From d0faaf01fd24a935d9779032886d228b3861fa48 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Tue, 28 Jun 2016 14:43:33 +0200 Subject: IFP: Amend the InfoPipe responder for fqdns Parses the internal sysdb names and puts them on the bus using the sss_output_name() helper. Previously, the raw sysdb names were used. Reviewed-by: Sumit Bose --- src/responder/ifp/ifp_groups.c | 18 +++++++- src/responder/ifp/ifp_private.h | 8 ++++ src/responder/ifp/ifp_users.c | 41 +++++++++++++++++- src/responder/ifp/ifpsrv_cmd.c | 63 ++++++++++++++++++--------- src/responder/ifp/ifpsrv_util.c | 96 +++++++++++++++++++++++++++++++++++++++++ 5 files changed, 204 insertions(+), 22 deletions(-) (limited to 'src/responder') diff --git a/src/responder/ifp/ifp_groups.c b/src/responder/ifp/ifp_groups.c index 363598843..babd8ec3f 100644 --- a/src/responder/ifp/ifp_groups.c +++ b/src/responder/ifp/ifp_groups.c @@ -701,18 +701,34 @@ void ifp_groups_group_get_name(struct sbus_request *sbus_req, void *data, const char **_out) { + struct ifp_ctx *ifp_ctx; struct ldb_message *msg; struct sss_domain_info *domain; + const char *in_name; errno_t ret; + *_out = NULL; + + ifp_ctx = talloc_get_type(data, struct ifp_ctx); + if (ifp_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "Invalid pointer!\n"); + return; + } + ret = ifp_groups_group_get(sbus_req, data, NULL, &domain, &msg); if (ret != EOK) { *_out = NULL; return; } - *_out = sss_view_ldb_msg_find_attr_as_string(domain, msg, SYSDB_NAME, NULL); + in_name = sss_view_ldb_msg_find_attr_as_string(domain, msg, + SYSDB_NAME, NULL); + if (in_name == NULL) { + DEBUG(SSSDBG_OP_FAILURE, "No name?\n"); + return; + } + *_out = ifp_format_name_attr(sbus_req, ifp_ctx, in_name, domain); return; } diff --git a/src/responder/ifp/ifp_private.h b/src/responder/ifp/ifp_private.h index 17e3703b4..e800070a5 100644 --- a/src/responder/ifp/ifp_private.h +++ b/src/responder/ifp/ifp_private.h @@ -102,4 +102,12 @@ struct ifp_list_ctx *ifp_list_ctx_new(struct sbus_request *sbus_req, size_t ifp_list_ctx_remaining_capacity(struct ifp_list_ctx *list_ctx, size_t entries); +errno_t ifp_ldb_el_output_name(struct resp_ctx *rctx, + struct ldb_message *msg, + const char *el_name, + struct sss_domain_info *dom); + +char *ifp_format_name_attr(TALLOC_CTX *mem_ctx, struct ifp_ctx *ifp_ctx, + const char *in_name, struct sss_domain_info *dom); + #endif /* _IFPSRV_PRIVATE_H_ */ diff --git a/src/responder/ifp/ifp_users.c b/src/responder/ifp/ifp_users.c index e16ee6500..5481413ef 100644 --- a/src/responder/ifp/ifp_users.c +++ b/src/responder/ifp/ifp_users.c @@ -588,6 +588,45 @@ static void ifp_users_get_as_string(struct sbus_request *sbus_req, return; } +static void ifp_users_get_name(struct sbus_request *sbus_req, + void *data, + const char *attr, + const char **_out) +{ + struct ifp_ctx *ifp_ctx; + struct ldb_message *msg; + struct sss_domain_info *domain; + const char *in_name; + errno_t ret; + + *_out = NULL; + + ifp_ctx = talloc_get_type(data, struct ifp_ctx); + if (ifp_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "Invalid pointer!\n"); + return; + } + + if (!ifp_is_user_attr_allowed(ifp_ctx, attr)) { + DEBUG(SSSDBG_TRACE_ALL, "Attribute %s is not allowed\n", attr); + return; + } + + ret = ifp_users_user_get(sbus_req, ifp_ctx, NULL, &domain, &msg); + if (ret != EOK) { + return; + } + + in_name = sss_view_ldb_msg_find_attr_as_string(domain, msg, attr, NULL); + if (in_name == NULL) { + DEBUG(SSSDBG_OP_FAILURE, "No name?\n"); + return; + } + + *_out = ifp_format_name_attr(sbus_req, ifp_ctx, in_name, domain); + return; +} + static void ifp_users_get_as_uint32(struct sbus_request *sbus_req, void *data, const char *attr, @@ -697,7 +736,7 @@ void ifp_users_user_get_name(struct sbus_request *sbus_req, void *data, const char **_out) { - ifp_users_get_as_string(sbus_req, data, SYSDB_NAME, _out); + ifp_users_get_name(sbus_req, data, SYSDB_NAME, _out); } void ifp_users_user_get_uid_number(struct sbus_request *sbus_req, diff --git a/src/responder/ifp/ifpsrv_cmd.c b/src/responder/ifp/ifpsrv_cmd.c index fd9ad8230..97fad47e9 100644 --- a/src/responder/ifp/ifpsrv_cmd.c +++ b/src/responder/ifp/ifpsrv_cmd.c @@ -372,7 +372,7 @@ ifp_user_get_groups_reply(struct sss_domain_info *domain, int i, num; const char *name; const char **groupnames; - const char *tmpstr; + char *out_name; /* one less, the first one is the user entry */ num = res->count - 1; @@ -390,23 +390,21 @@ ifp_user_get_groups_reply(struct sss_domain_info *domain, continue; } - if (ireq->ifp_ctx->rctx->override_space != '\0') { - tmpstr = sss_replace_space(ireq, name, - ireq->ifp_ctx->rctx->override_space); - if (tmpstr == NULL) { - DEBUG(SSSDBG_MINOR_FAILURE, "Cannot normalize %s\n", name); + out_name = sss_output_name(ireq, name, domain->case_preserve, + ireq->ifp_ctx->rctx->override_space); + if (out_name == NULL) { + continue; + } + + if (domain->fqnames) { + groupnames[i] = sss_tc_fqname(groupnames, domain->names, + domain, out_name); + if (out_name == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "sss_tc_fqname failed\n"); continue; } } else { - tmpstr = name; - } - - groupnames[i] = sss_get_cased_name(groupnames, tmpstr, - domain->case_preserve); - if (groupnames[i] == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, - "sss_get_cased_name failed, skipping\n"); - continue; + groupnames[i] = talloc_steal(groupnames, out_name); } DEBUG(SSSDBG_TRACE_FUNC, "Adding group %s\n", groupnames[i]); @@ -422,7 +420,7 @@ struct ifp_user_get_attr_state { enum sss_dp_acct_type search_type; - char *name; + char *inp_name; char *domname; struct sss_domain_info *dom; @@ -483,7 +481,8 @@ ifp_user_get_attr_lookup(struct tevent_req *subreq) req = tevent_req_callback_data(subreq, struct tevent_req); state = tevent_req_data(req, struct ifp_user_get_attr_state); - ret = sss_parse_inp_recv(subreq, state, &state->name, &state->domname); + ret = sss_parse_inp_recv(subreq, state, + &state->inp_name, &state->domname); talloc_zfree(subreq); if (ret != EOK) { tevent_req_error(req, ret); @@ -492,10 +491,12 @@ ifp_user_get_attr_lookup(struct tevent_req *subreq) switch (state->search_type) { case SSS_DP_USER: - data = cache_req_data_name(state, CACHE_REQ_USER_BY_NAME, state->name); + data = cache_req_data_name(state, CACHE_REQ_USER_BY_NAME, + state->inp_name); break; case SSS_DP_INITGROUPS: - data = cache_req_data_name(state, CACHE_REQ_INITGROUPS, state->name); + data = cache_req_data_name(state, CACHE_REQ_INITGROUPS, + state->inp_name); break; default: DEBUG(SSSDBG_CRIT_FAILURE, "Unsupported search type [%d]!