-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/22/2010 10:14 AM, Stephen Gallagher wrote: > There is no need to pass "domain" as a parameter to the data provider. > We're already talking directly to the provider for that domain. Both the > provider and responder are fully aware of which domain is being queried > without passing this parameter. It only serves to complicate the interface. > >
Simo noticed a typo on this patch during code review. Fixed. - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkuCshsACgkQeiVVYja6o6OXsQCeIzKtHPSMaqwkfef0Z5RvN0iv EIoAnjeMj5PuHOcvUt8ktqx+flN7fXmn =L0uQ -----END PGP SIGNATURE-----
From d634806f05b18045b8c3bbf58b7cad53d57a80e9 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <sgall...@redhat.com> Date: Mon, 22 Feb 2010 10:11:18 -0500 Subject: [PATCH] Remove unnecessary domain parameter from PAM requests If we're sending a message to the backend, we already know which domain the request is targeting. Carrying this information is not useful and confuses the interface. --- src/providers/data_provider.h | 4 +--- src/providers/dp_auth_util.c | 23 +---------------------- 2 files changed, 2 insertions(+), 25 deletions(-) diff --git a/src/providers/data_provider.h b/src/providers/data_provider.h index cbb4ebb..ca70180 100644 --- a/src/providers/data_provider.h +++ b/src/providers/data_provider.h @@ -77,7 +77,6 @@ * hand it must have the following elements: * * @param DBUS_TYPE_INT32 PAM Command, see #sss_cli_command for allowed values - * @param DBUS_TYPE_STRING Name of the Domain * @param DBUS_TYPE_STRING User name, this value is send by the PAM client and * contains the value of the PAM item PAM_USER * @param DBUS_TYPE_STRING Service name, this value is send by the PAM client @@ -111,8 +110,7 @@ * indicate that the provider is offline and that the PAM responder should try * a chached authentication, for all other return value see the man pages for * the corresponding PAM service functions - * @retval DBUS_TYPE_STRING Domain Name - * @retval DBUS_TYPE_ARRAY__(STRUCT) (optional) Zero more more additional + * @retval DBUS_TYPE_ARRAY__(STRUCT) Zero or more additional getAccountInfo * messages, here the DBUS_TYPE_STRUCT is build of a DBUS_TYPE_UINT32 holding * an identifier (see #response_type) and DBUS_TYPE_G_BYTE_ARRAY with the data * of the message. diff --git a/src/providers/dp_auth_util.c b/src/providers/dp_auth_util.c index f4e68ea..8bc0a9a 100644 --- a/src/providers/dp_auth_util.c +++ b/src/providers/dp_auth_util.c @@ -24,7 +24,6 @@ void pam_print_data(int l, struct pam_data *pd) { DEBUG(l, ("command: %d\n", pd->cmd)); - DEBUG(l, ("domain: %s\n", pd->domain)); DEBUG(l, ("user: %s\n", pd->user)); DEBUG(l, ("service: %s\n", pd->service)); DEBUG(l, ("tty: %s\n", pd->tty)); @@ -60,7 +59,7 @@ bool dp_pack_pam_request(DBusMessage *msg, struct pam_data *pd) { int ret; - if (pd->user == NULL || pd->domain == NULL) return false; + if (pd->user == NULL) return false; if (pd->service == NULL) pd->service = talloc_strdup(pd, ""); if (pd->tty == NULL) pd->tty = talloc_strdup(pd, ""); if (pd->ruser == NULL) pd->ruser = talloc_strdup(pd, ""); @@ -69,7 +68,6 @@ bool dp_pack_pam_request(DBusMessage *msg, struct pam_data *pd) ret = dbus_message_append_args(msg, DBUS_TYPE_INT32, &(pd->cmd), - DBUS_TYPE_STRING, &(pd->domain), DBUS_TYPE_STRING, &(pd->user), DBUS_TYPE_STRING, &(pd->service), DBUS_TYPE_STRING, &(pd->tty), @@ -96,7 +94,6 @@ bool dp_unpack_pam_request(DBusMessage *msg, struct pam_data *pd, DBusError *dbu ret = dbus_message_get_args(msg, dbus_error, DBUS_TYPE_INT32, &(pd->cmd), - DBUS_TYPE_STRING, &(pd->domain), DBUS_TYPE_STRING, &(pd->user), DBUS_TYPE_STRING, &(pd->service), DBUS_TYPE_STRING, &(pd->tty), @@ -135,13 +132,6 @@ bool dp_pack_pam_response(DBusMessage *msg, struct pam_data *pd) return false; } - /* Append the domain */ - dbret = dbus_message_iter_append_basic(&iter, - DBUS_TYPE_STRING, &(pd->domain)); - if (!dbret) { - return false; - } - /* Create an array of response structures */ dbret = dbus_message_iter_open_container(&iter, DBUS_TYPE_ARRAY, "(uay)", @@ -227,17 +217,6 @@ bool dp_unpack_pam_response(DBusMessage *msg, struct pam_data *pd, DBusError *db return false; } - if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_STRING) { - DEBUG(1, ("pam response format error.\n")); - return false; - } - dbus_message_iter_get_basic(&iter, &(pd->domain)); - - if (!dbus_message_iter_next(&iter)) { - DEBUG(1, ("pam response has too few arguments.\n")); - return false; - } - /* After this point will be an array of pam data */ if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY) { DEBUG(1, ("pam response format error.\n")); -- 1.6.6
0001-Remove-unnecessary-domain-parameter-from-PAM-request.patch.sig
Description: PGP signature
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel