CACHE_REQ: Add cache_req_data_set_bypass_dp() Similar to cache_req_data_set_bypass_cache() cache_req_data_set_bypass_dp() can be used to control how the cache_req framework performs the lookup. If cache_req_data_set_bypass_dp() is used with 'true' only a cache lookup is performed and no request is send to the backend even if no entry was found. Related to https://pagure.io/SSSD/sssd/issue/2478 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

CACHE_REQ: Domain type selection in cache_req Related to: https://pagure.io/SSSD/sssd/issue/3310 Adds a new enumeration cache_req_dom_type. It is a tri-state that allows the caller to select which domains can be contacted - either only POSIX, only application domains or any type. Not all plugins of cache_req have the new parameter added -- only those that are usable/useful in a non-POSIX environment. For example, it makes no sense to allow the selection for calls by ID because those are inherently POSIX-specific. Also, services or netgroups are supported only coming from POSIX domains. At the moment, the patch should not change any behaviour as all calls default to contacting POSIX domains only. Reviewed-by: Pavel Březina <pbrezina@redhat.com>

CACHE_REQ: Add cache_req_data_set_bypass_cache() This new cache_req_data method has been added because of the upcoming changes in the PAM responder. For deciding whether to contact the cache, or just query the data provider directly, PAM responder calls pam_initgr_check_timeout() which will return whether the cache entry may still be valid. The cache will be contacted only in case the cache entry is still valid, otherwise the data provider will be called. pam_initgr_check_timeout() basically checks whether the user (being looked up) is still a part of an in-memory hash table. Because the entry is a part of the hash table for really short period of time, and is automatically removed, the communication with the data provider is forced to happen quite often. As the follow-up changes should not modify this behaviour, this function was introduced so we can still call pam_initgr_check_timeout() and pass its result to the cache_req call that will perform the lookup. Related: https://fedorahosted.org/sssd/ticket/1126 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

cache_req: add host by name search Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

cache_req: search user by name with attrs Sometime is is desirable to aquire more attribute from user object than SYSDB_PW_ATTRS set. such as user's public key. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

cache_req: add object by id This request returns either user or group object. Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: add object by name This request returns either user or group object. Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: allow to return well known object as result When we are looking name by sid or sid by name we want to be also able to translate well known sid/name into its pair equivalent. This adds the ability to mock cache_req_result if a well known object is found. Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: allow shallow copy of result For enumeration purpose, we want to limit the number of returned results This is a preparation for changes in NSS responder. Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: add support for netgroups Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: add support for services enumeration Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: add support for service by port Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: add support for service by name Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: add group enumeration Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: add user enumeration Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: encapsulate output data into structure In enumeration calls we want to get objects from all domains, not only from the first matched domain. We move the cache search result into a structure that contains combination of domain and ldb_result. This is preparation for enumeration support inside cache_req. Resolves: https://fedorahosted.org/sssd/ticket/3151 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

cache_req: move from switch to plugins, add plugins This patch adds all existing functionality into plugins. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

cache_req: move from switch to plugins; add logic cache_req grown quite big from the original code and it turned out that using switch statements to branch code for different cases makes the code quite hard to read and further extend and any modification to the logic itself is difficult. This patch changes the switch statements to plugins with small functions and separates logic into multiple modules. This gives us better control over the code and improves readability and maintainability while keeping code duplication to minimum. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Petr Cech <pcech@redhat.com>