CTX *mem_ctx,
- enum cache_req_type type,
- const char *cert);
-
-struct cache_req_data *
-cache_req_data_sid(TALLOC_CTX *mem_ctx,
- enum cache_req_type type,
- const char *sid,
- const char **attrs);
-
-struct tevent_req *cache_req_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- struct cache_req_data *data);
-
-errno_t cache_req_recv(TALLOC_CTX *mem_ctx,
- struct tevent_req *req,
- struct ldb_result **_result,
- struct sss_domain_info **_domain,
- char **_name);
-
-struct tevent_req *
-cache_req_user_by_name_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *name);
-
-#define cache_req_user_by_name_recv(mem_ctx, req, _result, _domain, _name) \
- cache_req_recv(mem_ctx, req, _result, _domain, _name)
-
-struct tevent_req *
-cache_req_user_by_id_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- uid_t uid);
-
-#define cache_req_user_by_id_recv(mem_ctx, req, _result, _domain) \
- cache_req_recv(mem_ctx, req, _result, _domain, NULL)
-
-struct tevent_req *
-cache_req_user_by_cert_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *pem_cert);
-
-#define cache_req_user_by_cert_recv(mem_ctx, req, _result, _domain, _name) \
- cache_req_recv(mem_ctx, req, _result, _domain, _name)
-
-struct tevent_req *
-cache_req_group_by_name_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *name);
-
-#define cache_req_group_by_name_recv(mem_ctx, req, _result, _domain, _name) \
- cache_req_recv(mem_ctx, req, _result, _domain, _name)
-
-struct tevent_req *
-cache_req_group_by_id_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- gid_t gid);
-
-#define cache_req_group_by_id_recv(mem_ctx, req, _result, _domain) \
- cache_req_recv(mem_ctx, req, _result, _domain, NULL)
-
-struct tevent_req *
-cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *name);
-
-#define cache_req_initgr_by_name_recv(mem_ctx, req, _result, _domain, _name) \
- cache_req_recv(mem_ctx, req, _result, _domain, _name)
-
-struct tevent_req *
-cache_req_user_by_filter_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- const char *domain,
- const char *filter);
-
-#define cache_req_user_by_filter_recv(mem_ctx, req, _result, _domain) \
- cache_req_recv(mem_ctx, req, _result, _domain, NULL)
-
-struct tevent_req *
-cache_req_group_by_filter_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- const char *domain,
- const char *filter);
-
-#define cache_req_group_by_filter_recv(mem_ctx, req, _result, _domain) \
- cache_req_recv(mem_ctx, req, _result, _domain, NULL)
-
-struct tevent_req *
-cache_req_object_by_sid_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int cache_refresh_percent,
- const char *domain,
- const char *sid,
- const char **attrs);
-
-#define cache_req_object_by_sid_recv(mem_ctx, req, _result, _domain) \
- cache_req_recv(mem_ctx, req, _result, _domain, NULL)
-
-#endif /* RESPONDER_CACHE_H_ */
generated by cgit (git 2.34.1) at 2026-03-30 05:23:07 +0000