sdap_async_accounts.c revision b830ab156f032e2a8823f1365da2ed6801427e8f
/*
SSSD
Async LDAP Helper routines
Copyright (C) Simo Sorce <ssorce@redhat.com> - 2009
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "providers/ldap/sdap_async_private.h"
/* ==Save-User-Entry====================================================== */
/* FIXME: support storing additional attributes */
struct sdap_options *opts,
struct sss_domain_info *dom,
struct sysdb_attrs *attrs,
bool is_initgr,
char **_timestamp)
{
struct ldb_message_element *el;
int ret;
const char *name;
const char *pwd;
const char *gecos;
const char *homedir;
const char *shell;
long int l;
struct sysdb_attrs *user_attrs;
int i;
int cache_timeout;
if (el->num_values == 0) {
}
if (ret) {
return ret;
}
if (el->num_values == 0) {
goto fail;
}
errno = 0;
if (errno) {
goto fail;
}
uid = l;
/* check that the uid is valid for this domain */
name));
goto fail;
}
if (el->num_values == 0) {
goto fail;
}
errno = 0;
if (errno) {
goto fail;
}
gid = l;
/* check that the gid is valid for this domain */
name));
goto fail;
}
if (user_attrs == NULL) {
goto fail;
}
if (ret) {
goto fail;
}
if (el->num_values == 0) {
} else {
if (ret) {
goto fail;
}
}
if (ret) {
goto fail;
}
if (el->num_values == 0) {
name));
} else {
name));
for (i = 0; i < el->num_values; i++) {
if (ret) {
goto fail;
}
}
}
if (ret) {
goto fail;
}
if (el->num_values == 0) {
name));
} else {
if (ret) {
goto fail;
}
if (!timestamp) {
goto fail;
}
}
if (ret) {
goto fail;
}
if (el->num_values == 0) {
} else {
if (!upn) {
goto fail;
}
}
if (ret) {
goto fail;
}
}
for (i = SDAP_FIRST_EXTRA_USER_AT; i < SDAP_OPTS_USER; i++) {
if (ret) {
goto fail;
}
if (el->num_values > 0) {
goto fail;
}
if (ret) {
goto fail;
}
}
}
if (is_initgr) {
if (ret) {
goto fail;
}
}
if (_timestamp) {
*_timestamp = timestamp;
}
return EOK;
fail:
return ret;
}
/* ==Generic-Function-to-save-multiple-users============================= */
struct sss_domain_info *dom,
struct sdap_options *opts,
struct sysdb_attrs **users,
int num_users,
char **_timestamp)
{
char *higher_timestamp = NULL;
char *timestamp;
int ret;
int i;
if (!tmpctx) {
return ENOMEM;
}
if (ret) {
goto done;
}
for (i = 0; i < num_users; i++) {
/* Do not fail completely on errors.
* Just report the failure to save and go on */
if (ret) {
} else {
}
if (timestamp) {
if (higher_timestamp) {
} else {
}
} else {
}
}
}
if (ret) {
goto done;
}
if (_timestamp) {
}
done:
return ret;
}
/* ==Search-Users-with-filter============================================= */
struct sdap_get_users_state {
struct tevent_context *ev;
struct sdap_options *opts;
struct sdap_handle *sh;
struct sss_domain_info *dom;
const char **attrs;
const char *filter;
char *higher_timestamp;
struct sysdb_attrs **users;
};
struct tevent_context *ev,
struct sss_domain_info *dom,
struct sdap_options *opts,
struct sdap_handle *sh,
const char **attrs,
const char *filter)
{
struct sdap_get_users_state *state;
if (!subreq) {
return NULL;
}
return req;
}
{
struct tevent_req);
struct sdap_get_users_state);
int ret;
if (ret) {
return;
}
return;
}
if (ret) {
return;
}
}
{
struct sdap_get_users_state);
if (timestamp) {
}
return EOK;
}
/* ==Group-Parsing Routines=============================================== */
struct sss_domain_info *domain,
const char *orig_dn,
char **localdn)
{
char *filter;
struct ldb_message **msgs;
int ret;
if (!tmpctx) {
return ENOMEM;
}
if (!filter) {
goto done;
}
if (!base_dn) {
goto done;
}
if (ret) {
goto done;
}
if (num_msgs != 1) {
goto done;
}
if (!*localdn) {
goto done;
}
done:
return ret;
}
struct sdap_options *opts,
struct sss_domain_info *domain,
int num_values)
{
struct ldb_message_element *el;
int i, j;
int ret;
switch (opts->schema_type) {
case SDAP_SCHEMA_RFC2307:
values, num_values);
if (ret) {
goto done;
}
break;
case SDAP_SCHEMA_RFC2307BIS:
case SDAP_SCHEMA_IPA_V1:
case SDAP_SCHEMA_AD:
if (ret) {
goto done;
}
/* Just allocate both big enough to contain all members for now */
goto done;
}
/* sync search entry with this as origDN */
goto done;
}
} else {
j++;
}
}
el->num_values = j;
break;
default:
DEBUG(0, ("FATAL ERROR: Unhandled schema type! (%d)\n",
opts->schema_type));
goto done;
}
done:
return ret;
}
/* ==Save-Group-Entry===================================================== */
/* FIXME: support non legacy */
/* FIXME: support storing additional attributes */
struct sdap_options *opts,
struct sss_domain_info *dom,
struct sysdb_attrs *attrs,
bool store_members,
char **_timestamp)
{
struct ldb_message_element *el;
struct sysdb_attrs *group_attrs;
const char *name;
long int l;
int ret;
if (el->num_values == 0) {
goto fail;
}
if (el->num_values == 0) {
goto fail;
}
errno = 0;
if (errno) {
goto fail;
}
gid = l;
/* check that the gid is valid for this domain */
name));
goto fail;
}
if (!group_attrs) {
goto fail;
}
if (ret) {
goto fail;
}
if (el->num_values == 0) {
} else {
if (ret) {
goto fail;
}
}
if (ret) {
goto fail;
}
if (el->num_values == 0) {
name));
} else {
if (ret) {
goto fail;
}
if (!timestamp) {
goto fail;
}
}
if (store_members) {
goto fail;
}
if (el->num_values == 0) {
} else {
if (ret) {
goto fail;
}
}
}
if (_timestamp) {
*_timestamp = timestamp;
}
return EOK;
fail:
return ret;
}
/* ==Save-Group-Memebrs=================================================== */
/* FIXME: support non legacy */
/* FIXME: support storing additional attributes */
struct sdap_options *opts,
struct sss_domain_info *dom,
struct sysdb_attrs *attrs)
{
struct ldb_message_element *el;
const char *name;
int ret;
&name);
goto fail;
}
goto fail;
}
if (el->num_values == 0) {
} else {
if (!group_attrs) {
goto fail;
}
if (ret) {
goto fail;
}
}
name, 0, group_attrs,
return EOK;
fail:
return ret;
}
/* ==Generic-Function-to-save-multiple-groups============================= */
struct sss_domain_info *dom,
struct sdap_options *opts,
struct sysdb_attrs **groups,
int num_groups,
char **_timestamp)
{
char *higher_timestamp = NULL;
char *timestamp;
bool twopass;
int ret;
int i;
switch (opts->schema_type) {
case SDAP_SCHEMA_RFC2307:
twopass = false;
break;
case SDAP_SCHEMA_RFC2307BIS:
case SDAP_SCHEMA_IPA_V1:
case SDAP_SCHEMA_AD:
twopass = true;
break;
default:
return EINVAL;
}
if (!tmpctx) {
return ENOMEM;
}
if (ret) {
goto done;
}
for (i = 0; i < num_groups; i++) {
/* if 2 pass savemembers = false */
/* Do not fail completely on errors.
* Just report the failure to save and go on */
if (ret) {
} else {
}
if (timestamp) {
if (higher_timestamp) {
} else {
}
} else {
}
}
}
if (twopass) {
for (i = 0; i < num_groups; i++) {
/* Do not fail completely on errors.
* Just report the failure to save and go on */
if (ret) {
} else {
}
}
}
if (ret) {
goto done;
}
if (_timestamp) {
}
done:
return ret;
}
/* ==Search-Groups-with-filter============================================ */
struct sdap_get_groups_state {
struct tevent_context *ev;
struct sdap_options *opts;
struct sdap_handle *sh;
struct sss_domain_info *dom;
const char **attrs;
const char *filter;
char *higher_timestamp;
struct sysdb_attrs **groups;
};
struct tevent_context *ev,
struct sss_domain_info *dom,
struct sdap_options *opts,
struct sdap_handle *sh,
const char **attrs,
const char *filter)
{
struct sdap_get_groups_state *state;
if (!subreq) {
return NULL;
}
return req;
}
{
struct tevent_req);
struct sdap_get_groups_state);
int ret;
if (ret) {
return;
}
return;
}
if (ret) {
return;
}
}
{
struct sdap_get_groups_state);
if (timestamp) {
}
return EOK;
}
/* ==Initgr-call-(groups-a-user-is-member-of)-RFC2307-Classic/BIS========= */
struct sdap_initgr_rfc2307_state {
struct tevent_context *ev;
struct sdap_options *opts;
struct sss_domain_info *dom;
struct sdap_handle *sh;
};
struct tevent_context *ev,
struct sdap_options *opts,
struct sss_domain_info *dom,
struct sdap_handle *sh,
const char *base_dn,
const char *name,
const char **grp_attrs)
{
struct sdap_initgr_rfc2307_state *state;
const char *filter;
if (!filter) {
return NULL;
}
if (!subreq) {
return NULL;
}
return req;
}
{
struct tevent_req *req;
struct sdap_initgr_rfc2307_state *state;
struct sysdb_attrs **groups;
int ret;
if (ret) {
return;
}
if (count == 0) {
return;
}
if (ret) {
return;
}
}
{
return EOK;
}
/* ==Initgr-call-(groups-a-user-is-member-of)-nested-groups=============== */
struct sdap_initgr_nested_state {
struct tevent_context *ev;
struct sdap_options *opts;
struct sss_domain_info *dom;
struct sdap_handle *sh;
const char **grp_attrs;
char *filter;
char **group_dns;
int count;
int cur;
struct sysdb_attrs **groups;
int groups_cur;
};
struct tevent_context *ev,
struct sdap_options *opts,
struct sss_domain_info *dom,
struct sdap_handle *sh,
struct sysdb_attrs *user,
const char **grp_attrs)
{
struct sdap_initgr_nested_state *state;
struct ldb_message_element *el;
int i, ret;
return NULL;
}
/* TODO: test rootDSE for deref support and use it if available */
/* TODO: or test rootDSE for ASQ support and use it if available */
/* user with no groups ? */
}
return NULL;
}
state->groups_cur = 0;
return NULL;
}
return NULL;
}
}
if (!subreq) {
return NULL;
}
return req;
}
{
struct tevent_req *req;
struct sdap_initgr_nested_state *state;
struct sysdb_attrs **groups;
int ret;
if (ret) {
return;
}
if (count == 1) {
state->groups_cur++;
} else {
}
if (!subreq) {
return;
}
} else {
}
}
{
struct sdap_initgr_nested_state *state;
int ret;
if (ret) {
return;
}
}
{
return EOK;
}
/* ==Initgr-call-(groups-a-user-is-member-of)============================= */
struct sdap_get_initgr_state {
struct tevent_context *ev;
struct sdap_options *opts;
struct sss_domain_info *dom;
struct sdap_handle *sh;
const char *name;
const char **grp_attrs;
struct sysdb_attrs *orig_user;
};
struct tevent_context *ev,
struct sss_domain_info *dom,
struct sdap_options *opts,
struct sdap_handle *sh,
const char *name,
const char **grp_attrs)
{
struct sdap_get_initgr_state *state;
const char *base_dn;
char *filter;
const char **attrs;
int ret;
if (!filter) {
return NULL;
}
if (!base_dn) {
return NULL;
}
SDAP_OPTS_USER, &attrs);
if (ret) {
return NULL;
}
if (!subreq) {
return NULL;
}
return req;
}
{
struct tevent_req);
struct sdap_get_initgr_state);
struct sysdb_attrs **usr_attrs;
int ret;
if (ret) {
return;
}
if (count != 1) {
return;
}
if (ret) {
return;
}
if (ret) {
return;
}
if (ret) {
return;
}
case SDAP_SCHEMA_RFC2307:
if (!subreq) {
return;
}
break;
case SDAP_SCHEMA_RFC2307BIS:
case SDAP_SCHEMA_IPA_V1:
case SDAP_SCHEMA_AD:
* We need an AD specific call that is able to unroll
* nested groups by doing extensive recursive searches */
if (!subreq) {
return;
}
return;
default:
return;
}
}
{
struct tevent_req);
struct sdap_get_initgr_state);
int ret;
case SDAP_SCHEMA_RFC2307:
break;
case SDAP_SCHEMA_RFC2307BIS:
case SDAP_SCHEMA_IPA_V1:
case SDAP_SCHEMA_AD:
break;
default:
break;
}
if (ret) {
return;
}
}
{
return EOK;
}