sss_client/idmap/sss_nss_idmap.h

2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose/*
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    SSSD
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    NSS  Responder ID-mapping interface
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    Authors:
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose        Sumit Bose <sbose@redhat.com>
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    Copyright (C) 2013 Red Hat
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    This program is free software; you can redistribute it and/or modify
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    it under the terms of the GNU General Public License as published by
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    the Free Software Foundation; either version 3 of the License, or
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    (at your option) any later version.
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    This program is distributed in the hope that it will be useful,
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    but WITHOUT ANY WARRANTY; without even the implied warranty of
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    GNU General Public License for more details.
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    You should have received a copy of the GNU General Public License
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    along with this program.  If not, see <http://www.gnu.org/licenses/>.
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose*/
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose#ifndef SSS_NSS_IDMAP_H_
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose#define SSS_NSS_IDMAP_H_
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose#include <stdint.h>
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose#include <sys/types.h>
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose#include <pwd.h>
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose#include <grp.h>
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose/**
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * Object types
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose */
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Boseenum sss_id_type {
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    SSS_ID_TYPE_NOT_SPECIFIED = 0,
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    SSS_ID_TYPE_UID,
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    SSS_ID_TYPE_GID,
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose    SSS_ID_TYPE_BOTH /* used for user or magic private groups */
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose};
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bosestruct sss_nss_kv {
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose    char *key;
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose    char *value;
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose};
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose/**
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @brief Find SID by fully qualified name
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @param[in] fq_name  Fully qualified name of a user or a group
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @param[out] sid     String representation of the SID of the requested user
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *                     or group, must be freed by the caller
3b35ff47651e4893ce537a273466766b962362daLukas Slebodnik * @param[out] type    Type of the object related to the given name
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @return
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - 0 (EOK): success, sid contains the requested SID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - ENOENT: requested object was not found in the domain extracted from the given name
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - ENETUNREACH: SSSD does not know how to handle the domain extracted from the given name
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - ENOSYS: this call is not supported by the configured provider
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - EINVAL: input cannot be parsed
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - EIO: remote servers cannot be reached
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - EFAULT: any other error
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose */
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Boseint sss_nss_getsidbyname(const char *fq_name, char **sid,
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose                         enum sss_id_type *type);
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose/**
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @brief Find SID by a POSIX UID or GID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @param[in] id       POSIX UID or GID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @param[out] sid     String representation of the SID of the requested user
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *                     or group, must be freed by the caller
3b35ff47651e4893ce537a273466766b962362daLukas Slebodnik * @param[out] type    Type of the object related to the given ID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @return
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - see #sss_nss_getsidbyname
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose */
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Boseint sss_nss_getsidbyid(uint32_t id, char **sid, enum sss_id_type *type);
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose/**
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @brief Return the fully qualified name for the given SID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @param[in] sid      String representation of the SID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @param[out] fq_name Fully qualified name of a user or a group,
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *                     must be freed by the caller
3b35ff47651e4893ce537a273466766b962362daLukas Slebodnik * @param[out] type    Type of the object related to the SID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @return
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - see #sss_nss_getsidbyname
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose */
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Boseint sss_nss_getnamebysid(const char *sid, char **fq_name,
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose                         enum sss_id_type *type);
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose/**
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @brief Return the POSIX ID for the given SID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @param[in] sid      String representation of the SID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @param[out] id      POSIX ID related to the SID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @param[out] id_type Type of the object related to the SID
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose * @return
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose *  - see #sss_nss_getsidbyname
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose */
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Boseint sss_nss_getidbysid(const char *sid, uint32_t *id,
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose                       enum sss_id_type *id_type);
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose/**
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose * @brief Find original data by fully qualified name
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose * @param[in] fq_name  Fully qualified name of a user or a group
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose * @param[out] kv_list A NULL terminate list of key-value pairs where the key
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *                     is the attribute name in the cache of SSSD,
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *                     must be freed by the caller with sss_nss_free_kv()
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose * @param[out] type    Type of the object related to the given name
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose * @return
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *  - 0 (EOK): success, sid contains the requested SID
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *  - ENOENT: requested object was not found in the domain extracted from the given name
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *  - ENETUNREACH: SSSD does not know how to handle the domain extracted from the given name
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *  - ENOSYS: this call is not supported by the configured provider
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *  - EINVAL: input cannot be parsed
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *  - EIO: remote servers cannot be reached
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *  - EFAULT: any other error
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose */
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Boseint sss_nss_getorigbyname(const char *fq_name, struct sss_nss_kv **kv_list,
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose                          enum sss_id_type *type);
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose/**
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose * @brief Return the fully qualified name for the given base64 encoded
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose * X.509 certificate in DER format
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose *
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose * @param[in] cert     base64 encoded certificate
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose * @param[out] fq_name Fully qualified name of a user or a group,
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose *                     must be freed by the caller
440797cba931aa491bf418035f55935943e22b4bSumit Bose * @param[out] type    Type of the object related to the cert
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose *
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose * @return
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose *  - see #sss_nss_getsidbyname
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose */
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Boseint sss_nss_getnamebycert(const char *cert, char **fq_name,
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose                          enum sss_id_type *type);
9c88f837ffacf6548c13825589b327de1a5525f3Sumit Bose
440797cba931aa491bf418035f55935943e22b4bSumit Bose/**
440797cba931aa491bf418035f55935943e22b4bSumit Bose * @brief Return a list of fully qualified names for the given base64 encoded
440797cba931aa491bf418035f55935943e22b4bSumit Bose * X.509 certificate in DER format
440797cba931aa491bf418035f55935943e22b4bSumit Bose *
440797cba931aa491bf418035f55935943e22b4bSumit Bose * @param[in] cert     base64 encoded certificate
440797cba931aa491bf418035f55935943e22b4bSumit Bose * @param[out] fq_name List of fully qualified name of users or groups,
440797cba931aa491bf418035f55935943e22b4bSumit Bose *                     must be freed by the caller
440797cba931aa491bf418035f55935943e22b4bSumit Bose * @param[out] type    List of types of the objects related to the cert
440797cba931aa491bf418035f55935943e22b4bSumit Bose *
440797cba931aa491bf418035f55935943e22b4bSumit Bose * @return
440797cba931aa491bf418035f55935943e22b4bSumit Bose *  - see #sss_nss_getsidbyname
440797cba931aa491bf418035f55935943e22b4bSumit Bose */
440797cba931aa491bf418035f55935943e22b4bSumit Boseint sss_nss_getlistbycert(const char *cert, char ***fq_name,
440797cba931aa491bf418035f55935943e22b4bSumit Bose                          enum sss_id_type **type);
440797cba931aa491bf418035f55935943e22b4bSumit Bose
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose/**
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose * @brief Free key-value list returned by sss_nss_getorigbyname()
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose *
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose * @param[in] kv_list Key-value list returned by sss_nss_getorigbyname().
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bose */
0d01e4f6cc21d8ca0e4fafe59c7cbfa1459fa47eSumit Bosevoid sss_nss_free_kv(struct sss_nss_kv *kv_list);
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose/**
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * Flags to control the behavior and the results for sss_*_ex() calls
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose */
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose#define SSS_NSS_EX_FLAG_NO_FLAGS 0
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose
ac6b267ff3df6d0417062a128ec16b184ea2c1b7Sumit Bose/** Always request data from the server side, client must be privileged to do
55f7d8034d783c01789d76a2b9ffc901045e8af8Sumit Bose *  so, see nss_trusted_users option in man sssd.conf for details.
55f7d8034d783c01789d76a2b9ffc901045e8af8Sumit Bose *  This flag cannot be used together with SSS_NSS_EX_FLAG_INVALIDATE_CACHE */
ac6b267ff3df6d0417062a128ec16b184ea2c1b7Sumit Bose#define SSS_NSS_EX_FLAG_NO_CACHE (1 << 0)
ac6b267ff3df6d0417062a128ec16b184ea2c1b7Sumit Bose
55f7d8034d783c01789d76a2b9ffc901045e8af8Sumit Bose/** Invalidate the data in the caches, client must be privileged to do
55f7d8034d783c01789d76a2b9ffc901045e8af8Sumit Bose *  so, see nss_trusted_users option in man sssd.conf for details.
55f7d8034d783c01789d76a2b9ffc901045e8af8Sumit Bose *  This flag cannot be used together with SSS_NSS_EX_FLAG_NO_CACHE */
55f7d8034d783c01789d76a2b9ffc901045e8af8Sumit Bose#define SSS_NSS_EX_FLAG_INVALIDATE_CACHE (1 << 1)
55f7d8034d783c01789d76a2b9ffc901045e8af8Sumit Bose
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose#ifdef IPA_389DS_PLUGIN_HELPER_CALLS
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose/**
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @brief Return user information based on the user name
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  name       same as for getpwnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  pwd        same as for getpwnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  buffer     same as for getpwnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  buflen     same as for getpwnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[out] result     same as for getpwnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  flags      flags to control the behavior and the results of the
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                        call
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  timeout    timeout in milliseconds
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @return
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - 0:
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ENOENT:    no user with the given name found
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ERANGE:    Insufficient buffer space supplied
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIME:     request timed out but was send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIMEDOUT: request timed out but was not send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose */
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Boseint sss_nss_getpwnam_timeout(const char *name, struct passwd *pwd,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             char *buffer, size_t buflen,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             struct passwd **result,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             uint32_t flags, unsigned int timeout);
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose/**
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @brief Return user information based on the user uid
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  uid        same as for getpwuid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  pwd        same as for getpwuid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  buffer     same as for getpwuid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  buflen     same as for getpwuid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[out] result     same as for getpwuid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  flags      flags to control the behavior and the results of the
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                        call
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  timeout    timeout in milliseconds
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @return
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - 0:
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ENOENT:    no user with the given uid found
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ERANGE:    Insufficient buffer space supplied
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIME:     request timed out but was send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIMEDOUT: request timed out but was not send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose */
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Boseint sss_nss_getpwuid_timeout(uid_t uid, struct passwd *pwd,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             char *buffer, size_t buflen,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             struct passwd **result,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             uint32_t flags, unsigned int timeout);
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose/**
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @brief Return group information based on the group name
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  name       same as for getgrnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  pwd        same as for getgrnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  buffer     same as for getgrnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  buflen     same as for getgrnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[out] result     same as for getgrnam_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  flags      flags to control the behavior and the results of the
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                        call
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  timeout    timeout in milliseconds
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @return
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - 0:
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ENOENT:    no group with the given name found
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ERANGE:    Insufficient buffer space supplied
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIME:     request timed out but was send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIMEDOUT: request timed out but was not send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose */
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Boseint sss_nss_getgrnam_timeout(const char *name, struct group *grp,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             char *buffer, size_t buflen, struct group **result,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             uint32_t flags, unsigned int timeout);
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose/**
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @brief Return group information based on the group gid
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  gid        same as for getgrgid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  pwd        same as for getgrgid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  buffer     same as for getgrgid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  buflen     same as for getgrgid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[out] result     same as for getgrgid_r(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  flags      flags to control the behavior and the results of the
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                        call
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  timeout    timeout in milliseconds
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @return
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - 0:
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ENOENT:    no group with the given gid found
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ERANGE:    Insufficient buffer space supplied
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIME:     request timed out but was send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIMEDOUT: request timed out but was not send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose */
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Boseint sss_nss_getgrgid_timeout(gid_t gid, struct group *grp,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             char *buffer, size_t buflen, struct group **result,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                             uint32_t flags, unsigned int timeout);
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose/**
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @brief Return a list of groups to which a user belongs
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]      name       name of the user
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]      group      same as second argument of getgrouplist(3)
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]      groups     array of gid_t of size ngroups, will be filled
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                            with GIDs of groups the user belongs to
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in,out]  ngroups    size of the groups array on input. On output it
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                            will contain the actual number of groups the
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                            user belongs to. With a return value of 0 the
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                            groups array was large enough to hold all group.
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                            With a return valu of ERANGE the array was not
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                            large enough and ngroups will have the needed
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                            size.
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  flags          flags to control the behavior and the results of
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *                            the call
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @param[in]  timeout        timeout in milliseconds
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose * @return
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - 0:         success
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ENOENT:    no user with the given name found
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ERANGE:    Insufficient buffer space supplied
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIME:     request timed out but was send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose *  - ETIMEDOUT: request timed out but was not send to SSSD
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose */
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Boseint sss_nss_getgrouplist_timeout(const char *name, gid_t group,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                                 gid_t *groups, int *ngroups,
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose                                 uint32_t flags, unsigned int timeout);
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose/**
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @brief Find SID by fully qualified name with timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] fq_name  Fully qualified name of a user or a group
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] timeout  timeout in milliseconds
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] sid     String representation of the SID of the requested user
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *                     or group, must be freed by the caller
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] type    Type of the object related to the given name
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @return
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - 0 (EOK): success, sid contains the requested SID
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ENOENT: requested object was not found in the domain extracted from the given name
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ENETUNREACH: SSSD does not know how to handle the domain extracted from the given name
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ENOSYS: this call is not supported by the configured provider
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - EINVAL: input cannot be parsed
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - EIO: remote servers cannot be reached
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - EFAULT: any other error
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ETIME:     request timed out but was send to SSSD
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ETIMEDOUT: request timed out but was not send to SSSD
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose */
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Boseint sss_nss_getsidbyname_timeout(const char *fq_name, unsigned int timeout,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose                                 char **sid, enum sss_id_type *type);
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose/**
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @brief Find SID by a POSIX UID or GID with timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] id       POSIX UID or GID
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] timeout  timeout in milliseconds
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] sid     String representation of the SID of the requested user
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *                     or group, must be freed by the caller
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] type    Type of the object related to the given ID
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @return
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - see #sss_nss_getsidbyname_timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose */
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Boseint sss_nss_getsidbyid_timeout(uint32_t id, unsigned int timeout,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose                               char **sid, enum sss_id_type *type);
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose/**
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @brief Return the fully qualified name for the given SID with timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] sid      String representation of the SID
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] timeout  timeout in milliseconds
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] fq_name Fully qualified name of a user or a group,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *                     must be freed by the caller
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] type    Type of the object related to the SID
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @return
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - see #sss_nss_getsidbyname_timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose */
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Boseint sss_nss_getnamebysid_timeout(const char *sid, unsigned int timeout,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose                                 char **fq_name, enum sss_id_type *type);
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose/**
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @brief Return the POSIX ID for the given SID with timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] sid      String representation of the SID
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] timeout  timeout in milliseconds
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] id      POSIX ID related to the SID
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] id_type Type of the object related to the SID
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @return
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - see #sss_nss_getsidbyname_timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose */
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Boseint sss_nss_getidbysid_timeout(const char *sid, unsigned int timeout,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose                               uint32_t *id, enum sss_id_type *id_type);
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose/**
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @brief Find original data by fully qualified name with timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] fq_name  Fully qualified name of a user or a group
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] timeout  timeout in milliseconds
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] kv_list A NULL terminate list of key-value pairs where the key
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *                     is the attribute name in the cache of SSSD,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *                     must be freed by the caller with sss_nss_free_kv()
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] type    Type of the object related to the given name
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @return
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - 0 (EOK): success, sid contains the requested SID
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ENOENT: requested object was not found in the domain extracted from the given name
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ENETUNREACH: SSSD does not know how to handle the domain extracted from the given name
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ENOSYS: this call is not supported by the configured provider
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - EINVAL: input cannot be parsed
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - EIO: remote servers cannot be reached
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - EFAULT: any other error
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ETIME:     request timed out but was send to SSSD
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - ETIMEDOUT: request timed out but was not send to SSSD
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose */
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Boseint sss_nss_getorigbyname_timeout(const char *fq_name, unsigned int timeout,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose                                  struct sss_nss_kv **kv_list,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose                                  enum sss_id_type *type);
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose/**
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @brief Return the fully qualified name for the given base64 encoded
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * X.509 certificate in DER format with timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] cert     base64 encoded certificate
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] timeout  timeout in milliseconds
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] fq_name Fully qualified name of a user or a group,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *                     must be freed by the caller
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] type    Type of the object related to the cert
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @return
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - see #sss_nss_getsidbyname_timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose */
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Boseint sss_nss_getnamebycert_timeout(const char *cert, unsigned int timeout,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose                                  char **fq_name, enum sss_id_type *type);
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose/**
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @brief Return a list of fully qualified names for the given base64 encoded
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * X.509 certificate in DER format with timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] cert     base64 encoded certificate
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[in] timeout  timeout in milliseconds
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] fq_name List of fully qualified name of users or groups,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *                     must be freed by the caller
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @param[out] type    List of types of the objects related to the cert
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose * @return
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose *  - see #sss_nss_getsidbyname_timeout
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose */
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Boseint sss_nss_getlistbycert_timeout(const char *cert, unsigned int timeout,
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose                                  char ***fq_name, enum sss_id_type **type);
e54db68cbb9c12d8a6867f2c7766fb2115ab0997Sumit Bose
5e6622722e84d594298a8324f3685a1bda2b5868Sumit Bose#endif /* IPA_389DS_PLUGIN_HELPER_CALLS */
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose#endif /* SSS_NSS_IDMAP_H_ */