\n", @@ -524,6 +525,7 @@ static void ifp_user_get_attr_done(struct tevent_req *subreq) struct ifp_user_get_attr_state *state = NULL; struct tevent_req *req = NULL; errno_t ret; + char *fqdn; req = tevent_req_callback_data(subreq, struct tevent_req); state = tevent_req_data(req, struct ifp_user_get_attr_state); @@ -535,11 +537,18 @@ static void ifp_user_get_attr_done(struct tevent_req *subreq) return; } + fqdn = sss_create_internal_fqname(state, state->inp_name, + state->dom->name); + if (fqdn == NULL) { + tevent_req_error(req, ENOMEM); + return; + } + if (state->search_type == SSS_DP_USER) { /* throw away the result and perform attr search */ talloc_zfree(state->res); - ret = sysdb_get_user_attr_with_views(state, state->dom, state->name, + ret = sysdb_get_user_attr_with_views(state, state->dom, fqdn, state->attrs, &state->res); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_get_user_attr_with_views() " @@ -557,6 +566,20 @@ static void ifp_user_get_attr_done(struct tevent_req *subreq) } } + ret = ifp_ldb_el_output_name(state->rctx, state->res->msgs[0], + SYSDB_NAME, state->dom); + if (ret != EOK) { + tevent_req_error(req, ret); + return; + } + + ret = ifp_ldb_el_output_name(state->rctx, state->res->msgs[0], + SYSDB_NAME_ALIAS, state->dom); + if (ret != EOK) { + tevent_req_error(req, ret); + return; + } + tevent_req_done(req); } diff --git a/src/responder/ifp/ifpsrv_util.c b/src/responder/ifp/ifpsrv_util.c index 904c4f62e..5866d30d8 100644 --- a/src/responder/ifp/ifpsrv_util.c +++ b/src/responder/ifp/ifpsrv_util.c @@ -323,3 +323,99 @@ size_t ifp_list_ctx_remaining_capacity(struct ifp_list_ctx *list_ctx, return entries; } } + +errno_t ifp_ldb_el_output_name(struct resp_ctx *rctx, + struct ldb_message *msg, + const char *el_name, + struct sss_domain_info *dom) +{ + struct ldb_message_element *el; + char *in_name; + char *out_name; + errno_t ret; + char *name; + TALLOC_CTX *tmp_ctx; + + el = ldb_msg_find_element(msg, el_name); + if (el == NULL) { + return EOK; + } + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + return ENOMEM; + } + + for (size_t c = 0; c < el->num_values; c++) { + in_name = (char *) el->values[c].data; + ret = sss_parse_internal_fqname(tmp_ctx, in_name, &name, NULL); + if (ret != EOK) { + goto done; + } + + out_name = sss_output_name(tmp_ctx, in_name, dom->case_preserve, + rctx->override_space); + if (out_name == NULL) { + ret = EIO; + goto done; + } + + if (dom->fqnames) { + out_name = sss_tc_fqname(tmp_ctx, dom->names, dom, out_name); + if (out_name == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "sss_tc_fqname failed\n"); + ret = ENOMEM; + goto done; + } + } + + talloc_free(el->values[c].data); + el->values[c].data = (uint8_t *) talloc_steal(el->values, out_name); + el->values[c].length = strlen(out_name); + } + + ret = EOK; +done: + talloc_free(tmp_ctx); + return ret; +} + +char *ifp_format_name_attr(TALLOC_CTX *mem_ctx, struct ifp_ctx *ifp_ctx, + const char *in_name, struct sss_domain_info *dom) +{ + TALLOC_CTX *tmp_ctx; + char *out_name; + char *ret_name = NULL; + char *shortname; + errno_t ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + return NULL; + } + + ret = sss_parse_internal_fqname(tmp_ctx, in_name, &shortname, NULL); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, "Unparseable name %s\n", in_name); + goto done; + } + + out_name = sss_output_name(tmp_ctx, in_name, dom->case_preserve, + ifp_ctx->rctx->override_space); + if (out_name == NULL) { + goto done; + } + + if (dom->fqnames) { + out_name = sss_tc_fqname(tmp_ctx, dom->names, dom, out_name); + if (out_name == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "sss_tc_fqname failed\n"); + goto done; + } + } + + ret_name = talloc_steal(mem_ctx, out_name); +done: + talloc_free(tmp_ctx); + return ret_name; +} -- cgit