ipa_netgroups.c revision 3e1c814a7ca3a0e4086e0822d6b4df23b8465bc8
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher/*
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher SSSD
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher Async IPA Helper routines for netgroups
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek Authors:
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher Jan Zeleny <jzeleny@redhat.com>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher Copyright (C) 2011 Red Hat
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek This program is free software; you can redistribute it and/or modify
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek it under the terms of the GNU General Public License as published by
7797e361155f7ce937085fd98e360469d7baf1b6Jakub Hrozek the Free Software Foundation; either version 3 of the License, or
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher (at your option) any later version.
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher This program is distributed in the hope that it will be useful,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher but WITHOUT ANY WARRANTY; without even the implied warranty of
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek GNU General Public License for more details.
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher You should have received a copy of the GNU General Public License
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher along with this program. If not, see <http://www.gnu.org/licenses/>.
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher*/
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#include "util/util.h"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#include "db/sysdb.h"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#include "providers/ldap/sdap_async_private.h"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#include "providers/ipa/ipa_id.h"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#include "db/sysdb.h"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#include <ctype.h>
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#define ENTITY_NG 1
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#define ENTITY_USER 2
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#define ENTITY_HOST 4
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagherstruct ipa_get_netgroups_state {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct tevent_context *ev;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sdap_options *opts;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct ipa_options *ipa_opts;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sdap_handle *sh;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sysdb_ctx *sysdb;
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher struct sss_domain_info *dom;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek const char **attrs;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher int timeout;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher char *filter;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher const char *base_filter;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher size_t netgr_base_iter;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher size_t host_base_iter;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher size_t user_base_iter;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* Entities which have been already asked for
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher * and are scheduled for inspection */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hash_table_t *new_netgroups;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hash_table_t *new_users;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hash_table_t *new_hosts;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher int current_entity;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher int entities_found;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sysdb_attrs **netgroups;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher int netgroups_count;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher};
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekstatic errno_t ipa_save_netgroup(TALLOC_CTX *mem_ctx,
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek struct sysdb_ctx *ctx,
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek struct sss_domain_info *dom,
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek struct sdap_options *opts,
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek struct sysdb_attrs *attrs)
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher{
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct ldb_message_element *el;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher struct sysdb_attrs *netgroup_attrs;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher const char *name = NULL;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher int ret;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher size_t c;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_el(attrs,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher opts->netgroup_map[IPA_AT_NETGROUP_NAME].sys_name,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher &el);
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher if (ret) goto fail;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher if (el->num_values == 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = EINVAL;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher name = (const char *)el->values[0].data;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(SSSDBG_TRACE_INTERNAL, ("Storing netgroup %s\n", name));
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek
ea929f1b022fc2cb77dec89b0e12accef983ec85Jakub Hrozek netgroup_attrs = sysdb_new_attrs(mem_ctx);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (!netgroup_attrs) {
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_el(attrs, SYSDB_ORIG_DN, &el);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher if (el->num_values == 0) {
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher DEBUG(7, ("Original DN is not available for [%s].\n", name));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(7, ("Adding original DN [%s] to attributes of [%s].\n",
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher el->values[0].data, name));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_add_string(netgroup_attrs, SYSDB_ORIG_DN,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher (const char *)el->values[0].data);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher ret = sysdb_attrs_get_el(attrs, SYSDB_NETGROUP_TRIPLE, &el);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (el->num_values == 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(SSSDBG_TRACE_INTERNAL, ("No netgroup triples for netgroup [%s].\n", name));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_el(netgroup_attrs, SYSDB_NETGROUP_TRIPLE, &el);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher goto fail;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher for(c = 0; c < el->num_values; c++) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_add_string(netgroup_attrs,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher SYSDB_NETGROUP_TRIPLE,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher (const char*)el->values[c].data);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_el(attrs,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher opts->netgroup_map[IPA_AT_NETGROUP_MEMBER].sys_name,
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher &el);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek if (el->num_values == 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(7, ("No original members for netgroup [%s]\n", name));
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(7, ("Adding original members to netgroup [%s]\n", name));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher for(c = 0; c < el->num_values; c++) {
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek ret = sysdb_attrs_add_string(netgroup_attrs,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher opts->netgroup_map[IPA_AT_NETGROUP_MEMBER].sys_name,
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher (const char*)el->values[c].data);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_el(attrs, SYSDB_NETGROUP_MEMBER, &el);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (el->num_values == 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(7, ("No members for netgroup [%s]\n", name));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(7, ("Adding members to netgroup [%s]\n", name));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher for(c = 0; c < el->num_values; c++) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_add_string(netgroup_attrs, SYSDB_NETGROUP_MEMBER,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher (const char*)el->values[c].data);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(6, ("Storing info for netgroup %s\n", name));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_add_netgroup(ctx, name, NULL, netgroup_attrs,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher dom->netgroup_timeout, 0);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret) goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return EOK;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherfail:
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(2, ("Failed to save netgroup %s\n", name));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return ret;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher}
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic errno_t ipa_netgr_next_base(struct tevent_req *req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic void ipa_get_netgroups_process(struct tevent_req *subreq);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic int ipa_netgr_process_all(struct ipa_get_netgroups_state *state);
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagherstruct tevent_req *ipa_get_netgroups_send(TALLOC_CTX *memctx,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct tevent_context *ev,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sysdb_ctx *sysdb,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sss_domain_info *dom,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sdap_options *opts,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct ipa_options *ipa_options,
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher struct sdap_handle *sh,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher const char **attrs,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher const char *filter,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher int timeout)
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher{
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct tevent_req *req;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct ipa_get_netgroups_state *state;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher int ret;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher req = tevent_req_create(memctx, &state, struct ipa_get_netgroups_state);
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher if (!req) return NULL;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->ev = ev;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher state->opts = opts;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->ipa_opts = ipa_options;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->sh = sh;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->sysdb = sysdb;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->attrs = attrs;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher state->timeout = timeout;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher state->base_filter = filter;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->netgr_base_iter = 0;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->dom = dom;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (!ipa_options->id->netgroup_search_bases) {
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher DEBUG(SSSDBG_CRIT_FAILURE,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ("Netgroup lookup request without a search base\n"));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = EINVAL;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sss_hash_create(state, 32, &state->new_netgroups);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) goto done;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ret = sss_hash_create(state, 32, &state->new_users);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) goto done;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher ret = sss_hash_create(state, 32, &state->new_hosts);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ipa_netgr_next_base(req);
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherdone:
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher tevent_req_error(req, ret);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher tevent_req_post(req, ev);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return req;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher}
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic errno_t ipa_netgr_next_base(struct tevent_req *req)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher{
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher struct tevent_req *subreq;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct ipa_get_netgroups_state *state;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher struct sdap_search_base **netgr_bases;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state = tevent_req_data(req, struct ipa_get_netgroups_state);
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher netgr_bases = state->ipa_opts->id->netgroup_search_bases;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher talloc_zfree(state->filter);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->filter = sdap_get_id_specific_filter(
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher state,
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher state->base_filter,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher netgr_bases[state->netgr_base_iter]->filter);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (!state->filter) {
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher return ENOMEM;
056302a92862fda16351d7192600746746f38e5dStephen Gallagher }
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher DEBUG(SSSDBG_TRACE_FUNC,
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher ("Searching for netgroups with base [%s]\n",
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher netgr_bases[state->netgr_base_iter]->basedn));
056302a92862fda16351d7192600746746f38e5dStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher subreq = sdap_get_generic_send(
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state, state->ev, state->opts, state->sh,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek netgr_bases[state->netgr_base_iter]->basedn,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher netgr_bases[state->netgr_base_iter]->scope,
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher state->filter, state->attrs,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->opts->netgroup_map, IPA_OPTS_NETGROUP,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->timeout);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (!subreq) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher tevent_req_set_callback(subreq, ipa_get_netgroups_process, req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher return EOK;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher}
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic int ipa_netgr_fetch_netgroups(struct ipa_get_netgroups_state *state,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct tevent_req *req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic int ipa_netgr_fetch_users(struct ipa_get_netgroups_state *state,
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher struct tevent_req *req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic int ipa_netgr_fetch_hosts(struct ipa_get_netgroups_state *state,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct tevent_req *req);
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagherstatic void ipa_netgr_members_process(struct tevent_req *subreq);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagherstatic void ipa_get_netgroups_process(struct tevent_req *subreq)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher{
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct tevent_req *req = tevent_req_callback_data(subreq,
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher struct tevent_req);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct ipa_get_netgroups_state *state = tevent_req_data(req,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct ipa_get_netgroups_state);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek int i, ret;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct ldb_message_element *ng_found;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct ldb_message_element *host_found;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct ldb_message_element *user_found;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sdap_search_base **netgr_bases;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sysdb_attrs **netgroups;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher size_t netgroups_count;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher const char *orig_dn;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek char *dn;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek char *filter;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher bool fetch_members = false;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher hash_key_t key;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher hash_value_t value;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher netgr_bases = state->ipa_opts->id->netgroup_search_bases;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher ret = sdap_get_generic_recv(subreq, state, &netgroups_count, &netgroups);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek talloc_zfree(subreq);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret) {
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek DEBUG(6, ("Search for netgroups, returned %d results.\n", netgroups_count));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher if (netgroups_count == 0) {
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher /* No netgroups found in this search */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->netgr_base_iter++;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (netgr_bases[state->netgr_base_iter]) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* There are more search bases to try */
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ret = ipa_netgr_next_base(req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek tevent_req_error(req, ENOENT);
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek }
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek return;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher ret = ENOENT;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher filter = talloc_strdup(state, "(|");
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (filter == NULL) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher }
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher for (i = 0; i < netgroups_count; i++) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_el(netgroups[i], SYSDB_ORIG_NETGROUP_MEMBER,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher &ng_found);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) goto done;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher ret = sysdb_attrs_get_el(netgroups[i], SYSDB_ORIG_MEMBER_USER,
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher &user_found);
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher if (ret != EOK) goto done;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_el(netgroups[i], SYSDB_ORIG_MEMBER_HOST,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher &host_found);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (ret != EOK) goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher ret = sysdb_attrs_get_string(netgroups[i], SYSDB_ORIG_DN, &orig_dn);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher key.type = HASH_KEY_STRING;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher value.type = HASH_VALUE_PTR;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher key.str = discard_const(orig_dn);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher value.ptr = netgroups[i];
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = hash_enter(state->new_netgroups, &key, &value);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != HASH_SUCCESS) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ng_found->num_values) state->entities_found |= ENTITY_NG;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (user_found->num_values) state->entities_found |= ENTITY_USER;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (host_found->num_values) state->entities_found |= ENTITY_HOST;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (state->entities_found == 0) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek continue;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sss_filter_sanitize(state, orig_dn, &dn);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek /* Add this to the filter */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher filter = talloc_asprintf_append(filter, "(%s=%s)",
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->opts->netgroup_map[IPA_AT_NETGROUP_MEMBER_OF].name,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher dn);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (filter == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher fetch_members = true;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (!fetch_members) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ret = ipa_netgr_process_all(state);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher tevent_req_error(req, ret);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher tevent_req_done(req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->filter = talloc_asprintf_append(filter, ")");
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (state->filter == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (state->entities_found & ENTITY_NG) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->netgr_base_iter = 0;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ipa_netgr_fetch_netgroups(state, req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else if (state->entities_found & ENTITY_USER) {
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher ret = ipa_netgr_fetch_users(state, req);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (ret != EOK) goto done;
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek } else if (state->entities_found & ENTITY_HOST) {
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek ret = ipa_netgr_fetch_hosts(state, req);
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek if (ret != EOK) goto done;
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek return;
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekdone:
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek tevent_req_error(req, ret);
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek return;
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek}
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekstatic int ipa_netgr_fetch_netgroups(struct ipa_get_netgroups_state *state,
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek struct tevent_req *req)
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek{
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek char *filter;
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek const char *base_filter;
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek struct tevent_req *subreq;
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek struct sdap_search_base **bases;
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek bases = state->ipa_opts->id->netgroup_search_bases;
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek if (bases[state->netgr_base_iter] == NULL) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek /* No more bases to try */
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek return ENOENT;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek base_filter = bases[state->netgr_base_iter]->filter;
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek filter = talloc_asprintf(state, "(&%s%s(objectclass=%s))",
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek state->filter,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher base_filter?base_filter:"",
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher state->opts->netgroup_map[SDAP_OC_NETGROUP].name);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (filter == NULL)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher subreq = sdap_get_generic_send(state, state->ev, state->opts, state->sh,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher bases[state->netgr_base_iter]->basedn,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher bases[state->netgr_base_iter]->scope,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher filter, state->attrs, state->opts->netgroup_map,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher IPA_OPTS_NETGROUP, state->timeout);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->current_entity = ENTITY_NG;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (subreq == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher tevent_req_set_callback(subreq, ipa_netgr_members_process, req);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return EOK;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher}
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic int ipa_netgr_fetch_users(struct ipa_get_netgroups_state *state,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct tevent_req *req)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher{
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher const char *attrs[] = { state->opts->user_map[SDAP_AT_USER_NAME].name,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->opts->user_map[SDAP_AT_USER_MEMBEROF].name,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek "objectclass", NULL };
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher char *filter;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher const char *base_filter;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct tevent_req *subreq;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sdap_search_base **bases;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher bases = state->ipa_opts->id->user_search_bases;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (bases[state->user_base_iter] == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return ENOENT;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek base_filter = bases[state->user_base_iter]->filter;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher filter = talloc_asprintf(state, "(&%s%s(objectclass=%s))",
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->filter,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher base_filter?base_filter:"",
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek state->opts->user_map[SDAP_OC_USER].name);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (filter == NULL)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher subreq = sdap_get_generic_send(state, state->ev, state->opts, state->sh,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek dp_opt_get_string(state->opts->basic,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher SDAP_USER_SEARCH_BASE),
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher LDAP_SCOPE_SUBTREE,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher filter, attrs,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->opts->user_map,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek SDAP_OPTS_USER, state->timeout);
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek state->current_entity = ENTITY_USER;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (subreq == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher talloc_free(attrs);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek tevent_req_set_callback(subreq, ipa_netgr_members_process, req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher return EOK;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher}
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekstatic int ipa_netgr_fetch_hosts(struct ipa_get_netgroups_state *state,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct tevent_req *req)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher{
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher const char **attrs;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher char *filter;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek const char *base_filter;
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek struct tevent_req *subreq;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek int ret;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct sdap_search_base **bases;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher bases = state->ipa_opts->host_search_bases;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher if (bases[state->host_base_iter] == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return ENOENT;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek base_filter = bases[state->host_base_iter]->filter;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher filter = talloc_asprintf(state, "(&%s%s(objectclass=%s))",
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->filter,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher base_filter?base_filter:"",
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek state->opts->host_map[IPA_OC_HOST].name);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (filter == NULL)
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher return ENOMEM;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher ret = build_attrs_from_map(state, state->opts->host_map,
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher IPA_OPTS_HOST, &attrs);
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher if (ret != EOK) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek talloc_free(filter);
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher return ret;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher }
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher subreq = sdap_get_generic_send(state, state->ev, state->opts, state->sh,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek bases[state->host_base_iter]->basedn,
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher bases[state->host_base_iter]->scope,
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher filter, attrs,
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher state->opts->host_map,
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher IPA_OPTS_HOST, state->timeout);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher state->current_entity = ENTITY_HOST;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher if (subreq == NULL) {
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher talloc_free(filter);
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher return ENOMEM;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher }
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher tevent_req_set_callback(subreq, ipa_netgr_members_process, req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return EOK;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek}
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic void ipa_netgr_members_process(struct tevent_req *subreq)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher{
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher struct tevent_req *req = tevent_req_callback_data(subreq,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct tevent_req);
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher struct ipa_get_netgroups_state *state = tevent_req_data(req,
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher struct ipa_get_netgroups_state);
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher struct sysdb_attrs **entities;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher size_t count;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek int ret, i;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher const char *orig_dn;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher char *orig_dn_lower;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher hash_table_t *table;
7797e361155f7ce937085fd98e360469d7baf1b6Jakub Hrozek hash_key_t key;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher hash_value_t value;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher int (* next_call)(struct ipa_get_netgroups_state *,
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek struct tevent_req *);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek bool next_batch_scheduled = false;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek ret = sdap_get_generic_recv(subreq, state, &count, &entities);
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek talloc_zfree(subreq);
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek if (ret) {
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek goto fail;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek DEBUG(SSSDBG_TRACE_INTERNAL, ("Found %u members in current search base\n", count));
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek next_call = NULL;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek /* While processing a batch of entities from one search base,
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek * schedule query for another search base if there is one
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek *
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek * If there is no other search base, another class of entities
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek * will be scheduled for lookup after processing of current
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek * batch. The order of lookup is: netgroups -> users -> hosts
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek */
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek if (state->current_entity == ENTITY_NG) {
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek /* We just received a batch of netgroups */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->netgr_base_iter++;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ret = ipa_netgr_fetch_netgroups(state, req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher table = state->new_netgroups;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* If there is a member netgroup, we always have to
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher * ask for both member users and hosts
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher * -> now schedule users
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher next_call = ipa_netgr_fetch_users;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else if (state->current_entity == ENTITY_USER) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* We just received a batch of users */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->user_base_iter++;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ipa_netgr_fetch_users(state, req);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek table = state->new_users;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (state->entities_found & ENTITY_HOST ||
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->entities_found & ENTITY_NG) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher next_call = ipa_netgr_fetch_hosts;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek } else if (state->current_entity == ENTITY_HOST) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* We just received a batch of hosts */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->host_base_iter++;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ipa_netgr_fetch_hosts(state, req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher table = state->new_hosts;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(SSSDBG_CRIT_FAILURE,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ("Invalid entity type given for processing: %d\n",
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->current_entity));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = EINVAL;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret == EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* Next search base has been scheduled for inspection,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher * don't try to look for other type of entities
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher */
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek next_batch_scheduled = true;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else if (ret != ENOENT) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* Process all member entites and store them in the designated hash table */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher key.type = HASH_KEY_STRING;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher value.type = HASH_VALUE_PTR;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek for (i = 0; i < count; i++) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_string(entities[i], SYSDB_ORIG_DN, &orig_dn);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher orig_dn_lower = talloc_strdup(table, orig_dn);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (orig_dn_lower == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* Transform the DN to lower case.
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher * this is important, as the member/memberof attributes
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher * have the value also in lower-case
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher key.str = orig_dn_lower;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher while (*orig_dn_lower != '\0') {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher *orig_dn_lower = tolower(*orig_dn_lower);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher orig_dn_lower++;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher value.ptr = entities[i];
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher ret = hash_enter(table, &key, &value);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != HASH_SUCCESS) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto fail;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (next_batch_scheduled) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* The next search base is already scheduled to be searched */
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek return;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (next_call) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* There is another class of members that has to be retrieved
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher * - schedule the lookup
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher */
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek ret = next_call(state, req);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (ret != EOK) goto fail;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* All members, that could have been fetched, were fetched */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ipa_netgr_process_all(state);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) goto fail;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher tevent_req_done(req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherfail:
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher tevent_req_error(req, ret);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher}
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstatic bool extract_netgroups(hash_entry_t *entry, void *pvt)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher{
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct ipa_get_netgroups_state *state;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek state = talloc_get_type(pvt, struct ipa_get_netgroups_state);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->netgroups[state->netgroups_count] = talloc_get_type(entry->value.ptr,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sysdb_attrs);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->netgroups_count++;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return true;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher}
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherstruct extract_state {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek const char *group;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher const char **entries;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher int entries_count;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher};
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekstatic bool extract_entities(hash_entry_t *entry, void *pvt)
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek{
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek int i, ret;
