summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2013-04-19 11:54:14 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-05-02 19:33:56 +0200
commit498dcbdfdfffa1aee65d53e83c7eafd5e3b084a5 (patch)
treed8713f11a64febeec3704a250f90e0a8dadeac1b /src
parentf427b36b0cecc426856ab3f77a9c684ac355659d (diff)
downloadsssd-498dcbdfdfffa1aee65d53e83c7eafd5e3b084a5.tar.gz
sssd-498dcbdfdfffa1aee65d53e83c7eafd5e3b084a5.tar.xz
sssd-498dcbdfdfffa1aee65d53e83c7eafd5e3b084a5.zip
Add responder_get_domain_by_id()
This new call is similar to responder_get_domain() but uses the domain SID as search parameter. Since the length of the stored domain SID is used in the comparison, SIDs of users and groups and be used directly without stripping the RID component. The functionality is not merged into responder_get_domain() to allow to calculate the timeout correctly and return a specific error code if the entry is expired.
Diffstat (limited to 'src')
-rw-r--r--src/responder/common/responder.h3
-rw-r--r--src/responder/common/responder_common.c49
2 files changed, 52 insertions, 0 deletions
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
index 9c540412..68b4ebb2 100644
--- a/src/responder/common/responder.h
+++ b/src/responder/common/responder.h
@@ -171,6 +171,9 @@ int sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain,
struct sss_domain_info *
responder_get_domain(struct resp_ctx *rctx, const char *domain);
+errno_t responder_get_domain_by_id(struct resp_ctx *rctx, const char *id,
+ struct sss_domain_info **_ret_dom);
+
/* responder_cmd.c */
int sss_cmd_empty_packet(struct sss_packet *packet);
int sss_cmd_send_empty(struct cli_ctx *cctx, TALLOC_CTX *freectx);
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index 008d622d..54701d6f 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -923,6 +923,55 @@ responder_get_domain(struct resp_ctx *rctx, const char *name)
return ret_dom;
}
+errno_t responder_get_domain_by_id(struct resp_ctx *rctx, const char *id,
+ struct sss_domain_info **_ret_dom)
+{
+ struct sss_domain_info *dom;
+ struct sss_domain_info *ret_dom = NULL;
+ size_t id_len;
+ size_t dom_id_len;
+ int ret;
+
+ if (id == NULL || _ret_dom == NULL) {
+ return EINVAL;
+ }
+
+ id_len = strlen(id);
+
+ for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ if (dom->disabled || dom->domain_id == NULL) {
+ continue;
+ }
+
+ dom_id_len = strlen(dom->domain_id);
+ if ((id_len >= dom_id_len) &&
+ strncasecmp(dom->domain_id, id, dom_id_len) == 0) {
+ if (IS_SUBDOMAIN(dom) &&
+ ((time(NULL) - dom->parent->subdomains_last_checked.tv_sec) >
+ rctx->domains_timeout)) {
+ DEBUG(SSSDBG_TRACE_FUNC, ("Domain entry with id [%s] " \
+ "is expired.\n", id));
+ ret = EAGAIN;
+ goto done;
+ }
+ ret_dom = dom;
+ break;
+ }
+ }
+
+ if (ret_dom == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Unknown domain id [%s], checking for"
+ "possible subdomains!\n", id));
+ ret = ENOENT;
+ } else {
+ *_ret_dom = ret_dom;
+ ret = EOK;
+ }
+
+done:
+ return ret;
+}
+
int responder_logrotate(DBusMessage *message,
struct sbus_connection *conn)
{