ldap_id.c revision 9e99e3c5c45b20189e76e4d2546966ff1fb3ce40
f3ec420152ca921e4c1ce77782f51b53f659018dnd/*
f3ec420152ca921e4c1ce77782f51b53f659018dnd SSSD
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd LDAP Identity Backend Module
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd Authors:
f3ec420152ca921e4c1ce77782f51b53f659018dnd Simo Sorce <ssorce@redhat.com>
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd Copyright (C) 2008 Red Hat
f3ec420152ca921e4c1ce77782f51b53f659018dnd
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen This program is free software; you can redistribute it and/or modify
2e545ce2450a9953665f701bb05350f0d3f26275nd it under the terms of the GNU General Public License as published by
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen the Free Software Foundation; either version 3 of the License, or
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen (at your option) any later version.
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd This program is distributed in the hope that it will be useful,
af33a4994ae2ff15bc67d19ff1a7feb906745bf8rbowen but WITHOUT ANY WARRANTY; without even the implied warranty of
3f08db06526d6901aa08c110b5bc7dde6bc39905nd MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
f3ec420152ca921e4c1ce77782f51b53f659018dnd GNU General Public License for more details.
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd You should have received a copy of the GNU General Public License
3f08db06526d6901aa08c110b5bc7dde6bc39905nd along with this program. If not, see <http://www.gnu.org/licenses/>.
f3ec420152ca921e4c1ce77782f51b53f659018dnd*/
f3ec420152ca921e4c1ce77782f51b53f659018dnd
c04f76acce77126cf88b09350e56ea8c6b4a064enilgun#include <errno.h>
f3ec420152ca921e4c1ce77782f51b53f659018dnd#include <time.h>
f3ec420152ca921e4c1ce77782f51b53f659018dnd#include <sys/time.h>
f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung
f3ec420152ca921e4c1ce77782f51b53f659018dnd#include "util/util.h"
c3c006c28c5b03892ccaef6e4d2cbb15a13a2072rbowen#include "db/sysdb.h"
f3ec420152ca921e4c1ce77782f51b53f659018dnd#include "providers/ldap/ldap_common.h"
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen#include "providers/ldap/sdap_async.h"
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen/* =Users-Related-Functions-(by-name,by-uid)============================== */
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowenstruct users_get_state {
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct tevent_context *ev;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct sdap_id_ctx *ctx;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct sysdb_ctx *sysdb;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct sss_domain_info *domain;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen const char *name;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen int filter_type;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen char *filter;
f3ec420152ca921e4c1ce77782f51b53f659018dnd const char **attrs;
f3ec420152ca921e4c1ce77782f51b53f659018dnd};
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndstatic void users_get_connect_done(struct tevent_req *subreq);
f3ec420152ca921e4c1ce77782f51b53f659018dndstatic void users_get_done(struct tevent_req *subreq);
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndstruct tevent_req *users_get_send(TALLOC_CTX *memctx,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_context *ev,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct sdap_id_ctx *ctx,
f3ec420152ca921e4c1ce77782f51b53f659018dnd const char *name,
f3ec420152ca921e4c1ce77782f51b53f659018dnd int filter_type,
f3ec420152ca921e4c1ce77782f51b53f659018dnd int attrs_type)
f3ec420152ca921e4c1ce77782f51b53f659018dnd{
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req *req, *subreq;
30471a4650391f57975f60bbb6e4a90be7b284bfhumbedooh struct users_get_state *state;
f3ec420152ca921e4c1ce77782f51b53f659018dnd const char *attr_name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd int ret;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd req = tevent_req_create(memctx, &state, struct users_get_state);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen if (!req) return NULL;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ev = ev;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ctx = ctx;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->sysdb = ctx->be->sysdb;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->domain = state->ctx->be->domain;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->name = name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->filter_type = filter_type;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd switch (filter_type) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd case BE_FILTER_NAME:
f3ec420152ca921e4c1ce77782f51b53f659018dnd attr_name = ctx->opts->user_map[SDAP_AT_USER_NAME].name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd break;