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek struct extract_state *state;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct sysdb_attrs *member;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek struct ldb_message_element *el;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct ldb_message_element *name_el;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek state = talloc_get_type(pvt, struct extract_state);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher member = talloc_get_type(entry->value.ptr, struct sysdb_attrs);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ret = sysdb_attrs_get_el(member, SYSDB_MEMBEROF, &el);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (ret != EOK) return false;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ret = sysdb_attrs_get_el(member, SYSDB_NAME, &name_el);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK || name_el == NULL || name_el->num_values == 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return false;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek for (i = 0; i < el->num_values; i++) {
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek if (strcmp((char *)el->values[i].data, state->group) == 0) {
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek state->entries = talloc_realloc(state, state->entries, const char *,
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek state->entries_count + 1);
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek if (state->entries == NULL) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek return false;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek state->entries[state->entries_count] = (char *)name_el->values[0].data;
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek state->entries_count++;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek break;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher return true;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher}
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekstatic int extract_members(TALLOC_CTX *mem_ctx,
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek struct sysdb_attrs *netgroup,
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek const char *member_type,
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek hash_table_t *lookup_table,
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek const char ***_ret_array,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek int *_ret_count)
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek{
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek struct extract_state *state;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek struct ldb_message_element *el;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek struct sysdb_attrs *member;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek hash_key_t key;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek hash_value_t value;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek const char **process = NULL;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek const char **ret_array = NULL;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek int process_count = 0;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek int ret_count = 0;
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek int ret, i, pi;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher key.type = HASH_KEY_STRING;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher value.type = HASH_VALUE_PTR;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state = talloc_zero(mem_ctx, struct extract_state);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (state == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_el(netgroup, member_type, &el);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (ret != EOK && ret != ENOENT) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret == EOK) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek for (i = 0; i < el->num_values; i++) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher key.str = (char *)el->values[i].data;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = hash_lookup(lookup_table, &key, &value);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != HASH_SUCCESS && ret != HASH_ERROR_KEY_NOT_FOUND) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOENT;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret == HASH_ERROR_KEY_NOT_FOUND) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher process = talloc_realloc(mem_ctx, process, const char *, process_count + 1);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (process == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher process[process_count] = (char *)el->values[i].data;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher process_count++;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret_array = talloc_realloc(mem_ctx, ret_array, const char *, ret_count + 1);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (ret_array == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher member = talloc_get_type(value.ptr, struct sysdb_attrs);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_string(member, SYSDB_NAME, &ret_array[ret_count]);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret_count++;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek for (pi = 0; pi < process_count; pi++) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->group = process[pi];
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher hash_iterate(lookup_table, extract_entities, state);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (state->entries_count > 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret_array = talloc_realloc(mem_ctx, ret_array, const char *,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ret_count + state->entries_count);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret_array == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek memcpy(&ret_array[ret_count], state->entries,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->entries_count*sizeof(const char *));
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher ret_count += state->entries_count;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->entries_count = 0;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek talloc_zfree(state->entries);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher } else {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret_array = NULL;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher *_ret_array = ret_array;
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher *_ret_count = ret_count;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = EOK;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekdone:
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher return ret;
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher}
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekstatic int ipa_netgr_process_all(struct ipa_get_netgroups_state *state)
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek{
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher int i, j, k, ret;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher const char **members;
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek struct sysdb_attrs *member;
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek const char *member_name;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher struct extract_state *extract_state;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher struct ldb_message_element *external_hosts;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek const char *dash[] = {"-"};
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek const char **uids = NULL;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher const char **hosts = NULL;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher int uids_count = 0;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher int hosts_count = 0;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher hash_key_t key;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher hash_value_t value;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher const char *domain;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek char *triple;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher state->netgroups = talloc_zero_array(state, struct sysdb_attrs *,
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher hash_count(state->new_netgroups));
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher if (state->netgroups == NULL) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek return ENOMEM;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher }
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher extract_state = talloc_zero(state, struct extract_state);
