sysdb_search.c revision 2d66c2eee2e4364a52d5436b61759ef990108230
5a580c3a38ced62d4bcc95b8ac7c4f2935b5d294Timo Sirainen/*
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch SSSD
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch System Database
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
aacf2a69acc59e9382578d6f4e030788abc79706Timo Sirainen This program is free software; you can redistribute it and/or modify
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch it under the terms of the GNU General Public License as published by
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch the Free Software Foundation; either version 3 of the License, or
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch (at your option) any later version.
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch This program is distributed in the hope that it will be useful,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch but WITHOUT ANY WARRANTY; without even the implied warranty of
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch GNU General Public License for more details.
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch You should have received a copy of the GNU General Public License
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch along with this program. If not, see <http://www.gnu.org/licenses/>.
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch*/
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "util/util.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "db/sysdb_private.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "confdb/confdb.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include <time.h>
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include <ctype.h>
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch/* users */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschint sysdb_getpwnam(TALLOC_CTX *mem_ctx,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct sysdb_ctx *sysdb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct sss_domain_info *domain,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch const char *name,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result **_res)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch TALLOC_CTX *tmp_ctx;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch static const char *attrs[] = SYSDB_PW_ATTRS;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_dn *base_dn;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result *res;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch char *sanitized_name;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch const char *src_name;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch int ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch tmp_ctx = talloc_new(NULL);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!tmp_ctx) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch SYSDB_TMPL_USER_BASE, domain->name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!base_dn) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch /* If this is a subomain we need to use fully qualified names for the
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch * search as well by default */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (domain->parent && domain->fqnames) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch src_name = talloc_asprintf(tmp_ctx, domain->names->fq_fmt,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch name, domain->name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch } else {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = EINVAL;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch src_name = name;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!src_name) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = sss_filter_sanitize(tmp_ctx, src_name, &sanitized_name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret != EOK) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch LDB_SCOPE_SUBTREE, attrs, SYSDB_PWNAM_FILTER,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch sanitized_name, sanitized_name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = sysdb_error_to_errno(ret);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch *_res = talloc_steal(mem_ctx, res);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschdone:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch talloc_zfree(tmp_ctx);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschint sysdb_getpwuid(TALLOC_CTX *mem_ctx,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct sysdb_ctx *sysdb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct sss_domain_info *domain,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch uid_t uid,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result **_res)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch TALLOC_CTX *tmp_ctx;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch unsigned long int ul_uid = uid;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch static const char *attrs[] = SYSDB_PW_ATTRS;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_dn *base_dn;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result *res;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch int ret;
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch tmp_ctx = talloc_new(NULL);
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen if (!tmp_ctx) {
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen return ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch SYSDB_TMPL_USER_BASE, domain->name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!base_dn) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch LDB_SCOPE_SUBTREE, attrs, SYSDB_PWUID_FILTER, ul_uid);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = sysdb_error_to_errno(ret);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainen
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainen *_res = talloc_steal(mem_ctx, res);
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainen
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainendone:
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainen talloc_zfree(tmp_ctx);
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainen return ret;
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainen}
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainen
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainenint sysdb_enumpwent(TALLOC_CTX *mem_ctx,
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainen struct sysdb_ctx *sysdb,
415e16c3dc185578695b7d88e561a52de6c8b1b1Timo Sirainen struct ldb_result **_res)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch TALLOC_CTX *tmp_ctx;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch static const char *attrs[] = SYSDB_PW_ATTRS;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_dn *base_dn;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result *res;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch int ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch tmp_ctx = talloc_new(NULL);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!tmp_ctx) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch SYSDB_TMPL_USER_BASE, sysdb->domain->name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!base_dn) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ENOMEM;
e1339aaa8ee91c233da5e08db67cbf4a2938624eTimo Sirainen goto done;
e1339aaa8ee91c233da5e08db67cbf4a2938624eTimo Sirainen }
e1339aaa8ee91c233da5e08db67cbf4a2938624eTimo Sirainen
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch LDB_SCOPE_SUBTREE, attrs, SYSDB_PWENT_FILTER);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = sysdb_error_to_errno(ret);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch *_res = talloc_steal(mem_ctx, res);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschdone:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch talloc_zfree(tmp_ctx);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch/* groups */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschstatic int mpg_convert(struct ldb_message *msg)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_message_element *el;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_val *val;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch int i;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch el = ldb_msg_find_element(msg, "objectClass");
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!el) return EINVAL;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch /* see if this is a user to convert to a group */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch for (i = 0; i < el->num_values; i++) {
18d2775f815cdeed9bc1a2da078e682f5d354cf9Timo Sirainen val = &(el->values[i]);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (strncasecmp(SYSDB_USER_CLASS,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch (char *)val->data, val->length) == 0) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch break;
18d2775f815cdeed9bc1a2da078e682f5d354cf9Timo Sirainen }
18d2775f815cdeed9bc1a2da078e682f5d354cf9Timo Sirainen }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch /* no, leave as is */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (i == el->num_values) return EOK;
18d2775f815cdeed9bc1a2da078e682f5d354cf9Timo Sirainen
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch /* yes, convert */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch val->data = (uint8_t *)talloc_strdup(msg, SYSDB_GROUP_CLASS);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (val->data == NULL) return ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch val->length = strlen(SYSDB_GROUP_CLASS);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return EOK;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschstatic int mpg_res_convert(struct ldb_result *res)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch int ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch int i;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
