void sdap_pam_access_handler(struct be_req *breq)
{
struct be_ctx *be_ctx = be_req_get_be_ctx(breq);
struct pam_data *pd;
struct tevent_req *req;
struct sdap_access_ctx *access_ctx;
struct sss_domain_info *dom;
pd = talloc_get_type(be_req_get_data(breq), struct pam_data);
access_ctx =
talloc_get_type(be_ctx->bet_info[BET_ACCESS].pvt_bet_data,
struct sdap_access_ctx);
dom = be_ctx->domain;
if (strcasecmp(pd->domain, be_ctx->domain->name) != 0) {
/* Subdomain request, verify subdomain */
dom = find_subdomain_by_name(be_ctx->domain, pd->domain, true);
}
req = sdap_access_send(breq, be_ctx->ev, be_ctx,
dom, access_ctx,
access_ctx->id_ctx->conn,
pd);
if (req == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to start sdap_access request\n"));
sdap_access_reply(breq, PAM_SYSTEM_ERR);
return;
}
tevent_req_set_callback(req, sdap_access_done, breq);
}
static void sdap_access_done(struct tevent_req *req)
{
errno_t ret;
int pam_status;
struct be_req *breq =
tevent_req_callback_data(req, struct be_req);
ret = sdap_access_recv(req);
talloc_zfree(req);
switch (ret) {
case EOK:
pam_status = PAM_SUCCESS;
break;
case ERR_ACCESS_DENIED:
pam_status = PAM_PERM_DENIED;
break;
case ERR_ACCOUNT_EXPIRED:
pam_status = PAM_ACCT_EXPIRED;
break;
default:
DEBUG(SSSDBG_CRIT_FAILURE, ("Error retrieving access check result.\n"));
pam_status = PAM_SYSTEM_ERR;
break;
}
sdap_access_reply(breq, pam_status);
}
void sdap_pam_access_handler(struct be_req *breq)
{
struct pam_data *pd;
struct tevent_req *req;
struct sdap_access_ctx *access_ctx;
pd = talloc_get_type(breq->req_data, struct pam_data);
access_ctx =
talloc_get_type(breq->be_ctx->bet_info[BET_ACCESS].pvt_bet_data,
struct sdap_access_ctx);
req = sdap_access_send(breq,
breq->be_ctx->ev,
breq,
access_ctx,
pd);
if (req == NULL) {
DEBUG(1, ("Unable to start sdap_access request\n"));
sdap_access_reply(breq, PAM_SYSTEM_ERR);
return;
}
tevent_req_set_callback(req, sdap_access_done, breq);
}
