From d2633d922eeed68f92be4248b9172b928c189920 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Apr 25 2018 05:30:18 +0000 Subject: LDAP: Augment the sdap_opts structure with a data provider pointer In order to be able to use the Data Provider methods from the SDAP code to e.g. invalidate memcache when needed, add a new field to the sdap_options structure with the data_provider structure pointer. Fill the pointer value for all LDAP-based providers. Related: https://pagure.io/SSSD/sssd/issue/2653 Reviewed-by: Fabiano FidĂȘncio --- diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c index 2a16471..d92c68e 100644 --- a/src/providers/ad/ad_common.c +++ b/src/providers/ad/ad_common.c @@ -35,7 +35,8 @@ static errno_t ad_set_sdap_options(struct ad_options *ad_opts, struct sdap_options *id_opts); static struct sdap_options * -ad_create_default_sdap_options(TALLOC_CTX *mem_ctx) +ad_create_default_sdap_options(TALLOC_CTX *mem_ctx, + struct data_provider *dp) { struct sdap_options *id_opts; errno_t ret; @@ -44,6 +45,7 @@ ad_create_default_sdap_options(TALLOC_CTX *mem_ctx) if (!id_opts) { return NULL; } + id_opts->dp = dp; ret = dp_copy_defaults(id_opts, ad_def_ldap_opts, @@ -112,6 +114,7 @@ static errno_t ad_create_sdap_options(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sdap_options **_id_opts) { struct sdap_options *id_opts; @@ -119,7 +122,7 @@ ad_create_sdap_options(TALLOC_CTX *mem_ctx, if (cdb == NULL || conf_path == NULL) { /* Fallback to defaults if there is no confdb */ - id_opts = ad_create_default_sdap_options(mem_ctx); + id_opts = ad_create_default_sdap_options(mem_ctx, dp); if (id_opts == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Failed to initialize default sdap options\n"); @@ -220,6 +223,7 @@ struct ad_options * ad_create_options(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sss_domain_info *subdom) { struct ad_options *ad_options; @@ -252,6 +256,7 @@ ad_create_options(TALLOC_CTX *mem_ctx, ret = ad_create_sdap_options(ad_options, cdb, conf_path, + dp, &ad_options->id); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "Cannot initialize AD LDAP options\n"); @@ -304,6 +309,7 @@ struct ad_options * ad_create_2way_trust_options(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, const char *realm, struct sss_domain_info *subdom, const char *hostname, @@ -315,7 +321,7 @@ ad_create_2way_trust_options(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_TRACE_FUNC, "2way trust is defined to domain '%s'\n", subdom->name); - ad_options = ad_create_options(mem_ctx, cdb, conf_path, subdom); + ad_options = ad_create_options(mem_ctx, cdb, conf_path, dp, subdom); if (ad_options == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "ad_create_options failed\n"); return NULL; @@ -343,6 +349,7 @@ struct ad_options * ad_create_1way_trust_options(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, const char *subdom_conf_path, + struct data_provider *dp, struct sss_domain_info *subdom, const char *hostname, const char *keytab, @@ -355,7 +362,7 @@ ad_create_1way_trust_options(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_TRACE_FUNC, "1way trust is defined to domain '%s'\n", subdom->name); - ad_options = ad_create_options(mem_ctx, cdb, subdom_conf_path, subdom); + ad_options = ad_create_options(mem_ctx, cdb, subdom_conf_path, dp, subdom); if (ad_options == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "ad_create_options failed\n"); return NULL; @@ -1056,12 +1063,13 @@ errno_t ad_get_id_options(struct ad_options *ad_opts, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sdap_options **_opts) { struct sdap_options *id_opts; errno_t ret; - ret = ad_create_sdap_options(ad_opts, cdb, conf_path, &id_opts); + ret = ad_create_sdap_options(ad_opts, cdb, conf_path, dp, &id_opts); if (ret != EOK) { return ENOMEM; } diff --git a/src/providers/ad/ad_common.h b/src/providers/ad/ad_common.h index 931aafc..6eb2ba7 100644 --- a/src/providers/ad/ad_common.h +++ b/src/providers/ad/ad_common.h @@ -112,11 +112,13 @@ ad_get_common_options(TALLOC_CTX *mem_ctx, struct ad_options *ad_create_options(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sss_domain_info *subdom); struct ad_options *ad_create_2way_trust_options(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, const char *realm, struct sss_domain_info *subdom, const char *hostname, @@ -125,6 +127,7 @@ struct ad_options *ad_create_2way_trust_options(TALLOC_CTX *mem_ctx, struct ad_options *ad_create_1way_trust_options(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sss_domain_info *subdom, const char *hostname, const char *keytab, @@ -147,6 +150,7 @@ errno_t ad_get_id_options(struct ad_options *ad_opts, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sdap_options **_opts); errno_t ad_get_autofs_options(struct ad_options *ad_opts, diff --git a/src/providers/ad/ad_init.c b/src/providers/ad/ad_init.c index 8c485a7..b196247 100644 --- a/src/providers/ad/ad_init.c +++ b/src/providers/ad/ad_init.c @@ -453,7 +453,10 @@ errno_t sssm_ad_init(TALLOC_CTX *mem_ctx, init_ctx->options->id_ctx = init_ctx->id_ctx; - ret = ad_get_id_options(init_ctx->options, be_ctx->cdb, be_ctx->conf_path, + ret = ad_get_id_options(init_ctx->options, + be_ctx->cdb, + be_ctx->conf_path, + be_ctx->provider, &init_ctx->id_ctx->sdap_id_ctx->opts); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to init AD id options\n"); diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c index bd94ba8..74b9f07 100644 --- a/src/providers/ad/ad_subdomains.c +++ b/src/providers/ad/ad_subdomains.c @@ -265,8 +265,12 @@ ad_subdom_ad_ctx_new(struct be_ctx *be_ctx, return ENOMEM; } - ad_options = ad_create_2way_trust_options(id_ctx, be_ctx->cdb, - subdom_conf_path, realm, subdom, + ad_options = ad_create_2way_trust_options(id_ctx, + be_ctx->cdb, + subdom_conf_path, + be_ctx->provider, + realm, + subdom, hostname, keytab); talloc_free(subdom_conf_path); if (ad_options == NULL) { diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index 2b81d7f..87ed967 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -171,6 +171,7 @@ static errno_t ipa_parse_search_base(TALLOC_CTX *mem_ctx, int ipa_get_id_options(struct ipa_options *ipa_opts, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sdap_options **_opts) { TALLOC_CTX *tmpctx; @@ -190,6 +191,7 @@ int ipa_get_id_options(struct ipa_options *ipa_opts, ret = ENOMEM; goto done; } + ipa_opts->id->dp = dp; ret = sdap_domain_add(ipa_opts->id, ipa_opts->id_ctx->sdap_id_ctx->be->domain, diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h index 3a1259c..725e0e9 100644 --- a/src/providers/ipa/ipa_common.h +++ b/src/providers/ipa/ipa_common.h @@ -235,6 +235,7 @@ int ipa_get_options(TALLOC_CTX *memctx, int ipa_get_id_options(struct ipa_options *ipa_opts, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sdap_options **_opts); int ipa_get_auth_options(struct ipa_options *ipa_opts, diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c index cd22278..9311459 100644 --- a/src/providers/ipa/ipa_init.c +++ b/src/providers/ipa/ipa_init.c @@ -161,7 +161,10 @@ static errno_t ipa_init_id_ctx(TALLOC_CTX *mem_ctx, ipa_id_ctx->sdap_id_ctx = sdap_id_ctx; ipa_options->id_ctx = ipa_id_ctx; - ret = ipa_get_id_options(ipa_options, be_ctx->cdb, be_ctx->conf_path, + ret = ipa_get_id_options(ipa_options, + be_ctx->cdb, + be_ctx->conf_path, + be_ctx->provider, &sdap_id_ctx->opts); if (ret != EOK) { goto done; diff --git a/src/providers/ipa/ipa_subdomains_server.c