18d2775f815cdeed9bc1a2da078e682f5d354cf9Timo Sirainen for (i = 0; i < res->count; i++) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = mpg_convert(res->msgs[i]);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return EOK;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschint sysdb_getgrnam(TALLOC_CTX *mem_ctx,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct sysdb_ctx *sysdb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct sss_domain_info *domain,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch const char *name,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result **_res)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch TALLOC_CTX *tmp_ctx;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch static const char *attrs[] = SYSDB_GRSRC_ATTRS;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch const char *fmt_filter;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch char *sanitized_name;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_dn *base_dn;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result *res;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch const char *src_name;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch int ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch tmp_ctx = talloc_new(NULL);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!tmp_ctx) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (sysdb->mpg) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch fmt_filter = SYSDB_GRNAM_MPG_FILTER;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch SYSDB_DOM_BASE, domain->name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch } else {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch fmt_filter = SYSDB_GRNAM_FILTER;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch SYSDB_TMPL_GROUP_BASE, domain->name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!base_dn) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch /* If this is a subomain we need to use fully qualified names for the
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch * search as well by default */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (domain->parent && domain->fqnames) {
eb325a5a90c1d2655e74972bde0de6a699d2c864Stephan Bosch ret = ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch src_name = talloc_asprintf(tmp_ctx, domain->names->fq_fmt,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch name, domain->name);
18d2775f815cdeed9bc1a2da078e682f5d354cf9Timo Sirainen } else {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = EINVAL;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch src_name = name;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!src_name) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = sss_filter_sanitize(tmp_ctx, src_name, &sanitized_name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret != EOK) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch LDB_SCOPE_SUBTREE, attrs, fmt_filter,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch sanitized_name, sanitized_name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = sysdb_error_to_errno(ret);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = mpg_res_convert(res);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch *_res = talloc_steal(mem_ctx, res);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschdone:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch talloc_zfree(tmp_ctx);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen
7384b4e78eaab44693c985192276e31322155e32Stephan Boschint sysdb_getgrgid(TALLOC_CTX *mem_ctx,
a45c5bbebf7cb03dd6a24c37f6c175ec00690839Timo Sirainen struct sysdb_ctx *sysdb,
a45c5bbebf7cb03dd6a24c37f6c175ec00690839Timo Sirainen struct sss_domain_info *domain,
aacf2a69acc59e9382578d6f4e030788abc79706Timo Sirainen gid_t gid,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result **_res)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch TALLOC_CTX *tmp_ctx;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch unsigned long int ul_gid = gid;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch static const char *attrs[] = SYSDB_GRSRC_ATTRS;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch const char *fmt_filter;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_dn *base_dn;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result *res;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch int ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch tmp_ctx = talloc_new(NULL);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!tmp_ctx) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ENOMEM;
57e1401ef9cef3c4a7d8a3c19a022ac1842bd009Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (sysdb->mpg) {
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen fmt_filter = SYSDB_GRGID_MPG_FILTER;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch SYSDB_DOM_BASE, domain->name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch } else {
57e1401ef9cef3c4a7d8a3c19a022ac1842bd009Stephan Bosch fmt_filter = SYSDB_GRGID_FILTER;
57e1401ef9cef3c4a7d8a3c19a022ac1842bd009Stephan Bosch base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
57e1401ef9cef3c4a7d8a3c19a022ac1842bd009Stephan Bosch SYSDB_TMPL_GROUP_BASE, domain->name);
57e1401ef9cef3c4a7d8a3c19a022ac1842bd009Stephan Bosch }
57e1401ef9cef3c4a7d8a3c19a022ac1842bd009Stephan Bosch if (!base_dn) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch LDB_SCOPE_SUBTREE, attrs, fmt_filter, ul_gid);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = sysdb_error_to_errno(ret);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = mpg_res_convert(res);
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch *_res = talloc_steal(mem_ctx, res);
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainendone:
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen talloc_zfree(tmp_ctx);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ret;
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen}
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainenint sysdb_enumgrent(TALLOC_CTX *mem_ctx,
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen struct sysdb_ctx *sysdb,
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen struct ldb_result **_res)
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch TALLOC_CTX *tmp_ctx;
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen static const char *attrs[] = SYSDB_GRSRC_ATTRS;
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen const char *fmt_filter;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_dn *base_dn;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result *res;
eb325a5a90c1d2655e74972bde0de6a699d2c864Stephan Bosch int ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch tmp_ctx = talloc_new(NULL);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!tmp_ctx) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen if (sysdb->mpg) {
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen fmt_filter = SYSDB_GRENT_MPG_FILTER;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch SYSDB_DOM_BASE, sysdb->domain->name);
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen } else {
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen fmt_filter = SYSDB_GRENT_FILTER;
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen SYSDB_TMPL_GROUP_BASE, sysdb->domain->name);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!base_dn) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = ENOMEM;
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen goto done;
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen }
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen ret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen LDB_SCOPE_SUBTREE, attrs, "%s", fmt_filter);
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = sysdb_error_to_errno(ret);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret = mpg_res_convert(res);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (ret) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch *_res = talloc_steal(mem_ctx, res);
92e011227877493a1b6a5a38863aabde7e07bd76Timo Sirainen
7384b4e78eaab44693c985192276e31322155e32Stephan Boschdone:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch talloc_zfree(tmp_ctx);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschint sysdb_initgroups(TALLOC_CTX *mem_ctx,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct sysdb_ctx *sysdb,
aacf2a69acc59e9382578d6f4e030788abc79706Timo Sirainen const char *name,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_result **_res)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch TALLOC_CTX *tmp_ctx;
aacf2a69acc59e9382578d6f4e030788abc79706Timo Sirainen struct ldb_result *res;
aacf2a69acc59e9382578d6f4e030788abc79706Timo Sirainen struct ldb_dn *user_dn;
aacf2a69acc59e9382578d6f4e030788abc79706Timo Sirainen struct ldb_request *req;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_control **ctrl;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch struct ldb_asq_control *control;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch static const char *attrs[] = SYSDB_INITGR_ATTRS;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch int ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch tmp_ctx = talloc_new(NULL);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (!tmp_ctx) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch return ENOMEM;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen ret = sysdb_getpwnam(tmp_ctx, sysdb, sysdb->domain, name, &res);
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen if (ret != EOK) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch DEBUG(1, ("sysdb_getpwnam failed: [%d][%s]\n",
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch ret, strerror(ret)));
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch if (res->count == 0) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch /* User is not cached yet */
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen *_res = talloc_steal(mem_ctx, res);
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen ret = EOK;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch goto done;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen } else if (res->count != 1) {
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen ret = EIO;
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen DEBUG(1, ("sysdb_getpwnam returned count: [%d]\n", res->count));
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen goto done;
6bc9fb43cc1ac24693d030a6cbfa43bc7cbc82cbTimo Sirainen }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
/* no need to steal the dn, we are not freeing the result */
user_dn = res->msgs[0]->dn;
/* note we count on the fact that the default search callback
* will just keep appending values. This is by design and can't
* change so it is ok to already have a result (from the getpwnam)
* even before we call the next search */
ctrl = talloc_array(tmp_ctx, struct ldb_control *, 2);
if (!ctrl) {
ret = ENOMEM;
goto done;
}
ctrl[1] = NULL;
ctrl[0] = talloc(ctrl, struct ldb_control);
if (!ctrl[0]) {
ret = ENOMEM;
goto done;
}
ctrl[0]->oid = LDB_CONTROL_ASQ_OID;
ctrl[0]->critical = 1;
control = talloc(ctrl[0], struct ldb_asq_control);
if (!control) {
ret = ENOMEM;
goto done;
}
control->request = 1;
control->source_attribute = talloc_strdup(control, SYSDB_INITGR_ATTR);
if (!control->source_attribute) {
ret = ENOMEM;
goto done;
}
control->src_attr_len = strlen(control->source_attribute);
ctrl[0]->data = control;
ret = ldb_build_search_req(&req, sysdb->ldb, tmp_ctx,
user_dn, LDB_SCOPE_BASE,
SYSDB_INITGR_FILTER, attrs, ctrl,
res, ldb_search_default_callback,
NULL);
if (ret != LDB_SUCCESS) {
ret = sysdb_error_to_errno(ret);
goto done;
}
ret = ldb_request(sysdb->ldb, req);
if (ret == LDB_SUCCESS) {
ret = ldb_wait(req->handle, LDB_WAIT_ALL);
}
if (ret != LDB_SUCCESS) {
ret = sysdb_error_to_errno(ret);
goto done;
}
*_res = talloc_steal(mem_ctx, res);
done:
talloc_zfree(tmp_ctx);
return ret;
}
int sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
const char *name,
const char **attributes,
struct ldb_result **_res)
{
TALLOC_CTX *tmp_ctx;
struct ldb_dn *base_dn;
struct ldb_result *res;
char *sanitized_name;
int ret;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
return ENOMEM;
}
base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
SYSDB_TMPL_USER_BASE, sysdb->domain->name);
if (!base_dn) {
ret = ENOMEM;
goto done;
}
ret = sss_filter_sanitize(tmp_ctx, name, &sanitized_name);
if (ret != EOK) {
goto done;
}
ret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
LDB_SCOPE_SUBTREE, attributes,
SYSDB_PWNAM_FILTER, sanitized_name,
sanitized_name);
if (ret) {
ret = sysdb_error_to_errno(ret);
goto done;
}
*_res = talloc_steal(mem_ctx, res);
done:
talloc_zfree(tmp_ctx);
return ret;
}
/* This function splits a three-tuple into three strings
* It assumes that any whitespace between the parentheses
* and commas are intentional and does not attempt to
* strip them out. Leading and trailing whitespace is
* ignored.
*
* This behavior is compatible with nss_ldap's
* implementation.
*/
static errno_t sysdb_netgr_split_triple(TALLOC_CTX *mem_ctx,
const char *triple,
char **hostname,
char **username,
char **domainname)
{
errno_t ret;
TALLOC_CTX *tmp_ctx;
const char *p = triple;
const char *p_host;
const char *p_user;
const char *p_domain;
size_t len;
char *host = NULL;
char *user = NULL;
char *domain = NULL;
/* Pre-set the values to NULL here so if they are not
* copied, we don't return garbage below.
*/
*hostname = NULL;
*username = NULL;
*domainname = NULL;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
return ENOMEM;
}
/* Remove any leading whitespace */
while (*p && isspace(*p)) p++;
if (*p != '(') {
/* Triple must start and end with parentheses */
ret = EINVAL;
goto done;
}
p++;
p_host = p;
/* Find the first comma */
while (*p && *p != ',') p++;
if (!*p) {
/* No comma was found: parse error */
ret = EINVAL;
goto done;
}
len = p - p_host;
if (len > 0) {
/* Copy the host string */
host = talloc_strndup(tmp_ctx, p_host, len);
if (!host) {
ret = ENOMEM;
goto done;
}
}
p++;
p_user = p;
/* Find the second comma */
while (*p && *p != ',') p++;
if (!*p) {
/* No comma was found: parse error */
ret = EINVAL;
goto done;
}
len = p - p_user;
if (len > 0) {
/* Copy the user string */
user = talloc_strndup(tmp_ctx, p_user, len);
if (!user) {
ret = ENOMEM;
goto done;
}
}
p++;
p_domain = p;
/* Find the closing parenthesis */
while (*p && *p != ')') p++;
if (*p != ')') {
/* No trailing parenthesis: parse error */
ret = EINVAL;
goto done;
}
len = p - p_domain;
if (len > 0) {
/* Copy the domain string */
domain = talloc_strndup(tmp_ctx, p_domain, len);
if (!domain) {
ret = ENOMEM;
goto done;
}
}
p++;
/* skip trailing whitespace */
while (*p && isspace(*p)) p++;
if (*p) {
/* Extra data after the closing parenthesis
* is a parse error
*/
ret = EINVAL;
goto done;
}
/* Return any non-NULL values */
if (host) {
*hostname = talloc_steal(mem_ctx, host);
}
if (user) {
*username = talloc_steal(mem_ctx, user);
}
if (domain) {
*domainname = talloc_steal(mem_ctx, domain);
}
ret = EOK;
done:
talloc_free(tmp_ctx);
return ret;
}
errno_t sysdb_netgr_to_entries(TALLOC_CTX *mem_ctx,
struct ldb_result *res,
struct sysdb_netgroup_ctx ***entries)
{
errno_t ret;
size_t size = 0;
size_t c = 0;
char *triple_str;
TALLOC_CTX *tmp_ctx;
struct sysdb_netgroup_ctx **tmp_entry = NULL;
struct ldb_message_element *el;
int i, j;
if(!res || res->count == 0) {
return ENOENT;
}
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
return ENOMEM;
}
for (i=0; i < res->count; i++) {
el = ldb_msg_find_element(res->msgs[i], SYSDB_NETGROUP_TRIPLE);
if (el != NULL) {
size += el->num_values;
}
el = ldb_msg_find_element(res->msgs[i], SYSDB_NETGROUP_MEMBER);
if (el != NULL) {
size += el->num_values;
}
}
tmp_entry = talloc_array(tmp_ctx, struct sysdb_netgroup_ctx *, size + 1);
if (tmp_entry == NULL) {
ret = ENOMEM;
goto done;
}
if (size != 0) {
for (i=0; i < res->count; i++) {
el = ldb_msg_find_element(res->msgs[i], SYSDB_NETGROUP_TRIPLE);
if (el != NULL) {
/* Copy in all of the entries */
for(j = 0; j < el->num_values; j++) {
triple_str = talloc_strndup(tmp_ctx,
(const char *)el->values[j].data,
el->values[j].length);
if (!triple_str) {
ret = ENOMEM;
goto done;
}
tmp_entry[c] = talloc_zero(tmp_entry,
struct sysdb_netgroup_ctx);
if (!tmp_entry[c]) {
ret = ENOMEM;
goto done;
}
tmp_entry[c]->type = SYSDB_NETGROUP_TRIPLE_VAL;
ret = sysdb_netgr_split_triple(tmp_entry[c],
triple_str,
&tmp_entry[c]->value.triple.hostname,
&tmp_entry[c]->value.triple.username,
&tmp_entry[c]->value.triple.domainname);
if (ret != EOK) {
goto done;
}
c++;
}
}
el = ldb_msg_find_element(res->msgs[i], SYSDB_NETGROUP_MEMBER);
if (el != NULL) {
for(j = 0; j < el->num_values; j++) {
tmp_entry[c] = talloc_zero(tmp_entry,
struct sysdb_netgroup_ctx);
if (!tmp_entry[c]) {
ret = ENOMEM;
goto done;
}
tmp_entry[c]->type = SYSDB_NETGROUP_GROUP_VAL;
tmp_entry[c]->value.groupname = talloc_strndup(tmp_entry[c],
(const char *)el->values[j].data,
el->values[j].length);
if (tmp_entry[c]->value.groupname == NULL) {
ret = ENOMEM;
goto done;
}
c++;
}
}
}
}
/* Add NULL terminator */
tmp_entry[c] = NULL;
*entries = talloc_steal(mem_ctx, tmp_entry);
ret = EOK;
done:
talloc_free(tmp_ctx);
return ret;
}
errno_t sysdb_getnetgr(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
const char *netgroup,
struct ldb_result **res)
{
TALLOC_CTX *tmp_ctx;
static const char *attrs[] = SYSDB_NETGR_ATTRS;
struct ldb_dn *base_dn;
struct ldb_result *result;
char *sanitized_netgroup;
char *netgroup_dn;
int lret;
errno_t ret;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
return ENOMEM;
}
base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
SYSDB_TMPL_NETGROUP_BASE,
sysdb->domain->name);
if (!base_dn) {
ret = ENOMEM;
goto done;
}
ret = sss_filter_sanitize(tmp_ctx, netgroup, &sanitized_netgroup);
if (ret != EOK) {
goto done;
}
netgroup_dn = talloc_asprintf(tmp_ctx, SYSDB_TMPL_NETGROUP,
sanitized_netgroup, sysdb->domain->name);
if (!netgroup_dn) {
ret = ENOMEM;
goto done;
}
lret = ldb_search(sysdb->ldb, tmp_ctx, &result, base_dn,
LDB_SCOPE_SUBTREE, attrs,
SYSDB_NETGR_TRIPLES_FILTER,
sanitized_netgroup, sanitized_netgroup,
netgroup_dn);
ret = sysdb_error_to_errno(lret);
if (ret != EOK) {
goto done;
}
*res = talloc_steal(mem_ctx, result);
ret = EOK;
done:
talloc_zfree(tmp_ctx);
return ret;
}
int sysdb_get_netgroup_attr(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
const char *netgrname,
const char **attributes,
struct ldb_result **res)
{
TALLOC_CTX *tmp_ctx;
struct ldb_dn *base_dn;
struct ldb_result *result;
char *sanitized_netgroup;
int ret;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
return ENOMEM;
}
base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
SYSDB_TMPL_NETGROUP_BASE, sysdb->domain->name);
if (!base_dn) {
ret = ENOMEM;
goto done;
}
ret = sss_filter_sanitize(tmp_ctx, netgrname, &sanitized_netgroup);
if (ret != EOK) {
goto done;
}
ret = ldb_search(sysdb->ldb, tmp_ctx, &result, base_dn,
LDB_SCOPE_SUBTREE, attributes,
SYSDB_NETGR_FILTER,
sanitized_netgroup,
sanitized_netgroup);
if (ret) {
ret = sysdb_error_to_errno(ret);
goto done;
}
*res = talloc_steal(mem_ctx, result);
done:
talloc_zfree(tmp_ctx);
return ret;
}
errno_t sysdb_get_direct_parents(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
struct sss_domain_info *dom,
enum sysdb_member_type mtype,
const char *name,
char ***_direct_parents)
{
errno_t ret;
const char *dn;
char *sanitized_dn;
struct ldb_dn *basedn;
static const char *group_attrs[] = { SYSDB_NAME, NULL };
const char *member_filter;
size_t direct_sysdb_count = 0;
struct ldb_message **direct_sysdb_groups = NULL;
char **direct_parents = NULL;
TALLOC_CTX *tmp_ctx = NULL;
int i, pi;
const char *tmp_str;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) return ENOMEM;
if (mtype == SYSDB_MEMBER_USER) {
dn = sysdb_user_strdn(tmp_ctx, dom->name, name);
} else if (mtype == SYSDB_MEMBER_GROUP) {
dn = sysdb_group_strdn(tmp_ctx, dom->name, name);
} else {
DEBUG(1, ("Unknown member type\n"));
ret = EINVAL;
goto done;
}
if (!dn) {
ret = ENOMEM;
goto done;
}
ret = sss_filter_sanitize(tmp_ctx, dn, &sanitized_dn);
if (ret != EOK) {
goto done;
}
member_filter = talloc_asprintf(tmp_ctx, "(&(%s=%s)(%s=%s))",
SYSDB_OBJECTCLASS, SYSDB_GROUP_CLASS,
SYSDB_MEMBER, sanitized_dn);
if (!member_filter) {
ret = ENOMEM;
goto done;
}
basedn = ldb_dn_new_fmt(tmp_ctx, sysdb_ctx_get_ldb(sysdb),
SYSDB_TMPL_GROUP_BASE, dom->name);
if (!basedn) {
ret = ENOMEM;
goto done;
}
DEBUG(8, ("searching sysdb with filter [%s]\n", member_filter));
ret = sysdb_search_entry(tmp_ctx, sysdb, basedn,
LDB_SCOPE_SUBTREE, member_filter, group_attrs,
&direct_sysdb_count, &direct_sysdb_groups);
if (ret == ENOENT) {
direct_sysdb_count = 0;
} else if (ret != EOK && ret != ENOENT) {
DEBUG(2, ("sysdb_search_entry failed: [%d]: %s\n",
ret, strerror(ret)));
goto done;
}
/* EOK */
/* Get the list of sysdb groups by name */
direct_parents = talloc_array(tmp_ctx, char *, direct_sysdb_count+1);
if (!direct_parents) {
ret = ENOMEM;
goto done;
}
pi = 0;
for(i = 0; i < direct_sysdb_count; i++) {
tmp_str = ldb_msg_find_attr_as_string(direct_sysdb_groups[i],
SYSDB_NAME, NULL);
if (!tmp_str) {
/* This should never happen, but if it does, just continue */
continue;
}
direct_parents[pi] = talloc_strdup(direct_parents, tmp_str);
if (!direct_parents[pi]) {
DEBUG(1, ("A group with no name?\n"));
ret = EIO;
goto done;
}
pi++;
}
direct_parents[pi] = NULL;
DEBUG(7, ("%s is a member of %d sysdb groups\n",
name, direct_sysdb_count));
*_direct_parents = talloc_steal(mem_ctx, direct_parents);
ret = EOK;
done:
talloc_free(tmp_ctx);
return ret;
}