int sss_ad_default_names_ctx(TALLOC_CTX *mem_ctx,
struct sss_names_ctx **_out)
{
return sss_names_init_from_args(mem_ctx, IPA_AD_DEFAULT_RE,
CONFDB_DEFAULT_FULL_NAME_FORMAT,
_out);
}
int ssh_process_init(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct confdb_ctx *cdb)
{
struct resp_ctx *rctx;
struct sss_cmd_table *ssh_cmds;
struct ssh_ctx *ssh_ctx;
struct be_conn *iter;
int ret;
int max_retries;
ssh_cmds = get_ssh_cmds();
ret = sss_process_init(mem_ctx, ev, cdb,
ssh_cmds,
SSS_SSH_SOCKET_NAME, NULL,
CONFDB_SSH_CONF_ENTRY,
SSS_SSH_SBUS_SERVICE_NAME,
SSS_SSH_SBUS_SERVICE_VERSION,
&monitor_ssh_methods,
"SSH",
&ssh_dp_methods.vtable,
&rctx);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "sss_process_init() failed\n");
return ret;
}
ssh_ctx = talloc_zero(rctx, struct ssh_ctx);
if (!ssh_ctx) {
DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing ssh_ctx\n");
ret = ENOMEM;
goto fail;
}
ssh_ctx->rctx = rctx;
ssh_ctx->rctx->pvt_ctx = ssh_ctx;
ret = sss_names_init_from_args(ssh_ctx,
"(?P<name>[^@]+)@?(?P<domain>[^@]*$)",
"%1$s@%2$s", &ssh_ctx->snctx);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing regex data\n");
goto fail;
}
/* Enable automatic reconnection to the Data Provider */
ret = confdb_get_int(ssh_ctx->rctx->cdb,
CONFDB_SSH_CONF_ENTRY,
CONFDB_SERVICE_RECON_RETRIES,
3, &max_retries);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to set up automatic reconnection\n");
goto fail;
}
for (iter = ssh_ctx->rctx->be_conns; iter; iter = iter->next) {
sbus_reconnect_init(iter->conn, max_retries,
ssh_dp_reconnect_init, iter);
}
/* Get responder options */
/* Get ssh_hash_known_hosts option */
ret = confdb_get_bool(ssh_ctx->rctx->cdb,
CONFDB_SSH_CONF_ENTRY, CONFDB_SSH_HASH_KNOWN_HOSTS,
CONFDB_DEFAULT_SSH_HASH_KNOWN_HOSTS,
&ssh_ctx->hash_known_hosts);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Error reading from confdb (%d) [%s]\n",
ret, strerror(ret));
goto fail;
}
/* Get ssh_known_hosts_timeout option */
ret = confdb_get_int(ssh_ctx->rctx->cdb,
CONFDB_SSH_CONF_ENTRY, CONFDB_SSH_KNOWN_HOSTS_TIMEOUT,
CONFDB_DEFAULT_SSH_KNOWN_HOSTS_TIMEOUT,
&ssh_ctx->known_hosts_timeout);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Error reading from confdb (%d) [%s]\n",
ret, strerror(ret));
goto fail;
}
ret = schedule_get_domains_task(rctx, rctx->ev, rctx);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "schedule_get_domains_tasks failed.\n");
goto fail;
}
DEBUG(SSSDBG_TRACE_FUNC, "SSH Initialization complete\n");
return EOK;
fail:
talloc_free(rctx);
return ret;
}
int sss_names_init(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb,
const char *domain, struct sss_names_ctx **out)
{
TALLOC_CTX *tmpctx = NULL;
char *conf_path = NULL;
char *re_pattern = NULL;;
char *fq_fmt = NULL;
int ret;
tmpctx = talloc_new(NULL);
if (tmpctx == NULL) {
ret = ENOMEM;
goto done;
}
if (domain != NULL) {
conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, domain);
if (conf_path == NULL) {
ret = ENOMEM;
goto done;
}
ret = confdb_get_string(cdb, tmpctx, conf_path,
CONFDB_NAME_REGEX, NULL, &re_pattern);
if (ret != EOK) goto done;
}
/* If not found in the domain, look in globals */
if (re_pattern == NULL) {
ret = confdb_get_string(cdb, tmpctx, CONFDB_MONITOR_CONF_ENTRY,
CONFDB_NAME_REGEX, NULL, &re_pattern);
if (ret != EOK) goto done;
}
if (re_pattern == NULL && conf_path != NULL) {
ret = get_id_provider_default_re(tmpctx, cdb, conf_path, &re_pattern);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, "Failed to get provider default regular " \
"expression for domain [%s].\n", domain);
goto done;
}
}
if (!re_pattern) {
re_pattern = talloc_strdup(tmpctx,
"(?P<name>[^@]+)@?(?P<domain>[^@]*$)");
if (!re_pattern) {
ret = ENOMEM;
goto done;
}
#ifdef HAVE_LIBPCRE_LESSER_THAN_7
} else {
DEBUG(SSSDBG_OP_FAILURE,
"This binary was build with a version of libpcre that does "
"not support non-unique named subpatterns.\n");
DEBUG(SSSDBG_OP_FAILURE,
"Please make sure that your pattern [%s] only contains "
"subpatterns with a unique name and uses "
"the Python syntax (?P<name>).\n", re_pattern);
#endif
}
if (conf_path != NULL) {
ret = confdb_get_string(cdb, tmpctx, conf_path,
CONFDB_FULL_NAME_FORMAT, NULL, &fq_fmt);
if (ret != EOK) goto done;
}
/* If not found in the domain, look in globals */
if (fq_fmt == NULL) {
ret = confdb_get_string(cdb, tmpctx, CONFDB_MONITOR_CONF_ENTRY,
CONFDB_FULL_NAME_FORMAT, NULL, &fq_fmt);
if (ret != EOK) goto done;
}
if (!fq_fmt) {
fq_fmt = talloc_strdup(tmpctx, CONFDB_DEFAULT_FULL_NAME_FORMAT);
if (!fq_fmt) {
ret = ENOMEM;
goto done;
}
}
ret = sss_names_init_from_args(mem_ctx, re_pattern, fq_fmt, out);
done:
talloc_free(tmpctx);
return ret;
}
int ifp_process_init(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct confdb_ctx *cdb)
{
struct resp_ctx *rctx;
struct sss_cmd_table *ifp_cmds;
struct ifp_ctx *ifp_ctx;
struct be_conn *iter;
int ret;
int max_retries;
char *uid_str;
char *attr_list_str;
char *wildcard_limit_str;
ifp_cmds = get_ifp_cmds();
ret = sss_process_init(mem_ctx, ev, cdb,
ifp_cmds,
NULL, -1, NULL, -1,
CONFDB_IFP_CONF_ENTRY,
SSS_IFP_SBUS_SERVICE_NAME,
SSS_IFP_SBUS_SERVICE_VERSION,
&monitor_ifp_methods,
"InfoPipe",
&ifp_dp_methods.vtable,
&rctx);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "sss_process_init() failed\n");
return ret;
}
ifp_ctx = talloc_zero(rctx, struct ifp_ctx);
if (ifp_ctx == NULL) {
DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing ifp_ctx\n");
ret = ENOMEM;
goto fail;
}
ifp_ctx->rctx = rctx;
ifp_ctx->rctx->pvt_ctx = ifp_ctx;
ret = sss_names_init_from_args(ifp_ctx,
"(?P<name>[^@]+)@?(?P<domain>[^@]*$)",
"%1$s@%2$s", &ifp_ctx->snctx);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing regex data\n");
goto fail;
}
ret = confdb_get_string(ifp_ctx->rctx->cdb, ifp_ctx->rctx,
CONFDB_IFP_CONF_ENTRY, CONFDB_SERVICE_ALLOWED_UIDS,
DEFAULT_ALLOWED_UIDS, &uid_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to get allowed UIDs.\n");
goto fail;
}
ret = csv_string_to_uid_array(ifp_ctx->rctx, uid_str, true,
&ifp_ctx->rctx->allowed_uids_count,
&ifp_ctx->rctx->allowed_uids);
talloc_free(uid_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to set allowed UIDs.\n");
goto fail;
}
ret = confdb_get_string(ifp_ctx->rctx->cdb, ifp_ctx->rctx,
CONFDB_IFP_CONF_ENTRY, CONFDB_IFP_USER_ATTR_LIST,
NULL, &attr_list_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to get user attribute list.\n");
goto fail;
}
ifp_ctx->user_whitelist = ifp_parse_user_attr_list(ifp_ctx, attr_list_str);
talloc_free(attr_list_str);
if (ifp_ctx->user_whitelist == NULL) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to parse the allowed attribute list\n");
goto fail;
}
/* Enable automatic reconnection to the Data Provider */
ret = confdb_get_int(ifp_ctx->rctx->cdb,
CONFDB_IFP_CONF_ENTRY,
CONFDB_SERVICE_RECON_RETRIES,
3, &max_retries);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to set up automatic reconnection\n");
goto fail;
}
/* A bit convoluted way until we have a confdb_get_uint32 */
ret = confdb_get_string(ifp_ctx->rctx->cdb,
ifp_ctx->rctx,
CONFDB_IFP_CONF_ENTRY,
CONFDB_IFP_WILDCARD_LIMIT,
NULL, /* no limit by default */
&wildcard_limit_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to retrieve limit for a wildcard search\n");
goto fail;
}
if (wildcard_limit_str) {
ifp_ctx->wildcard_limit = strtouint32(wildcard_limit_str, NULL, 10);
ret = errno;
if (ret != EOK) {
goto fail;
}
}
for (iter = ifp_ctx->rctx->be_conns; iter; iter = iter->next) {
sbus_reconnect_init(iter->conn, max_retries,
ifp_dp_reconnect_init, iter);
}
/* Connect to the D-BUS system bus and set up methods */
ret = sysbus_init(ifp_ctx, ifp_ctx->rctx->ev,
IFACE_IFP,
ifp_ctx, &ifp_ctx->sysbus);
if (ret == ERR_NO_SYSBUS) {
DEBUG(SSSDBG_MINOR_FAILURE,
"The system bus is not available..\n");
/* Explicitly ignore, the D-Bus daemon will start us */
} else if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Failed to connect to the system message bus\n");
talloc_free(ifp_ctx);
return EIO;
}
ret = schedule_get_domains_task(rctx, rctx->ev, rctx, NULL);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
"schedule_get_domains_tasks failed.\n");
goto fail;
}
DEBUG(SSSDBG_TRACE_FUNC, "InfoPipe Initialization complete\n");
return EOK;
fail:
talloc_free(rctx);
return ret;
}