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher if (extract_state == NULL) {
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher ret = ENOMEM;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher goto done;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher
7797e361155f7ce937085fd98e360469d7baf1b6Jakub Hrozek key.type = HASH_KEY_STRING;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher value.type = HASH_VALUE_PTR;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek hash_iterate(state->new_netgroups, extract_netgroups, state);
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher for (i = 0; i < state->netgroups_count; i++) {
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher /* load all its member netgroups, translate */
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher DEBUG(SSSDBG_TRACE_INTERNAL, ("Extracting netgroup members of netgroup %d\n", i));
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher ret = sysdb_attrs_get_string_array(state->netgroups[i],
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher SYSDB_ORIG_NETGROUP_MEMBER,
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher state, &members);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (ret != EOK && ret != ENOENT) {
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher goto done;
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher }
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher j = 0;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (ret == EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher for (j = 0; members[j]; j++) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher key.str = discard_const(members[j]);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = hash_lookup(state->new_netgroups, &key, &value);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != HASH_SUCCESS) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek ret = ENOENT;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher member = talloc_get_type(value.ptr, struct sysdb_attrs);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_string(member, SYSDB_NAME, &member_name);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_add_string(state->netgroups[i],
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher SYSDB_NETGROUP_MEMBER,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek member_name);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher talloc_zfree(members);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek DEBUG(SSSDBG_TRACE_INTERNAL, ("Extracted %d netgroup members\n", j));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher /* Load all UIDs */
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(SSSDBG_TRACE_ALL, ("Extracting user members of netgroup %d\n", i));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = extract_members(state, state->netgroups[i],
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek SYSDB_ORIG_MEMBER_USER,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->new_users,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher &uids, &uids_count);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(SSSDBG_TRACE_INTERNAL, ("Extracted %d user members\n", uids_count));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(SSSDBG_TRACE_ALL, ("Extracting host members of netgroup %d\n", i));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = extract_members(state, state->netgroups[i],
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher SYSDB_ORIG_MEMBER_HOST,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->new_hosts,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek &hosts, &hosts_count);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(SSSDBG_TRACE_INTERNAL, ("Extracted %d host members\n", hosts_count));
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_el(state->netgroups[i],
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher SYSDB_ORIG_NETGROUP_EXTERNAL_HOST,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher &external_hosts);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (external_hosts->num_values > 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hosts = talloc_realloc(state, hosts, const char *,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hosts_count + external_hosts->num_values);
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher if (hosts == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher for (j = 0; j < external_hosts->num_values; j++) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hosts[hosts_count] = talloc_strdup(hosts, (char *)external_hosts->values[j].data);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (hosts[hosts_count] == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hosts_count++;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_get_string(state->netgroups[i], SYSDB_NETGROUP_DOMAIN,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher &domain);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (uids_count > 0 || hosts_count > 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (uids_count == 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher uids_count = 1;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher uids = dash;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (hosts_count == 0) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hosts_count = 1;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hosts = dash;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher DEBUG(SSSDBG_TRACE_INTERNAL, ("Putting together triples of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher "netgroup %d\n", i));
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher for (j = 0; j < uids_count; j++) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher for (k = 0; k < hosts_count; k++) {
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek triple = talloc_asprintf(state, "(%s,%s,%s)",
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher hosts[k], uids[j],
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher domain);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (triple == NULL) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ENOMEM;
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = sysdb_attrs_add_string(state->netgroups[i],
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher SYSDB_NETGROUP_TRIPLE,
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek triple);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (ret != EOK) {
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher ret = ipa_save_netgroup(state, state->sysdb, state->dom,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher state->opts, state->netgroups[i]);
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek if (ret != EOK) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher goto done;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherdone:
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher return ret;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher}
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagherint ipa_get_netgroups_recv(struct tevent_req *req,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher TALLOC_CTX *mem_ctx,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher size_t *reply_count,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct sysdb_attrs ***reply)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher{
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct ipa_get_netgroups_state *state = tevent_req_data(req,
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher struct ipa_get_netgroups_state);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek TEVENT_REQ_RETURN_ON_ERROR(req);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
b355dcb54194f498921743ca33304eac35d89718Stephen Gallagher if (reply_count) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher *reply_count = state->netgroups_count;
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher }
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher if (reply) {
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher *reply = talloc_steal(mem_ctx, state->netgroups);
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher }
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek return EOK;
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher}
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher