From b601cae66c441163a00f73c64d00a29e0840d44e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 24 Mar 2017 15:29:23 +0100 Subject: [PATCH 46/54] SYSDB: Add methods to deal with the domain's resolution order MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In the following-up patches those newly introduced methods will be used to deal with the domainResolutionOrder attribute. The sysdb_update_domain_resolution_order() method is purposely not checking whether a value has changed or not before writing to sysdb and while may not be optimal, the readability of the code has increased a lot by keeping it as simple as possible. Tests for these new methods are part of the next commit. Related: https://pagure.io/SSSD/sssd/issue/3001 Signed-off-by: Fabiano Fidêncio Reviewed-by: Sumit Bose Reviewed-by: Pavel Březina --- Makefile.am | 2 + src/db/sysdb.h | 2 + src/db/sysdb_domain_resolution_order.c | 169 +++++++++++++++++++++++++++++++++ src/db/sysdb_domain_resolution_order.h | 37 ++++++++ 4 files changed, 210 insertions(+) create mode 100644 src/db/sysdb_domain_resolution_order.c create mode 100644 src/db/sysdb_domain_resolution_order.h diff --git a/Makefile.am b/Makefile.am index 359feddef298b0013c726409b7ba8b86504abf09..8052150be32d89813764e9bc436dfcb211a738d6 100644 --- a/Makefile.am +++ b/Makefile.am @@ -736,6 +736,7 @@ dist_noinst_HEADERS = \ src/db/sysdb_private.h \ src/db/sysdb_services.h \ src/db/sysdb_ssh.h \ + src/db/sysdb_domain_resolution_order.h \ src/confdb/confdb.h \ src/confdb/confdb_private.h \ src/confdb/confdb_setup.h \ @@ -995,6 +996,7 @@ libsss_util_la_SOURCES = \ src/db/sysdb_idmap.c \ src/db/sysdb_gpo.c \ src/db/sysdb_certmap.c \ + src/db/sysdb_domain_resolution_order.c \ src/monitor/monitor_sbus.c \ src/providers/dp_auth_util.c \ src/providers/dp_pam_data_util.c \ diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 6762b51bee02911fb97d5d393fad2495504ee5ad..42d2857ed7765c17e7d84b0da93ed07758fbe012 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -184,6 +184,8 @@ #define SYSDB_OVERRIDE_GROUP_CLASS "groupOverride" #define SYSDB_OVERRIDE_DN "overrideDN" #define SYSDB_OVERRIDE_OBJECT_DN "overrideObjectDN" +#define SYSDB_USE_DOMAIN_RESOLUTION_ORDER "useDomainResolutionOrder" +#define SYSDB_DOMAIN_RESOLUTION_ORDER "domainResolutionOrder" #define SYSDB_NEXTID_FILTER "("SYSDB_NEXTID"=*)" diff --git a/src/db/sysdb_domain_resolution_order.c b/src/db/sysdb_domain_resolution_order.c new file mode 100644 index 0000000000000000000000000000000000000000..63774461a1e9f3dc863220d418e29e06d6e6e6df --- /dev/null +++ b/src/db/sysdb_domain_resolution_order.c @@ -0,0 +1,169 @@ +/* + Authors: + Fabiano Fidêncio + + Copyright (C) 2017 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include + +#include "db/sysdb.h" +#include "db/sysdb_private.h" + +static errno_t +sysdb_get_domain_resolution_order_string_attr(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + struct ldb_dn *dn, + const char *const *attrs, + const char **_attr) +{ + TALLOC_CTX *tmp_ctx; + struct ldb_result *res; + const char *attr; + errno_t ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + return ENOMEM; + } + + ret = ldb_search(sysdb->ldb, tmp_ctx, &res, dn, LDB_SCOPE_BASE, attrs, + NULL); + if (ret != LDB_SUCCESS) { + ret = EIO; + goto done; + } + + if (res->count > 1) { + DEBUG(SSSDBG_OP_FAILURE, + "Base search returned [%d] results, expected 1.\n", res->count); + ret = EINVAL; + goto done; + } else if (res->count == 0) { + ret = ENOENT; + goto done; + } else { + /* res->count == 1 */ + attr = ldb_msg_find_attr_as_string(res->msgs[0], attrs[0], NULL); + if (attr == NULL) { + ret = ENOENT; + goto done; + } + } + + *_attr = talloc_steal(mem_ctx, attr); + + ret = EOK; + +done: + talloc_free(tmp_ctx); + return ret; +} + +errno_t +sysdb_get_domain_resolution_order(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + struct ldb_dn *dn, + const char **_domain_resolution_order) +{ + TALLOC_CTX *tmp_ctx; + const char *domain_resolution_order = NULL; + const char *attrs[] = { SYSDB_DOMAIN_RESOLUTION_ORDER, NULL }; + errno_t ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + return ENOMEM; + } + + ret = sysdb_get_domain_resolution_order_string_attr( + tmp_ctx, sysdb, dn, attrs, &domain_resolution_order); + if (ret != EOK && ret != ENOENT) { + DEBUG(SSSDBG_OP_FAILURE, + "sysdb_get_domain_resolution_order_string_attr() failed " + "[%d]: [%s]", + ret, sss_strerror(ret)); + goto done; + } else if (ret == ENOENT) { + *_domain_resolution_order = NULL; + goto done; + } else { + /* ret == EOK */ + *_domain_resolution_order = talloc_steal(mem_ctx, + domain_resolution_order); + } + + ret = EOK; + +done: + talloc_free(tmp_ctx); + return ret; +} + +errno_t +sysdb_update_domain_resolution_order(struct sysdb_ctx *sysdb, + struct ldb_dn *dn, + const char *domain_resolution_order) +{ + TALLOC_CTX *tmp_ctx; + struct ldb_message *msg; + errno_t ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + return ENOMEM; + } + + msg = ldb_msg_new(tmp_ctx); + if (msg == NULL) { + ret = ENOMEM; + goto done; + } + + msg->dn = dn; + + ret = ldb_msg_add_empty(msg, SYSDB_DOMAIN_RESOLUTION_ORDER, + LDB_FLAG_MOD_REPLACE, NULL); + if (ret != LDB_SUCCESS) { + ret = sysdb_error_to_errno(ret); + goto done; + } + + if (domain_resolution_order != NULL) { + ret = ldb_msg_add_string(msg, SYSDB_DOMAIN_RESOLUTION_ORDER, + domain_resolution_order); + if (ret != LDB_SUCCESS) { + ret = sysdb_error_to_errno(ret); + goto done; + } + } + + ret = ldb_modify(sysdb->ldb, msg); + if (ret != LDB_SUCCESS) { + DEBUG(SSSDBG_OP_FAILURE, + "ldb_modify()_failed: [%s][%d][%s]\n", + ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)); + ret = sysdb_error_to_errno(ret); + goto done; + } + + + ret = EOK; + +done: + talloc_free(tmp_ctx); + return ret; +} diff --git a/src/db/sysdb_domain_resolution_order.h b/src/db/sysdb_domain_resolution_order.h new file mode 100644 index 0000000000000000000000000000000000000000..45d2ea63f6bc14cd3184994530846ee6f762d4d0 --- /dev/null +++ b/src/db/sysdb_domain_resolution_order.h @@ -0,0 +1,37 @@ +/* + Authors: + Fabiano Fidêncio + + Copyright (C) 2017 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#ifndef _SYSDB_DOMAIN_RESOLUTION_ORDER_H_ +#define _SYSDB_DOMAIN_RESOLUTION_ORDER_H_ + +#include "db/sysdb.h" + +errno_t +sysdb_get_domain_resolution_order(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + struct ldb_dn *dn, + const char **_domain_resolution_order); + +errno_t +sysdb_update_domain_resolution_order(struct sysdb_ctx *sysdb, + struct ldb_dn *dn, + const char *domain_resolution_order); + +#endif /* _SYSDB_DOMAIN_RESOLUTION_ORDER_H_ */ -- 2.9.3