2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina Pavel Březina <pbrezina@redhat.com>
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina Copyright (C) 2011 Red Hat
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina This program is free software; you can redistribute it and/or modify
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina it under the terms of the GNU General Public License as published by
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina the Free Software Foundation; either version 3 of the License, or
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina (at your option) any later version.
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina This program is distributed in the hope that it will be useful,
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina but WITHOUT ANY WARRANTY; without even the implied warranty of
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina GNU General Public License for more details.
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina You should have received a copy of the GNU General Public License
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina along with this program. If not, see <http://www.gnu.org/licenses/>.
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březinastatic int sudosrv_response_append_string(TALLOC_CTX *mem_ctx,
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina const char *str,
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina response_body = talloc_realloc(mem_ctx, response_body, uint8_t,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "talloc_realloc() failed\n");
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina memcpy(response_body + response_len, str, str_len);
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březinastatic int sudosrv_response_append_uint32(TALLOC_CTX *mem_ctx,
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina response_body = talloc_realloc(mem_ctx, response_body, uint8_t,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "talloc_realloc() failed\n");
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina SAFEALIGN_SET_UINT32(response_body + response_len, number, &response_len);
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březinastatic int sudosrv_response_append_attr(TALLOC_CTX *mem_ctx,
573e86dc3156e481ce53d39ac901da2e99cfa0caJakub Hrozek unsigned int i = 0;
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n");
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina /* attr name */
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina ret = sudosrv_response_append_string(tmp_ctx, name, strlen(name) + 1,
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina /* values count */
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina ret = sudosrv_response_append_uint32(tmp_ctx, values_num,
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina for (i = 0; i < values_num; i++) {
87f8bee53ee1b4ca87b602ff8536bc5fd5b5b595Lukas Slebodnik DEBUG(SSSDBG_CRIT_FAILURE, "value is not a string\n");
573e86dc3156e481ce53d39ac901da2e99cfa0caJakub Hrozek DEBUG(SSSDBG_TRACE_INTERNAL, "%s:%s\n", name, strval);
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina *_response_body = talloc_steal(mem_ctx, response_body);
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březinastatic int sudosrv_response_append_rule(TALLOC_CTX *mem_ctx,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n");
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina /* attrs count */
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina ret = sudosrv_response_append_uint32(tmp_ctx, attrs_num,
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina for (i = 0; i < attrs_num; i++) {
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina ret = sudosrv_response_append_attr(tmp_ctx, attrs[i].name,
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina *_response_body = talloc_steal(mem_ctx, response_body);
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina * Response format:
46d3d2c731e8c7e138462e5b60a39a279dc77d81Pavel Březina * <error_code(uint32_t)><domain(char*)>\0<num_entries(uint32_t)><rule1><rule2>...
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina * <ruleN> = <num_attrs(uint32_t)><attr1><attr2>...
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina * <attrN> = <name(char*)>\0<num_values(uint32_t)><value1(char*)>\0<value2(char*)>\0...
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina * if <error_code> is not SSS_SUDO_ERROR_OK, the rest of the data is skipped.
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březinaerrno_t sudosrv_build_response(TALLOC_CTX *mem_ctx,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n");
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina /* error code */
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina ret = sudosrv_response_append_uint32(tmp_ctx, error,
573e86dc3156e481ce53d39ac901da2e99cfa0caJakub Hrozek DEBUG(SSSDBG_TRACE_INTERNAL, "error: [%"PRIu32"]\n", error);
7379170a0860790f2739e07fffe3d6ec85264566Pavel Březina /* domain name - deprecated
7379170a0860790f2739e07fffe3d6ec85264566Pavel Březina * TODO: when possible change the protocol */
7379170a0860790f2739e07fffe3d6ec85264566Pavel Březina ret = sudosrv_response_append_string(tmp_ctx, "\0", 1,
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina /* rules count */
5ff1c3c5a12930692cb6284d14f7fda3a974af8ePavel Březina ret = sudosrv_response_append_uint32(tmp_ctx, rules_num,
573e86dc3156e481ce53d39ac901da2e99cfa0caJakub Hrozek DEBUG(SSSDBG_TRACE_INTERNAL, "rules_num: [%"PRIu32"]\n", error);
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina for (i = 0; i < rules_num; i++) {
573e86dc3156e481ce53d39ac901da2e99cfa0caJakub Hrozek DEBUG(SSSDBG_TRACE_INTERNAL, "rule [%"PRIu32"]/[%"PRIu32"]\n", i+1, rules_num);
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina ret = sudosrv_response_append_rule(tmp_ctx, rules[i]->num, rules[i]->a,
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina *_response_body = talloc_steal(mem_ctx, response_body);
15d41c8f28259061e39715acdbbbaea778b6ecc8Pavel Březinaerrno_t sudosrv_parse_query(TALLOC_CTX *mem_ctx,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Query is too small\n");
15d41c8f28259061e39715acdbbbaea778b6ecc8Pavel Březina safealign_memcpy(&uid, query_body, sizeof(uid_t), &offset);
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina /* username[@domain] */
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina rawname_len = query_len - offset; /* strlen + zero */
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Username is not zero terminated\n");
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina if (rawname_len < 2) { /* at least one character and zero */
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Query does not contain username\n");
710472d946f6c337a095699dfd79134fa8b9eab9Pavel Březina if (!sss_utf8_check((uint8_t*)rawname, rawname_len - 1)) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Supplied data is not valid UTF-8 string\n");