static errno_t be_refresh_get_values_ex(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, time_t period, const char *objectclass, struct ldb_dn *base_dn, const char *attr, char ***_values) { TALLOC_CTX *tmp_ctx = NULL; const char *attrs[] = {attr, NULL}; const char *filter = NULL; char **values = NULL; struct ldb_message **msgs = NULL; struct sysdb_attrs **records = NULL; size_t count; time_t now = time(NULL); errno_t ret; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { return ENOMEM; } filter = talloc_asprintf(tmp_ctx, "(&(%s<=%lld))", SYSDB_CACHE_EXPIRE, (long long) now + period); if (filter == NULL) { ret = ENOMEM; goto done; } ret = sysdb_search_entry(tmp_ctx, domain->sysdb, base_dn, LDB_SCOPE_SUBTREE, filter, attrs, &count, &msgs); if (ret == ENOENT) { count = 0; } else if (ret != EOK) { goto done; } ret = sysdb_msg2attrs(tmp_ctx, count, msgs, &records); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Could not convert ldb message to sysdb_attrs\n"); goto done; } ret = sysdb_attrs_to_list(tmp_ctx, records, count, attr, &values); if (ret != EOK) { goto done; } *_values = talloc_steal(mem_ctx, values); ret = EOK; done: talloc_free(tmp_ctx); return ret; }
static errno_t sudosrv_query_cache(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char **attrs, const char *filter, struct sysdb_attrs ***_rules, uint32_t *_count) { TALLOC_CTX *tmp_ctx; errno_t ret; size_t count; struct sysdb_attrs **rules; struct ldb_message **msgs; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { return ENOMEM; } DEBUG(SSSDBG_FUNC_DATA, "Searching sysdb with [%s]\n", filter); if (IS_SUBDOMAIN(domain)) { /* rules are stored inside parent domain tree */ domain = domain->parent; } ret = sysdb_search_custom(tmp_ctx, domain, filter, SUDORULE_SUBDIR, attrs, &count, &msgs); if (ret == ENOENT) { *_rules = NULL; *_count = 0; ret = EOK; goto done; } else if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Error looking up SUDO rules\n"); goto done; } ret = sysdb_msg2attrs(tmp_ctx, count, msgs, &rules); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Could not convert ldb message to sysdb_attrs\n"); goto done; } *_rules = talloc_steal(mem_ctx, rules); *_count = (uint32_t)count; ret = EOK; done: talloc_free(tmp_ctx); return ret; }
static errno_t sssctl_query_cache(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, struct ldb_dn *base_dn, const char *filter, const char **attrs, struct sysdb_attrs **_entry) { TALLOC_CTX *tmp_ctx; struct sysdb_attrs **sysdb_attrs; struct ldb_message **msgs; size_t count; errno_t ret; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory!\n"); return ENOMEM; } ret = sysdb_search_entry(tmp_ctx, sysdb, base_dn, LDB_SCOPE_SUBTREE, filter, attrs, &count, &msgs); if (ret == ENOENT) { DEBUG(SSSDBG_TRACE_FUNC, "No result\n"); goto done; } else if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to search sysdb " "[%d]: %s\n", ret, sss_strerror(ret)); goto done; } if (count != 1) { DEBUG(SSSDBG_CRIT_FAILURE, "Search returned more than one result!\n"); ret = ERR_INTERNAL; goto done; } ret = sysdb_msg2attrs(tmp_ctx, count, msgs, &sysdb_attrs); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to convert message to sysdb attrs " "[%d]: %s\n", ret, sss_strerror(ret)); goto done; } *_entry = talloc_steal(mem_ctx, sysdb_attrs[0]); done: talloc_free(tmp_ctx); return ret; }
errno_t hbac_get_cached_rules(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, size_t *_rule_count, struct sysdb_attrs ***_rules) { errno_t ret; struct ldb_message **msgs; struct sysdb_attrs **rules; size_t rule_count; TALLOC_CTX *tmp_ctx; char *filter; const char *attrs[] = { OBJECTCLASS, IPA_CN, SYSDB_ORIG_DN, IPA_UNIQUE_ID, IPA_ENABLED_FLAG, IPA_ACCESS_RULE_TYPE, IPA_MEMBER_USER, IPA_USER_CATEGORY, IPA_MEMBER_SERVICE, IPA_SERVICE_CATEGORY, IPA_SOURCE_HOST, IPA_SOURCE_HOST_CATEGORY, IPA_EXTERNAL_HOST, IPA_MEMBER_HOST, IPA_HOST_CATEGORY, NULL }; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) return ENOMEM; filter = talloc_asprintf(tmp_ctx, "(objectClass=%s)", IPA_HBAC_RULE); if (filter == NULL) { ret = ENOMEM; goto done; } ret = sysdb_search_custom(tmp_ctx, domain->sysdb, domain, filter, HBAC_RULES_SUBDIR, attrs, &rule_count, &msgs); if (ret != EOK && ret != ENOENT) { DEBUG(1, ("Error looking up HBAC rules")); goto done; } if (ret == ENOENT) { rule_count = 0; } ret = sysdb_msg2attrs(tmp_ctx, rule_count, msgs, &rules); if (ret != EOK) { DEBUG(1, ("Could not convert ldb message to sysdb_attrs\n")); goto done; } if (_rules) *_rules = talloc_steal(mem_ctx, rules); if (_rule_count) *_rule_count = rule_count; ret = EOK; done: talloc_free(tmp_ctx); return ret; }