sdap_child_helpers.c revision b4f87b42b18888c396e44e7359f7aafb092221bf
/*
SSSD
LDAP Backend Module -- child helpers
Authors:
Jakub Hrozek <jhrozek@redhat.com>
Copyright (C) 2009 Red Hat
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <pwd.h>
#include <unistd.h>
#include <fcntl.h>
#include "util/sss_krb5.h"
#include "providers/ldap/ldap_common.h"
#include "providers/ldap/sdap_async_private.h"
#include "util/child_common.h"
#ifndef SSSD_LIBEXEC_PATH
#error "SSSD_LIBEXEC_PATH not defined"
#else
#endif
#ifndef LDAP_CHILD_USER
#define LDAP_CHILD_USER "nobody"
#endif
struct sdap_child {
/* child info */
int read_from_child_fd;
int write_to_child_fd;
};
static void sdap_close_fd(int *fd)
{
int ret;
if (*fd == -1) {
return;
}
if (ret) {
}
*fd = -1;
}
static int sdap_child_destructor(void *ptr)
{
return 0;
}
struct sdap_child *child)
{
int pipefd_to_child[2];
int pipefd_from_child[2];
int ret;
if (ret == -1) {
return err;
}
if (ret == -1) {
return err;
}
if (pid == 0) { /* child */
NULL);
return err;
} else if (pid > 0) { /* parent */
close(pipefd_to_child[0]);
return ret;
}
} else { /* error */
return err;
}
return EOK;
}
const char *realm_str,
const char *princ_str,
const char *keytab_name,
{
return ENOMEM;
}
if (realm_str) {
}
if (princ_str) {
}
if (keytab_name) {
}
return ENOMEM;
}
rp = 0;
/* realm */
if (realm_str) {
} else {
}
/* principal */
if (princ_str) {
} else {
}
/* keytab */
if (keytab_name) {
} else {
}
/* lifetime */
/* UID and GID to drop privileges to, if needed. The ldap_child process runs as
* setuid if the back end runs unprivileged as it needs to access the keytab
*/
return EOK;
}
{
size_t p = 0;
char *ccn;
/* operation result code */
/* krb5 error code */
/* ccache name size */
return ENOMEM;
}
return EINVAL;
}
return EOK;
}
/* ==The-public-async-interface============================================*/
struct sdap_get_tgt_state {
struct tevent_context *ev;
struct sdap_child *child;
};
struct tevent_context *ev,
int timeout);
struct tevent_context *ev,
const char *realm_str,
const char *princ_str,
const char *keytab_name,
int timeout)
{
struct sdap_get_tgt_state *state;
int ret;
if (!req) {
return NULL;
}
goto fail;
}
/* prepare the data to pass to child */
&buf);
goto fail;
}
goto fail;
}
goto fail;
}
if (!subreq) {
goto fail;
}
return req;
fail:
return req;
}
{
struct tevent_req);
struct sdap_get_tgt_state);
int ret;
return;
}
if (!subreq) {
return;
}
}
{
struct tevent_req);
struct sdap_get_tgt_state);
int ret;
return;
}
}
int *result,
char **ccname,
{
struct sdap_get_tgt_state);
char *ccn;
int res;
int ret;
return ret;
}
return EOK;
}
struct tevent_timer *te,
{
struct sdap_get_tgt_state);
int ret;
if (ret == -1) {
}
}
struct tevent_context *ev,
int timeout)
{
struct tevent_timer *te;
"Setting %d seconds timeout for tgt child\n", timeout);
return ENOMEM;
}
return EOK;
}
/* Setup child logging */
int sdap_setup_child(void)
{
}