/*
SSSD
SSS Client Responder, header file
Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __SSS_RESPONDER_H__
#define __SSS_RESPONDER_H__
#include "config.h"
#include <stdint.h>
#include <pcre.h>
#include <sys/resource.h>
#include <talloc.h>
#include <tevent.h>
#include <ldb.h>
#include <dhash.h>
#include "data_provider/rdp.h"
#include "sbus/sssd_dbus.h"
#include "responder/common/negcache.h"
#include "sss_client/sss_cli.h"
#include "responder/common/cache_req/cache_req_domain.h"
#include "util/session_recording.h"
extern hash_table_t *dp_requests;
/* we want default permissions on created files to be very strict,
* so set our umask to 0177 */
/* Public sockets must be readable and writable by anybody on the system.
* So we set umask to 0111. */
/* Neither the local provider nor the files provider have a back
* end in the traditional sense and can always just consult
* the responder's cache
*/
/* needed until nsssrv.h is updated */
struct cli_request {
/* original request from the wire */
/* reply data */
};
struct cli_protocol_version {
const char *date;
const char *description;
};
struct cli_protocol {
};
struct resp_ctx;
struct be_conn {
const char *cli_name;
char *sbus_address;
};
struct resp_ctx {
int lfd;
int priv_lfd;
const char *sock_name;
const char *priv_sock_name;
int domains_timeout;
int client_idle_timeout;
const char *domain_resolution_order;
int idle_timeout;
const char *sss_pipe_name;
const char *confdb_service_path;
char *default_domain;
char override_space;
char **allowed_shells;
char *override_shell;
char **vetoed_shells;
char **etc_shells;
char *shell_fallback;
char *default_shell;
void *pvt_ctx;
bool shutting_down;
bool socket_activated;
bool dbus_activated;
bool cache_first;
bool enumeration_warn_logged;
};
struct cli_creds;
struct cli_ctx {
int cfd;
int priv;
void *protocol_ctx;
void *state_ctx;
};
struct sss_cmd_table {
};
/* from generated code */
struct mon_cli_iface;
/*
*
*/
void sss_client_fd_handler(void *ptr,
struct tevent_context *ev,
struct confdb_ctx *cdb,
struct sss_cmd_table sss_cmds[],
const char *sss_pipe_name,
int pipe_fd,
const char *sss_priv_pipe_name,
int priv_pipe_fd,
const char *confdb_service_path,
const char *svc_name,
struct mon_cli_iface *monitor_intf,
const char *cli_name,
struct sbus_iface_map *sbus_iface,
struct resp_ctx **responder_ctx);
struct sss_domain_info *
struct sss_domain_info **_ret_dom);
/* responder_cmd.c */
enum sss_cli_command cmd,
struct sss_cmd_table *sss_cmds);
struct cli_protocol_version *register_cli_protocol_version(void);
struct setent_req_list;
/* A facility for notifying setent requests */
struct setent_req_list **list,
struct tevent_req *req);
struct dp_callback_ctx {
void *ptr;
void *mem_ctx;
};
/* Each responder-specific request must create a constructor
* function that creates a DBus Message that would be sent to
* the back end
*/
/*
* This function is indended for consumption by responders to create
* responder-specific requests such as sss_dp_get_account_send for
* downloading account data.
*
* Issues a new back end request based on strkey if not already running
* or registers a callback that is called when an existing request finishes.
*/
struct tevent_req *nreq);
/* Every provider specific request uses this structure as the tevent_req
* "state" structure.
*/
struct sss_dp_req_state {
char *err_msg;
};
/* The _recv functions of provider specific requests usually need to
* only call sss_dp_req_recv() to get return codes from back end
*/
struct tevent_req *sidereq,
char **err_msg);
/* Send a request to the data provider
* Once this function is called, the communication
* with the data provider will always run to
* completion. Freeing the returned tevent_req will
* cancel the notification of completion, but not
* the data provider action.
*/
enum sss_dp_acct_type {
};
struct tevent_req *
struct sss_domain_info *dom,
bool fast_reply,
enum sss_dp_acct_type type,
const char *opt_name,
const char *extra);
struct tevent_req *req,
char **err_msg);
struct tevent_req *
struct sss_domain_info *dom,
bool fast_reply,
const char *name,
const char *alias);
struct tevent_req *req,
char **err_msg);
bool force,
const char *hint);
/*
* Call a getAccountDomain request
*
* Only requests by ID are supported.
*
* @param mem_ctx Parent memory context
* @param rctx Responder context
* @param domain The SSSD domain we're querying. The response can
* be either NULL or come from any of domain's subdomains
* or domain itself
* @param type Either SSS_DP_USER or SSS_DP_GROUP, other types
* are not supported at the moment
* @param opt_id The ID number we're trying to locate
*
* @return A tevent request or NULL if allocating the request fails.
*/
struct sss_domain_info *domain,
enum sss_dp_acct_type type,
/* Receive a getAccountDomain request result
*
* @param mem_ctx The memory context that will own the contents of _domain
* @param req The request that had finished
* @para _domain Either NULL (the request did not match any domain) or
* a string that corresponds to either the input domain
* or any of its subdomains
*
* @return EOK on success, errno otherwise
*/
struct tevent_req *req,
char **_domain);
struct tevent_context *ev,
struct sss_nc_ctx *optional_ncache);
bool allow_sss_loop,
struct tevent_req *
const char *default_domain,
const char *rawinp);
const char **defaults);
struct sss_domain_info *dom,
bool name_is_upn,
const char *orig_name);
const char *
struct sss_domain_info *domain);
/**
* Helper functions to format output names
*/
/* Format orig_name into a sized_string in output format as prescribed
* by the name_dom domain
*/
const char *orig_name,
struct sss_domain_info *name_dom,
struct sized_string **_name);
/* Format orig_name into a sized_string in output format as prescribed
* by the domain read from the fully qualified name.
*/
const char *member_name,
struct sized_string **_name);
/* Given a ldb_result structure that contains a result of sysdb_initgroups
* where some groups might be just 'stubs' that don't have a name, but only
* a SID and a GID, resolve those incomplete groups into full group objects
*/
struct tevent_context *ev,
struct sss_domain_info *dom,
struct ldb_result *initgr_res);
struct tevent_req *req,
struct ldb_result **_initgr_named_res);
#endif /* __SSS_RESPONDER_H__ */