static errno_t be_refresh_get_values_ex(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
time_t period,
const char *objectclass,
struct ldb_dn *base_dn,
const char *attr,
char ***_values)
{
TALLOC_CTX *tmp_ctx = NULL;
const char *attrs[] = {attr, NULL};
const char *filter = NULL;
char **values = NULL;
struct ldb_message **msgs = NULL;
struct sysdb_attrs **records = NULL;
size_t count;
time_t now = time(NULL);
errno_t ret;
tmp_ctx = talloc_new(NULL);
if (tmp_ctx == NULL) {
return ENOMEM;
}
filter = talloc_asprintf(tmp_ctx, "(&(%s<=%lld))",
SYSDB_CACHE_EXPIRE, (long long) now + period);
if (filter == NULL) {
ret = ENOMEM;
goto done;
}
ret = sysdb_search_entry(tmp_ctx, domain->sysdb, base_dn,
LDB_SCOPE_SUBTREE, filter, attrs,
&count, &msgs);
if (ret == ENOENT) {
count = 0;
} else if (ret != EOK) {
goto done;
}
ret = sysdb_msg2attrs(tmp_ctx, count, msgs, &records);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Could not convert ldb message to sysdb_attrs\n");
goto done;
}
ret = sysdb_attrs_to_list(tmp_ctx, records, count, attr, &values);
if (ret != EOK) {
goto done;
}
*_values = talloc_steal(mem_ctx, values);
ret = EOK;
done:
talloc_free(tmp_ctx);
return ret;
}
errno_t
sysdb_autofs_entries_by_map(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
struct sss_domain_info *domain,
const char *mapname,
size_t *_count,
struct ldb_message ***_entries)
{
errno_t ret;
TALLOC_CTX *tmp_ctx;
char *filter;
const char *attrs[] = { SYSDB_AUTOFS_ENTRY_KEY,
SYSDB_AUTOFS_ENTRY_VALUE,
NULL };
size_t count;
struct ldb_message **msgs;
struct ldb_dn *mapdn;
DEBUG(SSSDBG_TRACE_FUNC, ("Getting entries for map %s\n", mapname));
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
return ENOMEM;
}
mapdn = sysdb_autofsmap_dn(tmp_ctx, sysdb, domain, mapname);
if (!mapdn) {
ret = ENOMEM;
goto done;
}
filter = talloc_asprintf(tmp_ctx, "(objectclass=%s)",
SYSDB_AUTOFS_ENTRY_OC);
if (!filter) {
ret = ENOMEM;
goto done;
}
ret = sysdb_search_entry(tmp_ctx, sysdb, mapdn, LDB_SCOPE_ONELEVEL,
filter, attrs, &count, &msgs);
if (ret != EOK && ret != ENOENT) {
DEBUG(SSSDBG_OP_FAILURE, ("sysdb search failed: %d\n", ret));
goto done;
} else if (ret == ENOENT) {
DEBUG(SSSDBG_TRACE_FUNC, ("No entries for the map\n"));
*_count = 0;
*_entries = NULL;
goto done;
}
*_count = count;
*_entries = talloc_steal(mem_ctx, msgs);
ret = EOK;
DEBUG(SSSDBG_TRACE_INTERNAL, ("found %zu entries for map %s\n",
count, mapname));
done:
talloc_free(tmp_ctx);
return ret;
}
errno_t sysdb_search_services(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *sub_filter,
const char **attrs,
size_t *msgs_count,
struct ldb_message ***msgs)
{
TALLOC_CTX *tmp_ctx;
struct ldb_dn *basedn;
char *filter;
int ret;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) {
return ENOMEM;
}
basedn = ldb_dn_new_fmt(tmp_ctx, domain->sysdb->ldb,
SYSDB_TMPL_SVC_BASE, domain->name);
if (!basedn) {
DEBUG(SSSDBG_OP_FAILURE, "Failed to build base dn\n");
ret = ENOMEM;
goto fail;
}
filter = talloc_asprintf(tmp_ctx, "(&(%s)%s)", SYSDB_SC, sub_filter);
if (!filter) {
DEBUG(SSSDBG_OP_FAILURE, "Failed to build filter\n");
ret = ENOMEM;
goto fail;
}
DEBUG(SSSDBG_TRACE_INTERNAL,
"Search services with filter: %s\n", filter);
ret = sysdb_search_entry(mem_ctx, domain->sysdb, basedn,
LDB_SCOPE_SUBTREE, filter, attrs,
msgs_count, msgs);
if (ret) {
goto fail;
}
talloc_zfree(tmp_ctx);
return EOK;
fail:
if (ret == ENOENT) {
DEBUG(SSSDBG_TRACE_INTERNAL, "No such entry\n");
}
else if (ret) {
DEBUG(SSSDBG_MINOR_FAILURE, "Error: %d (%s)\n", ret, strerror(ret));
}
talloc_zfree(tmp_ctx);
return ret;
}
static errno_t sssctl_query_cache(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
struct ldb_dn *base_dn,
const char *filter,
const char **attrs,
struct sysdb_attrs **_entry)
{
TALLOC_CTX *tmp_ctx;
struct sysdb_attrs **sysdb_attrs;
struct ldb_message **msgs;
size_t count;
errno_t ret;
tmp_ctx = talloc_new(NULL);
if (tmp_ctx == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory!\n");
return ENOMEM;
}
ret = sysdb_search_entry(tmp_ctx, sysdb, base_dn, LDB_SCOPE_SUBTREE,
filter, attrs, &count, &msgs);
if (ret == ENOENT) {
DEBUG(SSSDBG_TRACE_FUNC, "No result\n");
goto done;
} else if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to search sysdb "
"[%d]: %s\n", ret, sss_strerror(ret));
goto done;
}
if (count != 1) {
DEBUG(SSSDBG_CRIT_FAILURE, "Search returned more than one result!\n");
ret = ERR_INTERNAL;
goto done;
}
ret = sysdb_msg2attrs(tmp_ctx, count, msgs, &sysdb_attrs);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to convert message to sysdb attrs "
"[%d]: %s\n", ret, sss_strerror(ret));
goto done;
}
*_entry = talloc_steal(mem_ctx, sysdb_attrs[0]);
done:
talloc_free(tmp_ctx);
return ret;
}
/**
* Return information about the local domain from the main PAC responder
* context or try to read it from cache and store it in the context.
*/
errno_t get_my_domain_data(struct pac_ctx *pac_ctx,
struct sss_domain_info *dom,
struct dom_sid **_sid,
struct local_mapping_ranges **_range_map)
{
struct sysdb_ctx *sysdb;
int ret;
struct ldb_dn *basedn;
const char *attrs[] = {SYSDB_SUBDOMAIN_ID,
NULL};
size_t msgs_count;
const char *sid_str;
struct ldb_message **msgs;
TALLOC_CTX *tmp_ctx = NULL;
struct dom_sid *sid = NULL;
enum idmap_error_code err;
size_t range_count;
struct range_info **range_list;
struct local_mapping_ranges *r_map = NULL;
size_t c;
if (pac_ctx->my_dom_sid == NULL || pac_ctx->range_map == NULL) {
sysdb = dom->sysdb;
if (sysdb == NULL) {
DEBUG(SSSDBG_FATAL_FAILURE, ("Missing sysdb context.\n"));
ret = EINVAL;
goto done;
}
tmp_ctx = talloc_new(NULL);
if (tmp_ctx == NULL) {
DEBUG(SSSDBG_OP_FAILURE, ("talloc_new failed.\n"));
ret = ENOMEM;
goto done;
}
basedn = sysdb_domain_dn(sysdb, tmp_ctx, dom);
if (basedn == NULL) {
ret = ENOMEM;
goto done;
}
if (pac_ctx->my_dom_sid == NULL) {
ret = sysdb_search_entry(tmp_ctx, sysdb, basedn, LDB_SCOPE_BASE, NULL,
attrs, &msgs_count, &msgs);
if (ret != LDB_SUCCESS) {
ret = EIO;
goto done;
}
if (msgs_count != 1) {
DEBUG(SSSDBG_OP_FAILURE, ("Base search returned [%d] results, "
"expected 1.\n", msgs_count));
ret = EINVAL;
goto done;
}
sid_str = ldb_msg_find_attr_as_string(msgs[0], SYSDB_SUBDOMAIN_ID, NULL);
if (sid_str == NULL) {
DEBUG(SSSDBG_OP_FAILURE, ("SID of my domain is not available.\n"));
ret = EINVAL;
goto done;
}
err = sss_idmap_sid_to_smb_sid(pac_ctx->idmap_ctx, sid_str, &sid);
if (err != IDMAP_SUCCESS) {
DEBUG(SSSDBG_OP_FAILURE, ("sss_idmap_sid_to_smb_sid failed.\n"));
ret = EFAULT;
goto done;
}
pac_ctx->my_dom_sid = talloc_memdup(pac_ctx, sid,
sizeof(struct dom_sid));
if (pac_ctx->my_dom_sid == NULL) {
DEBUG(SSSDBG_OP_FAILURE, ("talloc_memdup failed.\n"));
ret = ENOMEM;
goto done;
}
}
if (pac_ctx->range_map == NULL) {
ret = sysdb_get_ranges(tmp_ctx, sysdb, &range_count, &range_list);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("sysdb_get_ranges failed.\n"));
goto done;
}
for (c = 0; c < range_count; c++) {
if (range_list[c]->trusted_dom_sid == NULL &&
range_list[c]->secondary_base_rid != 0) {
r_map = talloc_zero(pac_ctx,
struct local_mapping_ranges);
if (r_map == NULL) {
DEBUG(SSSDBG_OP_FAILURE, ("talloc_zero failed.\n"));
ret = ENOMEM;
goto done;
}
r_map->local_ids.min = range_list[c]->base_id;
r_map->local_ids.max = range_list[c]->base_id +
range_list[c]->id_range_size - 1;
r_map->primary_rids.min = range_list[c]->base_rid;
r_map->primary_rids.max = range_list[c]->base_rid +
range_list[c]->id_range_size - 1;
r_map->secondary_rids.min = range_list[c]->secondary_base_rid;
r_map->secondary_rids.max = range_list[c]->secondary_base_rid +
range_list[c]->id_range_size - 1;
/* TODO: add support for multiple ranges. */
break;
}
}
