providers/ldap/ldap_id_enum.c

	ldap_id_enum.c revision c9eaf8c1e02c155b7ca7ffb2b1edade8a23ce1ff
842ae4bd224140319ae7feec1872b93dfd491143fielding/*
842ae4bd224140319ae7feec1872b93dfd491143fielding    SSSD
842ae4bd224140319ae7feec1872b93dfd491143fielding
842ae4bd224140319ae7feec1872b93dfd491143fielding    LDAP Identity Enumeration
842ae4bd224140319ae7feec1872b93dfd491143fielding
842ae4bd224140319ae7feec1872b93dfd491143fielding    Authors:
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding        Simo Sorce <ssorce@redhat.com>
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding    Copyright (C) 2009 Red Hat
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd    This program is free software; you can redistribute it and/or modify
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd    it under the terms of the GNU General Public License as published by
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd    the Free Software Foundation; either version 3 of the License, or
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd    (at your option) any later version.
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding    This program is distributed in the hope that it will be useful,
2d71630471d1c23f0137309e3c3957c633ecbfd6rbb    but WITHOUT ANY WARRANTY; without even the implied warranty of
8f3ec4772d2aeb347cf40e87c77627bb784dd018rbb    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben    GNU General Public License for more details.
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben    You should have received a copy of the GNU General Public License
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    along with this program.  If not, see <http://www.gnu.org/licenses/>.
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe*/
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben
3f4d7fdb598d64d80ab8656852276246f2f3b502rbb#include "util/util.h"
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe#include "db/sysdb.h"
3f4d7fdb598d64d80ab8656852276246f2f3b502rbb#include "providers/ldap/ldap_common.h"
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe#include "providers/ldap/sdap_async_enum.h"
813bf7d72e14d04d4f40d4c5a6a2d93f203bf900wrowe
813bf7d72e14d04d4f40d4c5a6a2d93f203bf900wroweerrno_t ldap_setup_enumeration(struct be_ctx *be_ctx,
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben                               struct sdap_options *opts,
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar                               struct sdap_domain *sdom,
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben                               be_ptask_send_t send_fn,
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar                               be_ptask_recv_t recv_fn,
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben                               void *pvt)
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar{
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    errno_t ret;
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    time_t first_delay;
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben    time_t period;
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    bool has_enumerated;
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben    struct ldap_enum_ctx *ectx;
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    ret = sysdb_has_enumerated(sdom->dom, &has_enumerated);
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben    if (ret == ENOENT) {
e4afb803ff9a51f9ec7969f232b7fd4a4e94d5d4rbb        /* default value */
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar        has_enumerated = false;
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar        ret = EOK;
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    } else if (ret != EOK) {
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar        return ret;
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben    }
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    if (has_enumerated) {
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben        /* At least one enumeration has previously run,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe         * so clients will get cached data. We will delay
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe         * starting to enumerate by 10s so we don't slow
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe         * down the startup process if this is happening
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe         * during system boot.
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe         */
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        first_delay = 10;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    } else {
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        /* This is our first startup. Schedule the
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe         * enumeration to start immediately once we
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe         * enter the mainloop.
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe         */
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        first_delay = 0;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    }
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    period = dp_opt_get_int(opts->basic, SDAP_ENUM_REFRESH_TIMEOUT);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    ectx = talloc(sdom, struct ldap_enum_ctx);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    if (ectx == NULL) {
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        return ENOMEM;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    }
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    ectx->sdom = sdom;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    ectx->pvt = pvt;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    ret = be_ptask_create(sdom, be_ctx,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                          period,                   /* period */
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                          first_delay,              /* first_delay */
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                          5,                        /* enabled delay */
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                          0,                        /* random offset */
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                          period,                   /* timeout */
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                          BE_PTASK_OFFLINE_SKIP,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                          0,                        /* max_backoff */
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                          send_fn, recv_fn,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                          ectx, "enumeration", &sdom->enum_task);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    if (ret != EOK) {
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        DEBUG(SSSDBG_FATAL_FAILURE,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe              "Unable to initialize enumeration periodic task\n");
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        talloc_free(ectx);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        return ret;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    }
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    talloc_steal(sdom->enum_task, ectx);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    return EOK;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe}
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowestruct ldap_enumeration_state {
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    struct ldap_enum_ctx *ectx;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    struct sdap_id_ctx *id_ctx;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    struct sss_domain_info *dom;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe};
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowestatic void ldap_enumeration_done(struct tevent_req *subreq);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowestruct tevent_req *
e46d12b7a404d93e9ed9d09299e98b9431d95800wroweldap_enumeration_send(TALLOC_CTX *mem_ctx,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                      struct tevent_context *ev,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                      struct be_ctx *be_ctx,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                      struct be_ptask *be_ptask,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                      void *pvt)
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe{
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    struct ldap_enumeration_state *state;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    struct tevent_req *req;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    struct tevent_req *subreq;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    struct ldap_enum_ctx *ectx;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    errno_t ret;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    req = tevent_req_create(mem_ctx, &state,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                            struct ldap_enumeration_state);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    if (req == NULL) {
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        DEBUG(SSSDBG_CRIT_FAILURE, "tevent_req_create() failed\n");
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        return NULL;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    }
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    ectx = talloc_get_type(pvt, struct ldap_enum_ctx);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    if (ectx == NULL) {
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot retrieve ldap_enum_ctx!\n");
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        ret = EFAULT;
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben        goto fail;
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    }
3f4d7fdb598d64d80ab8656852276246f2f3b502rbb    state->ectx = ectx;
3f4d7fdb598d64d80ab8656852276246f2f3b502rbb    state->dom = ectx->sdom->dom;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    state->id_ctx = talloc_get_type_abort(ectx->pvt, struct sdap_id_ctx);
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    subreq = sdap_dom_enum_send(ectx, ev, state->id_ctx, ectx->sdom,
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben                                state->id_ctx->conn);
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    if (subreq == NULL) {
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar        /* The ptask API will reschedule the enumeration on its own on
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar         * failure */
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        DEBUG(SSSDBG_OP_FAILURE,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe              "Failed to schedule enumeration, retrying later!\n");
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        ret = EIO;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        goto fail;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    }
c6e3de48da56d5a2d6298585b895cf75e3ffada2ben
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    tevent_req_set_callback(subreq, ldap_enumeration_done, req);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    return req;
ac00100e1ead618f1d91b77ba2d8a468782a23b7jorton
3f4d7fdb598d64d80ab8656852276246f2f3b502rbbfail:
b931e2cf90d43b0894c2e2927a2a42aca46f277erpluem    tevent_req_error(req, ret);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    tevent_req_post(req, ev);
b0870018de400ab2bec8ddcd102c401900253046jorton    return req;
2db7bac8c6d32ddb851946eeaeed8ded0fbe656awrowe}
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowestatic void
e46d12b7a404d93e9ed9d09299e98b9431d95800wroweldap_enumeration_done(struct tevent_req *subreq)
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe{
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    errno_t ret;
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    struct tevent_req *req = tevent_req_callback_data(subreq,
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe                                                      struct tevent_req);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
b0870018de400ab2bec8ddcd102c401900253046jorton    ret = sdap_dom_enum_recv(subreq);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    talloc_zfree(subreq);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    if (ret != EOK) {
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe        tevent_req_error(req, ret);
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar        return;
6e8fa9b44c6d5f5b3ac9dab52c4734259bcd8335coar    }
3f4d7fdb598d64d80ab8656852276246f2f3b502rbb
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    tevent_req_done(req);
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe}
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe
e46d12b7a404d93e9ed9d09299e98b9431d95800wroweerrno_t
e46d12b7a404d93e9ed9d09299e98b9431d95800wroweldap_enumeration_recv(struct tevent_req *req)
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe{
e46d12b7a404d93e9ed9d09299e98b9431d95800wrowe    TEVENT_REQ_RETURN_ON_ERROR(req);
3f4d7fdb598d64d80ab8656852276246f2f3b502rbb
2fc50921b88defeb7127985dfe4b4130175e069ejwoolley    return EOK;
3f4d7fdb598d64d80ab8656852276246f2f3b502rbb}
ac00100e1ead618f1d91b77ba2d8a468782a23b7jorton