f3ec420152ca921e4c1ce77782f51b53f659018dnd case BE_FILTER_IDNUM:
f3ec420152ca921e4c1ce77782f51b53f659018dnd attr_name = ctx->opts->user_map[SDAP_AT_USER_UID].name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd break;
f3ec420152ca921e4c1ce77782f51b53f659018dnd default:
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = EINVAL;
f3ec420152ca921e4c1ce77782f51b53f659018dnd goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s))",
f3ec420152ca921e4c1ce77782f51b53f659018dnd attr_name, name,
f3ec420152ca921e4c1ce77782f51b53f659018dnd ctx->opts->user_map[SDAP_OC_USER].name);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!state->filter) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd DEBUG(2, ("Failed to build filter\n"));
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = ENOMEM;
f3ec420152ca921e4c1ce77782f51b53f659018dnd goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd /* TODO: handle attrs_type */
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = build_attrs_from_map(state, ctx->opts->user_map,
f3ec420152ca921e4c1ce77782f51b53f659018dnd SDAP_OPTS_USER, &state->attrs);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret != EOK) goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!sdap_connected(ctx)) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd /* FIXME: add option to decide if tls should be used
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen * or SASL/GSSAPI, etc ... */
f3ec420152ca921e4c1ce77782f51b53f659018dnd subreq = sdap_cli_connect_send(state, ev, ctx->opts,
f3ec420152ca921e4c1ce77782f51b53f659018dnd ctx->be, ctx->service,
f3ec420152ca921e4c1ce77782f51b53f659018dnd &ctx->rootDSE);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!subreq) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = ENOMEM;
f3ec420152ca921e4c1ce77782f51b53f659018dnd goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_set_callback(subreq, users_get_connect_done, req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd return req;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd subreq = sdap_get_users_send(state, state->ev,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->domain, state->sysdb,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ctx->opts, state->ctx->gsh,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->attrs, state->filter);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!subreq) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = ENOMEM;
f3ec420152ca921e4c1ce77782f51b53f659018dnd goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_set_callback(subreq, users_get_done, req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd return req;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowenfail:
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen tevent_req_error(req, ret);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen tevent_req_post(req, ev);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen return req;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen}
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowenstatic void users_get_connect_done(struct tevent_req *subreq)
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen{
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req *req = tevent_req_callback_data(subreq,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct users_get_state *state = tevent_req_data(req,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct users_get_state);
f3ec420152ca921e4c1ce77782f51b53f659018dnd int ret;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = sdap_cli_connect_recv(subreq, state->ctx,
f3ec420152ca921e4c1ce77782f51b53f659018dnd &state->ctx->gsh, &state->ctx->rootDSE);
f3ec420152ca921e4c1ce77782f51b53f659018dnd talloc_zfree(subreq);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret == ENOTSUP) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd DEBUG(0, ("Authentication mechanism not Supported by server"));
b2a930a0c94e9fd25f8d2b3a2c53573235db3f06nilgun }
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd subreq = sdap_get_users_send(state, state->ev,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->domain, state->sysdb,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ctx->opts, state->ctx->gsh,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->attrs, state->filter);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!subreq) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ENOMEM);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_set_callback(subreq, users_get_done, req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd}
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndstatic void users_get_done(struct tevent_req *subreq)
f3ec420152ca921e4c1ce77782f51b53f659018dnd{
