usertools.c revision 4714118890e51b365fbce543d0a042b4b59b2b25
/*
SSSD
User tools
Copyright (C) Stephen Gallagher <sgallagh@redhat.com> 2009
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <pwd.h>
#include <pcre.h>
#include <errno.h>
#include <talloc.h>
#include <pwd.h>
#include <grp.h>
#include "util/strtonum.h"
#include "util/safe-format-string.h"
#include "responder/common/responder.h"
#ifdef HAVE_LIBPCRE_LESSER_THAN_7
#define NAME_DOMAIN_PATTERN_OPTIONS (PCRE_EXTENDED)
#else
#endif
/* Function returns given realm name as new uppercase string */
{
char *realm;
char *c;
if (!realm) {
return NULL;
}
c = realm;
while(*c != '\0') {
*c = toupper(*c);
c++;
}
return realm;
}
{
}
return 0;
}
#define IPA_AD_DEFAULT_RE "(((?P<domain>[^\\\\]+)\\\\(?P<name>.+$))|" \
"((?P<name>[^@]+)@(?P<domain>.+$))|" \
"(^(?P<name>[^@\\\\]+)$))"
struct confdb_ctx *cdb,
const char *conf_path,
char **re_pattern)
{
#ifdef HAVE_LIBPCRE_LESSER_THAN_7
"The libpcre version on this system is too old. Only "
"the user@DOMAIN name fully qualified name format will "
"be supported\n");
*re_pattern = NULL;
return EOK;
#else
int ret;
size_t c;
char *id_provider = NULL;
struct provider_default_re {
const char *name;
const char *re;
{"ad", IPA_AD_DEFAULT_RE},
NULL, &id_provider);
"from conf db.\n");
goto done;
}
if (id_provider == NULL) {
*re_pattern = NULL;
} else {
if (*re_pattern == NULL) {
goto done;
}
break;
}
}
}
done:
return ret;
#endif
}
{
char *fq;
return ENOMEM;
}
/* Fail if the name specifier is missing, or if the format is
* invalid */
return EINVAL;
return ENOENT;
}
talloc_free (fq);
return EOK;
}
{
struct sss_names_ctx *ctx;
const char *errstr;
int errval;
int errpos;
int ret;
goto done;
}
goto done;
}
"Invalid Regular Expression pattern at position %d."
goto done;
}
done:
}
return ret;
}
{
char *re_pattern = NULL;;
int ret;
goto done;
}
goto done;
}
}
/* If not found in the domain, look in globals */
if (re_pattern == NULL) {
}
"expression for domain [%s].\n", domain);
goto done;
}
}
if (!re_pattern) {
"(?P<name>[^@]+)@?(?P<domain>[^@]*$)");
if (!re_pattern) {
goto done;
}
#ifdef HAVE_LIBPCRE_LESSER_THAN_7
} else {
"This binary was build with a version of libpcre that does "
"not support non-unique named subpatterns.\n");
"Please make sure that your pattern [%s] only contains "
"subpatterns with a unique name and uses "
"the Python syntax (?P<name>).\n", re_pattern);
#endif
}
}
/* If not found in the domain, look in globals */
}
if (!fq_fmt) {
if (!fq_fmt) {
goto done;
}
}
done:
return ret;
}
struct sss_names_ctx **_out)
{
_out);
}
struct sss_names_ctx *snctx,
{
const char *result;
int ovec[30];
int origlen;
if (ret == PCRE_ERROR_NOMATCH) {
return ERR_REGEX_NOMATCH;
} else if (ret < 0) {
return EINVAL;
}
if (ret == 0) {
"Too many matches, the pattern is invalid.\n");
}
return EINVAL;
}
}
&result);
} else {
/* ignore "" string */
if (*result) {
} else {
}
}
}
return EOK;
}
{
char *domain;
char *name;
int ret;
}
}
}
return ret;
}
static struct sss_domain_info * match_any_domain_or_subdomain_name(
struct sss_domain_info *dom,
const char *dmatch)
{
return dom;
}
}
struct sss_domain_info *domains,
const char *default_domain,
{
char *candidate_name = NULL;
char *candidate_domain = NULL;
bool name_mismatch = false;
int ret;
return ENOMEM;
}
/*
* If the name matched without the domain part, make note of it.
* All the other domain expressions must agree on the domain-less
* name.
*/
if (candidate_name == NULL) {
name_mismatch = true;
}
/*
* If a domain was returned, then it must match the name of the
* domain that this expression was found on, or one of the
* subdomains.
*/
} else {
"domain '%s', user is %s\n",
goto done;
}
break;
} else if (candidate_domain == NULL) {
}
}
/* EINVAL is returned when name doesn't match */
goto done;
}
}
if (candidate_name && !name_mismatch) {
if (default_domain != NULL) {
goto done;
}
break;
}
}
"not known\n", rdomain);
goto done;
}
}
} else if (candidate_domain) {
/* This branch is taken when the input matches the configured
* regular expression, but the domain is now known. Normally, this
* is the case with a FQDN of a user from subdomain that was not
* yet discovered
*/
goto done;
}
}
"name '%s' did not match any domain's expression\n", orig);
goto done;
}
}
}
done:
return ret;
}
char *
const char *orig_name,
bool case_sensitive)
{
}
bool case_sensitive, const char ***_cased)
{
const char **out;
return EOK;
}
if (num == 0) {
return EOK;
}
return ENOMEM;
}
for (i = 0; i < num; i++) {
return ENOMEM;
}
}
return EOK;
}
static inline const char *
{
const char *s;
if (s == NULL) {
"flat name set, falling back to domain name\n");
}
return s;
}
char *
{
}
static void
safe_talloc_callback (void *data,
const char *piece,
{
}
char *
const char *domain_name, const char *flat_dom_name,
const char *name)
{
char *output;
return output;
}
int
{
}
char *
const char *orig_name,
struct sss_domain_info *dom)
{
char *user_name;
int ret;
/* check if the name already contains domain part */
if (ret == ERR_REGEX_NOMATCH) {
"sss_parse_name could not parse domain from [%s]. "
"Assuming it is not FQDN.\n", orig_name);
return NULL;
}
}
/* we always use the fully qualified name for subdomain users */
} else {
}
return user_name;
}
{
char *endptr;
/* Try if it's an ID first */
errno = 0;
"UID [%s] is out of range.\n", input);
return ret;
}
/* Nope, maybe a username? */
} else {
}
"[%s] is neither a valid UID nor a user name which could be "
"resolved by getpwnam().\n", input);
return EINVAL;
}
if (_uid) {
}
if (_gid) {
}
return EOK;
}
/* Accepts fqname in the format shortname@domname only. */
const char *fqname,
char **_shortname,
char **_dom_name)
{
char *separator;
return EINVAL;
}
return ENOMEM;
}
/*The name does not contain name or domain component. */
goto done;
}
goto done;
}
}
if (_shortname != NULL) {
goto done;
}
}
done:
return ret;
}