b/src/providers/ipa/ipa_subdomains_server.c index d670a15..1e53e7a 100644 --- a/src/providers/ipa/ipa_subdomains_server.c +++ b/src/providers/ipa/ipa_subdomains_server.c @@ -148,6 +148,7 @@ ipa_create_1way_trust_ctx(struct ipa_id_ctx *id_ctx, ad_options = ad_create_1way_trust_options(id_ctx, be_ctx->cdb, subdom_conf_path, + be_ctx->provider, subdom, id_ctx->server_mode->hostname, keytab, @@ -186,6 +187,7 @@ static struct ad_options *ipa_ad_options_new(struct be_ctx *be_ctx, ad_options = ad_create_2way_trust_options(id_ctx, be_ctx->cdb, subdom_conf_path, + be_ctx->provider, id_ctx->server_mode->realm, subdom, id_ctx->server_mode->hostname, diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h index 44dbc3f..548f0f9 100644 --- a/src/providers/ldap/ldap_common.h +++ b/src/providers/ldap/ldap_common.h @@ -193,6 +193,7 @@ int ldap_get_options(TALLOC_CTX *memctx, struct sss_domain_info *dom, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sdap_options **_opts); int ldap_get_sudo_options(struct confdb_ctx *cdb, diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c index 83075b5..44b3e9a 100644 --- a/src/providers/ldap/ldap_init.c +++ b/src/providers/ldap/ldap_init.c @@ -458,7 +458,8 @@ errno_t sssm_ldap_init(TALLOC_CTX *mem_ctx, /* Always initialize options since it is needed everywhere. */ ret = ldap_get_options(init_ctx, be_ctx->domain, be_ctx->cdb, - be_ctx->conf_path, &init_ctx->options); + be_ctx->conf_path, be_ctx->provider, + &init_ctx->options); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to initialize LDAP options " "[%d]: %s\n", ret, sss_strerror(ret)); diff --git a/src/providers/ldap/ldap_options.c b/src/providers/ldap/ldap_options.c index ccc1a2c..0b79715 100644 --- a/src/providers/ldap/ldap_options.c +++ b/src/providers/ldap/ldap_options.c @@ -27,6 +27,7 @@ int ldap_get_options(TALLOC_CTX *memctx, struct sss_domain_info *dom, struct confdb_ctx *cdb, const char *conf_path, + struct data_provider *dp, struct sdap_options **_opts) { struct sdap_attr_map *default_attr_map; @@ -57,6 +58,7 @@ int ldap_get_options(TALLOC_CTX *memctx, opts = talloc_zero(memctx, struct sdap_options); if (!opts) return ENOMEM; + opts->dp = dp; ret = sdap_domain_add(opts, dom, NULL); if (ret != EOK) { diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h index ecf9c4d..e892c40 100644 --- a/src/providers/ldap/sdap.h +++ b/src/providers/ldap/sdap.h @@ -465,6 +465,7 @@ struct sdap_certmap_ctx; struct sdap_options { struct dp_option *basic; + struct data_provider *dp; struct sdap_attr_map *gen_map; struct sdap_attr_map *user_map; size_t user_map_cnt; diff --git a/src/tests/cmocka/common_mock_sdap.c b/src/tests/cmocka/common_mock_sdap.c index cef3216..fa4787c 100644 --- a/src/tests/cmocka/common_mock_sdap.c +++ b/src/tests/cmocka/common_mock_sdap.c @@ -48,7 +48,7 @@ struct sdap_options *mock_sdap_options_ldap(TALLOC_CTX *mem_ctx, struct sdap_options *opts = NULL; errno_t ret; - ret = ldap_get_options(mem_ctx, domain, confdb_ctx, conf_path, &opts); + ret = ldap_get_options(mem_ctx, domain, confdb_ctx, conf_path, NULL, &opts); if (ret != EOK) { return NULL; } diff --git a/src/tests/cmocka/test_ad_common.c b/src/tests/cmocka/test_ad_common.c index 94f351e..39ebbc6 100644 --- a/src/tests/cmocka/test_ad_common.c +++ b/src/tests/cmocka/test_ad_common.c @@ -449,6 +449,7 @@ static void test_ad_create_1way_trust_options(void **state) test_ctx->ad_ctx, NULL, NULL, + NULL, test_ctx->subdom, ONEWAY_HOST_NAME, ONEWAY_KEYTAB_PATH, @@ -515,6 +516,7 @@ static void test_ad_create_2way_trust_options(void **state) test_ctx->ad_ctx, NULL, NULL, + NULL, REALMNAME, test_ctx->subdom, HOST_NAME, @@ -585,6 +587,7 @@ test_ldap_conn_setup(void **state) ad_ctx, NULL, NULL, + NULL, REALMNAME, test_ctx->subdom, HOST_NAME,