responder/pam/pam_helpers.c

d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher/*
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    SSSD
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    Authors:
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        Stephen Gallagher <sgallagh@redhat.com>
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    Copyright (C) 2011 Red Hat
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    This program is free software; you can redistribute it and/or modify
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    it under the terms of the GNU General Public License as published by
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    the Free Software Foundation; either version 3 of the License, or
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    (at your option) any later version.
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    This program is distributed in the hope that it will be useful,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    but WITHOUT ANY WARRANTY; without even the implied warranty of
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    GNU General Public License for more details.
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    You should have received a copy of the GNU General Public License
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    along with this program.  If not, see <http://www.gnu.org/licenses/>.
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher*/
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher#include "src/responder/pam/pam_helpers.h"
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagherstruct pam_initgr_table_ctx {
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    hash_table_t *id_table;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    char *name;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher};
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagherstatic void pam_initgr_cache_remove(struct tevent_context *ev,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                                    struct tevent_timer *te,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                                    struct timeval tv,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                                    void *pvt);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallaghererrno_t pam_initgr_cache_set(struct tevent_context *ev,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                             hash_table_t *id_table,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                             char *name,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                             long timeout)
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher{
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    errno_t ret;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    hash_key_t key;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    hash_value_t val;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    int hret;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    struct tevent_timer *te;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    struct timeval tv;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    struct pam_initgr_table_ctx *table_ctx;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    table_ctx = talloc_zero(id_table, struct pam_initgr_table_ctx);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    if (!table_ctx) return ENOMEM;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    table_ctx->id_table = id_table;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    table_ctx->name = talloc_strdup(table_ctx, name);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    if (!table_ctx->name) {
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        ret = ENOMEM;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        goto done;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    }
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    key.type = HASH_KEY_STRING;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    key.str = name;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    /* The value isn't relevant, since we're using
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher     * a timer to remove the entry.
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher     */
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    val.type = HASH_VALUE_UNDEF;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    hret = hash_enter(id_table, &key, &val);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    if (hret != HASH_SUCCESS) {
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "Could not update initgr cache for [%s]: [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov               name, hash_error_string(hret));
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        ret = EIO;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        goto done;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    } else {
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        DEBUG(SSSDBG_TRACE_INTERNAL,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "[%s] added to PAM initgroup cache\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov               name);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    }
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    /* Create a timer event to remove the entry from the cache */
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    tv = tevent_timeval_current_ofs(timeout, 0);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    te = tevent_add_timer(ev, table_ctx, tv,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                          pam_initgr_cache_remove,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                          table_ctx);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    if (!te) {
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        ret = ENOMEM;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        goto done;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    }
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    ret = EOK;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagherdone:
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    if (ret != EOK) {
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        talloc_free(table_ctx);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    }
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    return ret;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher}
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagherstatic void pam_initgr_cache_remove(struct tevent_context *ev,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                                    struct tevent_timer *te,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                                    struct timeval tv,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                                    void *pvt)
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher{
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    int hret;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    hash_key_t key;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    struct pam_initgr_table_ctx *table_ctx =
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher            talloc_get_type(pvt, struct pam_initgr_table_ctx);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    key.type = HASH_KEY_STRING;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    key.str = table_ctx->name;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    hret = hash_delete(table_ctx->id_table, &key);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    if (hret != HASH_SUCCESS
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher            && hret != HASH_ERROR_KEY_NOT_FOUND) {
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "Could not clear [%s] from initgr cache: [%s]\n",
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher               table_ctx->name,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov               hash_error_string(hret));
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    } else {
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        DEBUG(SSSDBG_TRACE_INTERNAL,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "[%s] removed from PAM initgroup cache\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov               table_ctx->name);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    }
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    talloc_free(table_ctx);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher}
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallaghererrno_t pam_initgr_check_timeout(hash_table_t *id_table,
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher                                 char *name)
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher{
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    hash_key_t key;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    hash_value_t val;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    int hret;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    key.type = HASH_KEY_STRING;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    key.str = name;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    hret = hash_lookup(id_table, &key, &val);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    if (hret != HASH_SUCCESS
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher            && hret != HASH_ERROR_KEY_NOT_FOUND) {
10da5ea89b2b963e5e0bb0e0113d118e3bdea892Sumit Bose            DEBUG(SSSDBG_TRACE_ALL, "Error searching user [%s] in PAM cache.\n",
10da5ea89b2b963e5e0bb0e0113d118e3bdea892Sumit Bose                                    name);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        return EIO;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    } else if (hret == HASH_ERROR_KEY_NOT_FOUND) {
10da5ea89b2b963e5e0bb0e0113d118e3bdea892Sumit Bose        DEBUG(SSSDBG_TRACE_ALL, "User [%s] not found in PAM cache.\n", name);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher        return ENOENT;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    }
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    /* If there's a value here, then the cache
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher     * entry is still valid.
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher     */
10da5ea89b2b963e5e0bb0e0113d118e3bdea892Sumit Bose    DEBUG(SSSDBG_TRACE_INTERNAL, "User [%s] found in PAM cache.\n", name);
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher    return EOK;
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher}
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher