--- src/providers/ipa/ipa_id.c | 128 ++++++++++++++++++++++++-------------------- 1 files changed, 69 insertions(+), 59 deletions(-)
diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ipa_id.c index ab0d8924013941943babb32a96f03560aea8c7f3..7afa6df6fbd841309d33866caf080be12eac170f 100644 --- a/src/providers/ipa/ipa_id.c +++ b/src/providers/ipa/ipa_id.c @@ -30,14 +30,38 @@ #include "providers/ldap/sdap_async.h" #include "providers/ipa/ipa_id.h" +static const char *ipa_account_info_error_text(int ret, int *dp_error, + const char *default_text) +{ + switch (*dp_error) { + case DP_ERR_OK: + if (ret == EOK) { + return NULL; + } + DEBUG(1, ("Bug: dp_error is OK on failed request")); + *dp_error = DP_ERR_FATAL; + break; + case DP_ERR_OFFLINE: + return "Offline"; + case DP_ERR_FATAL: + if (ret == ENOMEM) { + return "Out of memory"; + } + break; + default: + break; + } + + return default_text; +} + static struct tevent_req *ipa_id_get_netgroup_send(TALLOC_CTX *memctx, struct tevent_context *ev, struct ipa_id_ctx *ipa_ctx, const char *name); static int ipa_id_get_netgroup_recv(struct tevent_req *req, int *dp_error); -static void ipa_account_info_netgroups_done(struct tevent_req *req); -static void ipa_account_info_users_done(struct tevent_req *req); +static void ipa_account_info_done(struct tevent_req *req); void ipa_account_info_handler(struct be_req *breq) { @@ -46,6 +70,7 @@ void ipa_account_info_handler(struct be_req *breq) struct be_acct_req *ar; struct tevent_req *req; const char *err = "Unknown Error"; + bool is_subdom_req = false; int ret = EOK; ipa_ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct ipa_id_ctx); @@ -58,25 +83,31 @@ void ipa_account_info_handler(struct be_req *breq) ar = talloc_get_type(breq->req_data, struct be_acct_req); if (strcasecmp(ar->domain, breq->be_ctx->domain->name) != 0) { - if (! ((ar->entry_type & BE_REQ_USER) || - (ar->entry_type & BE_REQ_GROUP))) { - return sdap_handler_done(breq, DP_ERR_FATAL, EINVAL, - "Invalid sub-domain request type"); - } + is_subdom_req = true; + } - req = ipa_get_subdom_acct_send(breq, breq->be_ctx->ev, ctx, ar); - if (!req) { - return sdap_handler_done(breq, DP_ERR_FATAL, ENOMEM, "Out of memory"); - } - - tevent_req_set_callback(req, ipa_account_info_users_done, breq); - - return; + if (is_subdom_req && ((ar->entry_type & (BE_REQ_USER|BE_REQ_GROUP)) == 0)) { + ret = EINVAL; + err = "Invalid sub-domain request type"; + goto done; } switch (ar->entry_type & 0xFFF) { case BE_REQ_USER: /* user */ case BE_REQ_GROUP: /* group */ + + if (is_subdom_req) { + req = ipa_get_subdom_acct_send(breq, breq->be_ctx->ev, ctx, ar); + if (!req) { + ret = ENOMEM; + err = "Out of memory"; + goto done; + } + tevent_req_set_callback(req, ipa_account_info_done, breq); + return; + } + /* intentional fall-through */ + case BE_REQ_INITGROUPS: /* init groups for user */ case BE_REQ_SERVICES: /* Services. Not natively supported by IPA */ return sdap_handle_account_info(breq, ctx); @@ -85,15 +116,17 @@ void ipa_account_info_handler(struct be_req *breq) if (ar->filter_type != BE_FILTER_NAME) { ret = EINVAL; err = "Invalid filter type"; - break; + goto done; } - req = ipa_id_get_netgroup_send(breq, breq->be_ctx->ev, ipa_ctx, ar->filter_value); + req = ipa_id_get_netgroup_send(breq, breq->be_ctx->ev, + ipa_ctx, ar->filter_value); if (!req) { - return sdap_handler_done(breq, DP_ERR_FATAL, ENOMEM, "Out of memory"); + ret = ENOMEM; + err = "Out of memory"; + goto done; } - - tevent_req_set_callback(req, ipa_account_info_netgroups_done, breq); + tevent_req_set_callback(req, ipa_account_info_done, breq); break; default: /*fail*/ @@ -101,55 +134,32 @@ void ipa_account_info_handler(struct be_req *breq) err = "Invalid request type"; } - if (ret != EOK) return sdap_handler_done(breq, DP_ERR_FATAL, ret, err); +done: + if (ret != EOK) { + return sdap_handler_done(breq, DP_ERR_FATAL, ret, err); + } } -static void ipa_account_info_complete(struct be_req *breq, int dp_error, - int ret, const char *default_error_text) +static void ipa_account_info_done(struct tevent_req *req) { - const char* error_text; + struct be_req *breq = tevent_req_callback_data(req, struct be_req); + struct be_acct_req *ar = talloc_get_type(breq->req_data, + struct be_acct_req); + const char *error_text; + int ret, dp_error; - if (dp_error == DP_ERR_OK) { - if (ret == EOK) { - error_text = NULL; - } else { - DEBUG(1, ("Bug: dp_error is OK on failed request")); - dp_error = DP_ERR_FATAL; - error_text = default_error_text; - } - } else if (dp_error == DP_ERR_OFFLINE) { - error_text = "Offline"; - } else if (dp_error == DP_ERR_FATAL && ret == ENOMEM) { - error_text = "Out of memory"; + if (ar->entry_type & BE_REQ_NETGROUP) { + ret = ipa_id_get_netgroup_recv(req, &dp_error); } else { - error_text = default_error_text; + ret = ipa_get_subdom_acct_recv(req, &dp_error); } + talloc_zfree(req); + error_text = ipa_account_info_error_text(ret, &dp_error, + "Account info lookup failed"); sdap_handler_done(breq, dp_error, ret, error_text); } -static void ipa_account_info_users_done(struct tevent_req *req) -{ - struct be_req *breq = tevent_req_callback_data(req, struct be_req); - int ret, dp_error; - - ret = ipa_get_subdom_acct_recv(req, &dp_error); - talloc_zfree(req); - - ipa_account_info_complete(breq, dp_error, ret, "User lookup failed"); -} - -static void ipa_account_info_netgroups_done(struct tevent_req *req) -{ - struct be_req *breq = tevent_req_callback_data(req, struct be_req); - const char *error_text; - int ret, dp_error; - - ret = ipa_id_get_netgroup_recv(req, &dp_error); - talloc_zfree(req); - - ipa_account_info_complete(breq, dp_error, ret, "Netgroup lookup failed"); -} /* Request for netgroups * - first start here and then go to ipa_netgroups.c -- 1.7.1 _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel