static errno_t attr_name(TALLOC_CTX *mem_ctx, struct sysdb_attrs *entry, struct sss_domain_info *dom, const char *attr, const char **_value) { errno_t ret; const char *orig_name; char *tmp_name; char *outname; ret = sysdb_attrs_get_string(entry, attr, &orig_name); if (ret != EOK) { return ret; } tmp_name = sss_output_name(mem_ctx, orig_name, dom->case_preserve, 0); if (tmp_name == NULL) { return ENOMEM; } if (dom->fqnames) { outname = sss_tc_fqname(mem_ctx, dom->names, dom, tmp_name); talloc_free(tmp_name); if (outname == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_replace_space failed\n"); return ENOMEM; } } else { outname = tmp_name; } *_value = outname; return EOK; }
errno_t krb5_setup(TALLOC_CTX *mem_ctx, struct pam_data *pd, struct sss_domain_info *dom, struct krb5_ctx *krb5_ctx, struct krb5child_req **_krb5_req) { struct krb5child_req *kr; const char *mapped_name; TALLOC_CTX *tmp_ctx; errno_t ret; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { return ENOMEM; } kr = talloc_zero(tmp_ctx, struct krb5child_req); if (kr == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "talloc failed.\n"); ret = ENOMEM; goto done; } kr->is_offline = false; talloc_set_destructor((TALLOC_CTX *) kr, krb5_cleanup); kr->pd = pd; kr->dom = dom; kr->krb5_ctx = krb5_ctx; ret = get_krb_primary(krb5_ctx->name_to_primary, pd->user, dom->case_sensitive, &mapped_name); if (ret == EOK) { DEBUG(SSSDBG_TRACE_FUNC, "Setting mapped name to: %s\n", mapped_name); kr->user = mapped_name; kr->kuserok_user = sss_output_name(kr, kr->user, dom->case_sensitive, 0); if (kr->kuserok_user == NULL) { ret = ENOMEM; goto done; } } else if (ret == ENOENT) { DEBUG(SSSDBG_TRACE_ALL, "No mapping for: %s\n", pd->user); kr->user = pd->user; kr->kuserok_user = sss_output_name(kr, kr->user, dom->case_sensitive, 0); if (kr->kuserok_user == NULL) { ret = ENOMEM; goto done; } } else { DEBUG(SSSDBG_CRIT_FAILURE, "get_krb_primary failed - %s:[%d]\n", sss_strerror(ret), ret); goto done; } ret = EOK; done: if (ret == EOK) { *_krb5_req = talloc_steal(mem_ctx, kr); } talloc_free(tmp_ctx); return ret; }
static errno_t sss_mc_refresh_nested_group(struct tools_ctx *tctx, const char *shortname) { errno_t ret; struct ldb_message *msg = NULL; struct ldb_message_element *el; const char *attrs[] = { SYSDB_MEMBEROF, SYSDB_NAME, NULL }; size_t i; char *parent_internal_name; char *parent_outname; char *internal_name; TALLOC_CTX *tmpctx; tmpctx = talloc_new(tctx); if (tmpctx == NULL) { return ENOMEM; } internal_name = sss_create_internal_fqname(tmpctx, shortname, tctx->local->name); if (internal_name == NULL) { ret = ENOMEM; goto done; } ret = sss_mc_refresh_group(shortname); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, "Cannot refresh group %s from memory cache\n", shortname); /* try to carry on */ } ret = sysdb_search_group_by_name(tmpctx, tctx->local, internal_name, attrs, &msg); if (ret) { DEBUG(SSSDBG_OP_FAILURE, "Search failed: %s (%d)\n", strerror(ret), ret); goto done; } el = ldb_msg_find_element(msg, SYSDB_MEMBEROF); if (!el || el->num_values == 0) { DEBUG(SSSDBG_TRACE_INTERNAL, "Group %s has no parents\n", internal_name); ret = EOK; goto done; } /* This group is nested. We need to invalidate all its parents, too */ for (i=0; i < el->num_values; i++) { ret = sysdb_group_dn_name(tctx->sysdb, tmpctx, (const char *) el->values[i].data, &parent_internal_name); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, "Malformed DN [%s]? Skipping\n", (const char *) el->values[i].data); talloc_free(parent_internal_name); continue; } parent_outname = sss_output_name(tmpctx, parent_internal_name, tctx->local->case_preserve, 0); if (parent_outname == NULL) { ret = ENOMEM; goto done; } ret = sss_mc_refresh_group(parent_outname); talloc_free(parent_internal_name); talloc_free(parent_outname); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, "Cannot refresh group %s from memory cache\n", parent_outname); /* try to carry on */ } } ret = EOK; done: talloc_free(tmpctx); return ret; }