-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/22/2010 10:14 AM, Stephen Gallagher wrote: > There is no need to pass "domain" as a parameter to the data provider. > We're already talking directly to the provider for that domain. Both the > provider and responder are fully aware of which domain is being queried > without passing this parameter. It only serves to complicate the interface. > >
Simo noticed a typo on this patch during code review. Fixed. - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkuCshsACgkQeiVVYja6o6OXsQCeIzKtHPSMaqwkfef0Z5RvN0iv EIoAnjeMj5PuHOcvUt8ktqx+flN7fXmn =L0uQ -----END PGP SIGNATURE-----
From d634806f05b18045b8c3bbf58b7cad53d57a80e9 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgall...@redhat.com>
Date: Mon, 22 Feb 2010 10:11:18 -0500
Subject: [PATCH] Remove unnecessary domain parameter from PAM requests
If we're sending a message to the backend, we already know which
domain the request is targeting. Carrying this information is not
useful and confuses the interface.
---
src/providers/data_provider.h | 4 +---
src/providers/dp_auth_util.c | 23 +----------------------
2 files changed, 2 insertions(+), 25 deletions(-)
diff --git a/src/providers/data_provider.h b/src/providers/data_provider.h
index cbb4ebb..ca70180 100644
--- a/src/providers/data_provider.h
+++ b/src/providers/data_provider.h
@@ -77,7 +77,6 @@
* hand it must have the following elements:
*
* @param DBUS_TYPE_INT32 PAM Command, see #sss_cli_command for allowed values
- * @param DBUS_TYPE_STRING Name of the Domain
* @param DBUS_TYPE_STRING User name, this value is send by the PAM client and
* contains the value of the PAM item PAM_USER
* @param DBUS_TYPE_STRING Service name, this value is send by the PAM client
@@ -111,8 +110,7 @@
* indicate that the provider is offline and that the PAM responder should try
* a chached authentication, for all other return value see the man pages for
* the corresponding PAM service functions
- * @retval DBUS_TYPE_STRING Domain Name
- * @retval DBUS_TYPE_ARRAY__(STRUCT) (optional) Zero more more additional
+ * @retval DBUS_TYPE_ARRAY__(STRUCT) Zero or more additional getAccountInfo
* messages, here the DBUS_TYPE_STRUCT is build of a DBUS_TYPE_UINT32 holding
* an identifier (see #response_type) and DBUS_TYPE_G_BYTE_ARRAY with the data
* of the message.
diff --git a/src/providers/dp_auth_util.c b/src/providers/dp_auth_util.c
index f4e68ea..8bc0a9a 100644
--- a/src/providers/dp_auth_util.c
+++ b/src/providers/dp_auth_util.c
@@ -24,7 +24,6 @@
void pam_print_data(int l, struct pam_data *pd)
{
DEBUG(l, ("command: %d\n", pd->cmd));
- DEBUG(l, ("domain: %s\n", pd->domain));
DEBUG(l, ("user: %s\n", pd->user));
DEBUG(l, ("service: %s\n", pd->service));
DEBUG(l, ("tty: %s\n", pd->tty));
@@ -60,7 +59,7 @@ bool dp_pack_pam_request(DBusMessage *msg, struct pam_data *pd)
{
int ret;
- if (pd->user == NULL || pd->domain == NULL) return false;
+ if (pd->user == NULL) return false;
if (pd->service == NULL) pd->service = talloc_strdup(pd, "");
if (pd->tty == NULL) pd->tty = talloc_strdup(pd, "");
if (pd->ruser == NULL) pd->ruser = talloc_strdup(pd, "");
@@ -69,7 +68,6 @@ bool dp_pack_pam_request(DBusMessage *msg, struct pam_data *pd)
ret = dbus_message_append_args(msg,
DBUS_TYPE_INT32, &(pd->cmd),
- DBUS_TYPE_STRING, &(pd->domain),
DBUS_TYPE_STRING, &(pd->user),
DBUS_TYPE_STRING, &(pd->service),
DBUS_TYPE_STRING, &(pd->tty),
@@ -96,7 +94,6 @@ bool dp_unpack_pam_request(DBusMessage *msg, struct pam_data *pd, DBusError *dbu
ret = dbus_message_get_args(msg, dbus_error,
DBUS_TYPE_INT32, &(pd->cmd),
- DBUS_TYPE_STRING, &(pd->domain),
DBUS_TYPE_STRING, &(pd->user),
DBUS_TYPE_STRING, &(pd->service),
DBUS_TYPE_STRING, &(pd->tty),
@@ -135,13 +132,6 @@ bool dp_pack_pam_response(DBusMessage *msg, struct pam_data *pd)
return false;
}
- /* Append the domain */
- dbret = dbus_message_iter_append_basic(&iter,
- DBUS_TYPE_STRING, &(pd->domain));
- if (!dbret) {
- return false;
- }
-
/* Create an array of response structures */
dbret = dbus_message_iter_open_container(&iter,
DBUS_TYPE_ARRAY, "(uay)",
@@ -227,17 +217,6 @@ bool dp_unpack_pam_response(DBusMessage *msg, struct pam_data *pd, DBusError *db
return false;
}
- if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_STRING) {
- DEBUG(1, ("pam response format error.\n"));
- return false;
- }
- dbus_message_iter_get_basic(&iter, &(pd->domain));
-
- if (!dbus_message_iter_next(&iter)) {
- DEBUG(1, ("pam response has too few arguments.\n"));
- return false;
- }
-
/* After this point will be an array of pam data */
if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY) {
DEBUG(1, ("pam response format error.\n"));
--
1.6.6
0001-Remove-unnecessary-domain-parameter-from-PAM-request.patch.sig
Description: PGP signature
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