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req *req = tevent_req_callback_data(subreq,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct users_get_state *state = tevent_req_data(req,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct users_get_state);
f3ec420152ca921e4c1ce77782f51b53f659018dnd char *endptr;
f3ec420152ca921e4c1ce77782f51b53f659018dnd uid_t uid;
f3ec420152ca921e4c1ce77782f51b53f659018dnd int ret;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = sdap_get_users_recv(subreq, NULL, NULL);
f3ec420152ca921e4c1ce77782f51b53f659018dnd talloc_zfree(subreq);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret && ret != ENOENT) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret == ENOENT) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (strchr(state->name, '*')) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd /* it was an enumeration */
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd switch (state->filter_type) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd case BE_FILTER_NAME:
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = sysdb_delete_user(state, state->sysdb,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->domain, state->name, 0);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd break;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd case BE_FILTER_IDNUM:
f3ec420152ca921e4c1ce77782f51b53f659018dnd errno = 0;
f3ec420152ca921e4c1ce77782f51b53f659018dnd uid = (uid_t)strtol(state->name, &endptr, 0);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (errno || *endptr || (state->name == endptr)) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, errno);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = sysdb_delete_user(state, state->sysdb,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->domain, NULL, uid);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd break;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd default:
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, EINVAL);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_done(req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd}
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndint users_get_recv(struct tevent_req *req)
f3ec420152ca921e4c1ce77782f51b53f659018dnd{
f3ec420152ca921e4c1ce77782f51b53f659018dnd TEVENT_REQ_RETURN_ON_ERROR(req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd return EOK;
f3ec420152ca921e4c1ce77782f51b53f659018dnd}
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd/* =Groups-Related-Functions-(by-name,by-uid)============================= */
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndstruct groups_get_state {
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_context *ev;
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct sdap_id_ctx *ctx;
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct sysdb_ctx *sysdb;
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct sss_domain_info *domain;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd const char *name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd int filter_type;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd char *filter;
f3ec420152ca921e4c1ce77782f51b53f659018dnd const char **attrs;
f3ec420152ca921e4c1ce77782f51b53f659018dnd};
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndstatic void groups_get_connect_done(struct tevent_req *subreq);
f3ec420152ca921e4c1ce77782f51b53f659018dndstatic void groups_get_done(struct tevent_req *subreq);
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndstruct tevent_req *groups_get_send(TALLOC_CTX *memctx,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_context *ev,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct sdap_id_ctx *ctx,
f3ec420152ca921e4c1ce77782f51b53f659018dnd const char *name,
f3ec420152ca921e4c1ce77782f51b53f659018dnd int filter_type,
f3ec420152ca921e4c1ce77782f51b53f659018dnd int attrs_type)
f3ec420152ca921e4c1ce77782f51b53f659018dnd{
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req *req, *subreq;
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct groups_get_state *state;
f3ec420152ca921e4c1ce77782f51b53f659018dnd const char *attr_name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd int ret;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd req = tevent_req_create(memctx, &state, struct groups_get_state);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!req) return NULL;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ev = ev;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ctx = ctx;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->sysdb = ctx->be->sysdb;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->domain = state->ctx->be->domain;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->name = name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->filter_type = filter_type;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd switch(filter_type) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd case BE_FILTER_NAME:
f3ec420152ca921e4c1ce77782f51b53f659018dnd attr_name = ctx->opts->group_map[SDAP_AT_GROUP_NAME].name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd break;
f3ec420152ca921e4c1ce77782f51b53f659018dnd case BE_FILTER_IDNUM:
f3ec420152ca921e4c1ce77782f51b53f659018dnd attr_name = ctx->opts->group_map[SDAP_AT_GROUP_GID].name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd break;
f3ec420152ca921e4c1ce77782f51b53f659018dnd default:
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = EINVAL;
f3ec420152ca921e4c1ce77782f51b53f659018dnd goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s))",
f3ec420152ca921e4c1ce77782f51b53f659018dnd attr_name, name,
f3ec420152ca921e4c1ce77782f51b53f659018dnd ctx->opts->group_map[SDAP_OC_GROUP].name);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!state->filter) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd DEBUG(2, ("Failed to build filter\n"));
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = ENOMEM;
f3ec420152ca921e4c1ce77782f51b53f659018dnd goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd /* TODO: handle attrs_type */
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = build_attrs_from_map(state, ctx->opts->group_map,
f3ec420152ca921e4c1ce77782f51b53f659018dnd SDAP_OPTS_GROUP, &state->attrs);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret != EOK) goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!sdap_connected(ctx)) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd /* FIXME: add option to decide if tls should be used
f3ec420152ca921e4c1ce77782f51b53f659018dnd * or SASL/GSSAPI, etc ... */
f3ec420152ca921e4c1ce77782f51b53f659018dnd subreq = sdap_cli_connect_send(state, ev, ctx->opts,
f3ec420152ca921e4c1ce77782f51b53f659018dnd ctx->be, ctx->service,
723b4be7951b76cd58116426912adacf55bf96ednilgun &ctx->rootDSE);
91f378b5a10f2d83820902ed10ba7967a3920c18nilgun if (!subreq) {
723b4be7951b76cd58116426912adacf55bf96ednilgun ret = ENOMEM;
27dcd8d81085fd60aadcd8a9bad35a607b26b758nilgun goto fail;
723b4be7951b76cd58116426912adacf55bf96ednilgun }
723b4be7951b76cd58116426912adacf55bf96ednilgun
723b4be7951b76cd58116426912adacf55bf96ednilgun tevent_req_set_callback(subreq, groups_get_connect_done, req);
723b4be7951b76cd58116426912adacf55bf96ednilgun
723b4be7951b76cd58116426912adacf55bf96ednilgun return req;
723b4be7951b76cd58116426912adacf55bf96ednilgun }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd subreq = sdap_get_groups_send(state, state->ev,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->domain, state->sysdb,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ctx->opts, state->ctx->gsh,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->attrs, state->filter);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!subreq) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = ENOMEM;
f3ec420152ca921e4c1ce77782f51b53f659018dnd goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_set_callback(subreq, groups_get_done, req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd return req;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndfail:
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_post(req, ev);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return req;
f3ec420152ca921e4c1ce77782f51b53f659018dnd}
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndstatic void groups_get_connect_done(struct tevent_req *subreq)
f3ec420152ca921e4c1ce77782f51b53f659018dnd{
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req *req = tevent_req_callback_data(subreq,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct groups_get_state *state = tevent_req_data(req,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct groups_get_state);
f3ec420152ca921e4c1ce77782f51b53f659018dnd int ret;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = sdap_cli_connect_recv(subreq, state->ctx,
f3ec420152ca921e4c1ce77782f51b53f659018dnd &state->ctx->gsh, &state->ctx->rootDSE);
f3ec420152ca921e4c1ce77782f51b53f659018dnd talloc_zfree(subreq);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret == ENOTSUP) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd DEBUG(0, ("Authentication mechanism not Supported by server"));
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd subreq = sdap_get_groups_send(state, state->ev,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->domain, state->sysdb,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ctx->opts, state->ctx->gsh,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->attrs, state->filter);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!subreq) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ENOMEM);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_set_callback(subreq, groups_get_done, req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd}
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndstatic void groups_get_done(struct tevent_req *subreq)
f3ec420152ca921e4c1ce77782f51b53f659018dnd{
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req *req = tevent_req_callback_data(subreq,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct tevent_req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct groups_get_state *state = tevent_req_data(req,
f3ec420152ca921e4c1ce77782f51b53f659018dnd struct groups_get_state);
f3ec420152ca921e4c1ce77782f51b53f659018dnd char *endptr;
f3ec420152ca921e4c1ce77782f51b53f659018dnd gid_t gid;
f3ec420152ca921e4c1ce77782f51b53f659018dnd int ret;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = sdap_get_groups_recv(subreq, NULL, NULL);
f3ec420152ca921e4c1ce77782f51b53f659018dnd talloc_zfree(subreq);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret && ret != ENOENT) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
d23070a273525fb69f21f5426d31a32157dad337nilgun
d23070a273525fb69f21f5426d31a32157dad337nilgun if (ret == ENOENT) {
d23070a273525fb69f21f5426d31a32157dad337nilgun if (strchr(state->name, '*')) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd /* it was an enumeration */
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
d23070a273525fb69f21f5426d31a32157dad337nilgun }
bcb283e92c05f9564992be3cad88399eb0a163eanilgun
f3ec420152ca921e4c1ce77782f51b53f659018dnd switch (state->filter_type) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd case BE_FILTER_NAME:
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = sysdb_delete_group(state, state->sysdb,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->domain, state->name, 0);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen }
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen break;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen case BE_FILTER_IDNUM:
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen errno = 0;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen gid = (gid_t)strtol(state->name, &endptr, 0);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen if (errno || *endptr || (state->name == endptr)) {
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen tevent_req_error(req, errno);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen return;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen }
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen ret = sysdb_delete_group(state, state->sysdb,
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen state->domain, NULL, gid);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen if (ret) {
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen tevent_req_error(req, ret);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen return;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen }
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen break;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen default:
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen tevent_req_error(req, EINVAL);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen return;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen }
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen }
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen tevent_req_done(req);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen}
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndint groups_get_recv(struct tevent_req *req)
f3ec420152ca921e4c1ce77782f51b53f659018dnd{
f3ec420152ca921e4c1ce77782f51b53f659018dnd TEVENT_REQ_RETURN_ON_ERROR(req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd return EOK;
f3ec420152ca921e4c1ce77782f51b53f659018dnd}
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen/* =Get-Groups-for-User================================================== */
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowenstruct groups_by_user_state {
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct tevent_context *ev;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct sdap_id_ctx *ctx;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen const char *name;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen const char **attrs;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen};
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowenstatic void groups_by_user_connect_done(struct tevent_req *subreq);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowenstatic void groups_by_user_done(struct tevent_req *subreq);
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowenstatic struct tevent_req *groups_by_user_send(TALLOC_CTX *memctx,
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct tevent_context *ev,
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct sdap_id_ctx *ctx,
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen const char *name)
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen{
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct tevent_req *req, *subreq;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen struct groups_by_user_state *state;
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen int ret;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd req = tevent_req_create(memctx, &state, struct groups_by_user_state);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!req) return NULL;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ev = ev;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ctx = ctx;
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->name = name;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = build_attrs_from_map(state, ctx->opts->group_map,
f3ec420152ca921e4c1ce77782f51b53f659018dnd SDAP_OPTS_GROUP, &state->attrs);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (ret != EOK) goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!sdap_connected(ctx)) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd /* FIXME: add option to decide if tls should be used
f3ec420152ca921e4c1ce77782f51b53f659018dnd * or SASL/GSSAPI, etc ... */
f3ec420152ca921e4c1ce77782f51b53f659018dnd subreq = sdap_cli_connect_send(state, ev, ctx->opts,
f3ec420152ca921e4c1ce77782f51b53f659018dnd ctx->be, ctx->service,
f3ec420152ca921e4c1ce77782f51b53f659018dnd &ctx->rootDSE);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!subreq) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = ENOMEM;
f3ec420152ca921e4c1ce77782f51b53f659018dnd goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_set_callback(subreq, groups_by_user_connect_done, req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd return req;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen
f3ec420152ca921e4c1ce77782f51b53f659018dnd subreq = sdap_get_initgr_send(state, state->ev,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ctx->be->domain,
d1636bdc2e674b84ee46f534b51be18ecac6bef5rbowen state->ctx->be->sysdb,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->ctx->opts, state->ctx->gsh,
f3ec420152ca921e4c1ce77782f51b53f659018dnd state->name, state->attrs);
f3ec420152ca921e4c1ce77782f51b53f659018dnd if (!subreq) {
f3ec420152ca921e4c1ce77782f51b53f659018dnd ret = ENOMEM;
f3ec420152ca921e4c1ce77782f51b53f659018dnd goto fail;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_set_callback(subreq, groups_by_user_done, req);
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dnd return req;
f3ec420152ca921e4c1ce77782f51b53f659018dnd
f3ec420152ca921e4c1ce77782f51b53f659018dndfail:
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_error(req, ret);
f3ec420152ca921e4c1ce77782f51b53f659018dnd tevent_req_post(req, ev);
f3ec420152ca921e4c1ce77782f51b53f659018dnd return req;
f3ec420152ca921e4c1ce77782f51b53f659018dnd}
c04f76acce77126cf88b09350e56ea8c6b4a064enilgun
f3ec420152ca921e4c1ce77782f51b53f659018dndstatic void groups_by_user_connect_done(struct tevent_req *subreq)
f3ec420152ca921e4c1ce77782f51b53f659018dnd{
f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung struct tevent_req *req = tevent_req_callback_data(subreq,
727872d18412fc021f03969b8641810d8896820bhumbedooh struct tevent_req);
0d0ba3a410038e179b695446bb149cce6264e0abnd struct groups_by_user_state *state = tevent_req_data(req,
727872d18412fc021f03969b8641810d8896820bhumbedooh struct groups_by_user_state);
cc7e1025de9ac63bd4db6fe7f71c158b2cf09fe4humbedooh int ret;
0d0ba3a410038e179b695446bb149cce6264e0abnd
cc7e1025de9ac63bd4db6fe7f71c158b2cf09fe4humbedooh ret = sdap_cli_connect_recv(subreq, state->ctx,
727872d18412fc021f03969b8641810d8896820bhumbedooh &state->ctx->gsh, &state->ctx->rootDSE);
0d0ba3a410038e179b695446bb149cce6264e0abnd talloc_zfree(subreq);
0d0ba3a410038e179b695446bb149cce6264e0abnd if (ret) {
0d0ba3a410038e179b695446bb149cce6264e0abnd if (ret == ENOTSUP) {
ac082aefa89416cbdc9a1836eaf3bed9698201c8humbedooh DEBUG(0, ("Authentication mechanism not Supported by server"));
0d0ba3a410038e179b695446bb149cce6264e0abnd }
0d0ba3a410038e179b695446bb149cce6264e0abnd tevent_req_error(req, ret);
0d0ba3a410038e179b695446bb149cce6264e0abnd return;
727872d18412fc021f03969b8641810d8896820bhumbedooh }
0d0ba3a410038e179b695446bb149cce6264e0abnd
0d0ba3a410038e179b695446bb149cce6264e0abnd subreq = sdap_get_initgr_send(state, state->ev,
30471a4650391f57975f60bbb6e4a90be7b284bfhumbedooh state->ctx->be->domain,
07dc96d063d49299da433f84b5c5681da9bbdf68rbowen state->ctx->be->sysdb,
af33a4994ae2ff15bc67d19ff1a7feb906745bf8rbowen state->ctx->opts, state->ctx->gsh,
0d0ba3a410038e179b695446bb149cce6264e0abnd state->name, state->attrs);
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd if (!subreq) {
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd tevent_req_error(req, ENOMEM);
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd return;
f3ec420152ca921e4c1ce77782f51b53f659018dnd }
tevent_req_set_callback(subreq, groups_by_user_done, req);
}
static void groups_by_user_done(struct tevent_req *subreq)
{
struct tevent_req *req = tevent_req_callback_data(subreq,
struct tevent_req);
int ret;
ret = sdap_get_initgr_recv(subreq);
talloc_zfree(subreq);
if (ret) {
tevent_req_error(req, ret);
return;
}
tevent_req_done(req);
}
int groups_by_user_recv(struct tevent_req *req)
{
TEVENT_REQ_RETURN_ON_ERROR(req);
return EOK;
}
/* =Get-Account-Info-Call================================================= */
/* FIXME: embed this function in sssd_be and only call out
* specific functions from modules ? */
static void sdap_account_info_users_done(struct tevent_req *req);
static void sdap_account_info_groups_done(struct tevent_req *req);
static void sdap_account_info_initgr_done(struct tevent_req *req);
void sdap_account_info_handler(struct be_req *breq)
{
struct sdap_id_ctx *ctx;
struct be_acct_req *ar;
struct tevent_req *req;
const char *err = "Unknown Error";
int ret = EOK;
ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx);
if (be_is_offline(ctx->be)) {
return sdap_handler_done(breq, DP_ERR_OFFLINE, EAGAIN, "Offline");
}
ar = talloc_get_type(breq->req_data, struct be_acct_req);
switch (ar->entry_type & 0xFFF) {
case BE_REQ_USER: /* user */
/* skip enumerations on demand */
if (strcmp(ar->filter_value, "*") == 0) {
return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success");
}
req = users_get_send(breq, breq->be_ctx->ev, ctx,
ar->filter_value,
ar->filter_type,
ar->attr_type);
if (!req) {
return sdap_handler_done(breq, DP_ERR_FATAL, ENOMEM, "Out of memory");
}
tevent_req_set_callback(req, sdap_account_info_users_done, breq);
break;
case BE_REQ_GROUP: /* group */
if (strcmp(ar->filter_value, "*") == 0) {
return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success");
}
/* skip enumerations on demand */
req = groups_get_send(breq, breq->be_ctx->ev, ctx,
ar->filter_value,
ar->filter_type,
ar->attr_type);
if (!req) {
return sdap_handler_done(breq, DP_ERR_FATAL, ENOMEM, "Out of memory");
}
tevent_req_set_callback(req, sdap_account_info_groups_done, breq);
break;
case BE_REQ_INITGROUPS: /* init groups for user */
if (ar->filter_type != BE_FILTER_NAME) {
ret = EINVAL;
err = "Invalid filter type";
break;
}
if (ar->attr_type != BE_ATTR_CORE) {
ret = EINVAL;
err = "Invalid attr type";
break;
}
if (strchr(ar->filter_value, '*')) {
ret = EINVAL;
err = "Invalid filter value";
break;
}
req = groups_by_user_send(breq, breq->be_ctx->ev, ctx,
ar->filter_value);
if (!req) ret = ENOMEM;
/* tevent_req_set_callback(req, groups_by_user_done, breq); */
tevent_req_set_callback(req, sdap_account_info_initgr_done, breq);
break;
default: /*fail*/
ret = EINVAL;
err = "Invalid request type";
}
if (ret != EOK) return sdap_handler_done(breq, DP_ERR_FATAL, ret, err);
}
static void sdap_account_info_immediate(struct tevent_context *ctx,
struct tevent_immediate *im,
void *private_data)
{
struct be_req *breq = talloc_get_type(private_data, struct be_req);
sdap_account_info_handler(breq);
}
static int sdap_account_info_restart(struct be_req *breq)
{
struct tevent_immediate *im;
breq->restarts++;
if (breq->restarts > MAX_BE_REQ_RESTARTS) {
return ELOOP;
}
im = tevent_create_immediate(breq);
if (!im) {
return ENOMEM;
}
/* schedule a completely new event to avoid deep recursions */
tevent_schedule_immediate(im, breq->be_ctx->ev,
sdap_account_info_immediate, breq);
return EOK;
}
static void sdap_account_info_common_done(int ret, struct be_req *breq,
const char *str_on_err)
{
struct sdap_id_ctx *ctx;
int dp_err = DP_ERR_OK;
const char *errstr = NULL;
errno_t err;
if (ret != EOK) {
dp_err = DP_ERR_FATAL;
errstr = str_on_err;
if (ret == ETIMEDOUT || ret == EFAULT || ret == EIO) {
ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data,
struct sdap_id_ctx);
if (sdap_check_gssapi_reconnect(ctx)) {
if (ctx->gsh) {
/* Mark the connection as false so we don't try to use an
* invalid connection by mistake later.
* If the global sdap handler is NULL, it's ok not to do
* anything here. It's always checked by sdap_connected()
* before being used.
*/
ctx->gsh->connected = false;
}
err = sdap_account_info_restart(breq);
if (err == EOK) return;
}
/* Couldn't reconnect, that was our last try
* Go offline now
*/
dp_err = DP_ERR_OFFLINE;
sdap_mark_offline(ctx);
}
}
sdap_handler_done(breq, dp_err, ret, errstr);
}
static void sdap_account_info_users_done(struct tevent_req *req)
{
struct be_req *breq = tevent_req_callback_data(req, struct be_req);
int ret;
ret = users_get_recv(req);
talloc_zfree(req);
sdap_account_info_common_done(ret, breq, "User lookup failed");
}
static void sdap_account_info_groups_done(struct tevent_req *req)
{
struct be_req *breq = tevent_req_callback_data(req, struct be_req);
int ret;
ret = groups_get_recv(req);
talloc_zfree(req);
sdap_account_info_common_done(ret, breq, "Group lookup failed");
}
static void sdap_account_info_initgr_done(struct tevent_req *req)
{
struct be_req *breq = tevent_req_callback_data(req, struct be_req);
int ret;
ret = groups_by_user_recv(req);
talloc_zfree(req);
sdap_account_info_common_done(ret, breq, "Init Groups Failed");
}