sssd/0040-LDAP-Augment-the-sdap_opts-structure-with-a-data-pro.patch
Fabiano Fidêncio 2dd8451396 Resolves: upstream#2653 - Group renaming issue when "id_provider = ldap" is set.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:12 +02:00

381 lines
17 KiB
Diff

From f60c77df9b7162f46d8639f940d5df31f64f5815 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Mon, 9 Apr 2018 12:36:45 +0200
Subject: [PATCH] LDAP: Augment the sdap_opts structure with a data provider
pointer
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In order to be able to use the Data Provider methods from the SDAP code
to e.g. invalidate memcache when needed, add a new field to the
sdap_options structure with the data_provider structure pointer.
Fill the pointer value for all LDAP-based providers.
Related:
https://pagure.io/SSSD/sssd/issue/2653
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit d2633d922eeed68f92be4248b9172b928c189920)
---
src/providers/ad/ad_common.c | 18 +++++++++++++-----
src/providers/ad/ad_common.h | 4 ++++
src/providers/ad/ad_init.c | 5 ++++-
src/providers/ad/ad_subdomains.c | 8 ++++++--
src/providers/ipa/ipa_common.c | 2 ++
src/providers/ipa/ipa_common.h | 1 +
src/providers/ipa/ipa_init.c | 5 ++++-
src/providers/ipa/ipa_subdomains_server.c | 2 ++
src/providers/ldap/ldap_common.h | 1 +
src/providers/ldap/ldap_init.c | 3 ++-
src/providers/ldap/ldap_options.c | 2 ++
src/providers/ldap/sdap.h | 1 +
src/tests/cmocka/common_mock_sdap.c | 2 +-
src/tests/cmocka/test_ad_common.c | 3 +++
14 files changed, 46 insertions(+), 11 deletions(-)
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
index 2a1647173..d92c68e6f 100644
--- a/src/providers/ad/ad_common.c
+++ b/src/providers/ad/ad_common.c
@@ -35,7 +35,8 @@ static errno_t ad_set_sdap_options(struct ad_options *ad_opts,
struct sdap_options *id_opts);
static struct sdap_options *
-ad_create_default_sdap_options(TALLOC_CTX *mem_ctx)
+ad_create_default_sdap_options(TALLOC_CTX *mem_ctx,
+ struct data_provider *dp)
{
struct sdap_options *id_opts;
errno_t ret;
@@ -44,6 +45,7 @@ ad_create_default_sdap_options(TALLOC_CTX *mem_ctx)
if (!id_opts) {
return NULL;
}
+ id_opts->dp = dp;
ret = dp_copy_defaults(id_opts,
ad_def_ldap_opts,
@@ -112,6 +114,7 @@ static errno_t
ad_create_sdap_options(TALLOC_CTX *mem_ctx,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sdap_options **_id_opts)
{
struct sdap_options *id_opts;
@@ -119,7 +122,7 @@ ad_create_sdap_options(TALLOC_CTX *mem_ctx,
if (cdb == NULL || conf_path == NULL) {
/* Fallback to defaults if there is no confdb */
- id_opts = ad_create_default_sdap_options(mem_ctx);
+ id_opts = ad_create_default_sdap_options(mem_ctx, dp);
if (id_opts == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Failed to initialize default sdap options\n");
@@ -220,6 +223,7 @@ struct ad_options *
ad_create_options(TALLOC_CTX *mem_ctx,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sss_domain_info *subdom)
{
struct ad_options *ad_options;
@@ -252,6 +256,7 @@ ad_create_options(TALLOC_CTX *mem_ctx,
ret = ad_create_sdap_options(ad_options,
cdb,
conf_path,
+ dp,
&ad_options->id);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, "Cannot initialize AD LDAP options\n");
@@ -304,6 +309,7 @@ struct ad_options *
ad_create_2way_trust_options(TALLOC_CTX *mem_ctx,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
const char *realm,
struct sss_domain_info *subdom,
const char *hostname,
@@ -315,7 +321,7 @@ ad_create_2way_trust_options(TALLOC_CTX *mem_ctx,
DEBUG(SSSDBG_TRACE_FUNC, "2way trust is defined to domain '%s'\n",
subdom->name);
- ad_options = ad_create_options(mem_ctx, cdb, conf_path, subdom);
+ ad_options = ad_create_options(mem_ctx, cdb, conf_path, dp, subdom);
if (ad_options == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "ad_create_options failed\n");
return NULL;
@@ -343,6 +349,7 @@ struct ad_options *
ad_create_1way_trust_options(TALLOC_CTX *mem_ctx,
struct confdb_ctx *cdb,
const char *subdom_conf_path,
+ struct data_provider *dp,
struct sss_domain_info *subdom,
const char *hostname,
const char *keytab,
@@ -355,7 +362,7 @@ ad_create_1way_trust_options(TALLOC_CTX *mem_ctx,
DEBUG(SSSDBG_TRACE_FUNC, "1way trust is defined to domain '%s'\n",
subdom->name);
- ad_options = ad_create_options(mem_ctx, cdb, subdom_conf_path, subdom);
+ ad_options = ad_create_options(mem_ctx, cdb, subdom_conf_path, dp, subdom);
if (ad_options == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "ad_create_options failed\n");
return NULL;
@@ -1056,12 +1063,13 @@ errno_t
ad_get_id_options(struct ad_options *ad_opts,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sdap_options **_opts)
{
struct sdap_options *id_opts;
errno_t ret;
- ret = ad_create_sdap_options(ad_opts, cdb, conf_path, &id_opts);
+ ret = ad_create_sdap_options(ad_opts, cdb, conf_path, dp, &id_opts);
if (ret != EOK) {
return ENOMEM;
}
diff --git a/src/providers/ad/ad_common.h b/src/providers/ad/ad_common.h
index 931aafc6c..6eb2ba7e9 100644
--- a/src/providers/ad/ad_common.h
+++ b/src/providers/ad/ad_common.h
@@ -112,11 +112,13 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
struct ad_options *ad_create_options(TALLOC_CTX *mem_ctx,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sss_domain_info *subdom);
struct ad_options *ad_create_2way_trust_options(TALLOC_CTX *mem_ctx,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
const char *realm,
struct sss_domain_info *subdom,
const char *hostname,
@@ -125,6 +127,7 @@ struct ad_options *ad_create_2way_trust_options(TALLOC_CTX *mem_ctx,
struct ad_options *ad_create_1way_trust_options(TALLOC_CTX *mem_ctx,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sss_domain_info *subdom,
const char *hostname,
const char *keytab,
@@ -147,6 +150,7 @@ errno_t
ad_get_id_options(struct ad_options *ad_opts,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sdap_options **_opts);
errno_t
ad_get_autofs_options(struct ad_options *ad_opts,
diff --git a/src/providers/ad/ad_init.c b/src/providers/ad/ad_init.c
index 8c485a7c2..b19624782 100644
--- a/src/providers/ad/ad_init.c
+++ b/src/providers/ad/ad_init.c
@@ -453,7 +453,10 @@ errno_t sssm_ad_init(TALLOC_CTX *mem_ctx,
init_ctx->options->id_ctx = init_ctx->id_ctx;
- ret = ad_get_id_options(init_ctx->options, be_ctx->cdb, be_ctx->conf_path,
+ ret = ad_get_id_options(init_ctx->options,
+ be_ctx->cdb,
+ be_ctx->conf_path,
+ be_ctx->provider,
&init_ctx->id_ctx->sdap_id_ctx->opts);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to init AD id options\n");
diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c
index bd94ba8ea..74b9f0751 100644
--- a/src/providers/ad/ad_subdomains.c
+++ b/src/providers/ad/ad_subdomains.c
@@ -265,8 +265,12 @@ ad_subdom_ad_ctx_new(struct be_ctx *be_ctx,
return ENOMEM;
}
- ad_options = ad_create_2way_trust_options(id_ctx, be_ctx->cdb,
- subdom_conf_path, realm, subdom,
+ ad_options = ad_create_2way_trust_options(id_ctx,
+ be_ctx->cdb,
+ subdom_conf_path,
+ be_ctx->provider,
+ realm,
+ subdom,
hostname, keytab);
talloc_free(subdom_conf_path);
if (ad_options == NULL) {
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c
index 2b81d7f3f..87ed96767 100644
--- a/src/providers/ipa/ipa_common.c
+++ b/src/providers/ipa/ipa_common.c
@@ -171,6 +171,7 @@ static errno_t ipa_parse_search_base(TALLOC_CTX *mem_ctx,
int ipa_get_id_options(struct ipa_options *ipa_opts,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sdap_options **_opts)
{
TALLOC_CTX *tmpctx;
@@ -190,6 +191,7 @@ int ipa_get_id_options(struct ipa_options *ipa_opts,
ret = ENOMEM;
goto done;
}
+ ipa_opts->id->dp = dp;
ret = sdap_domain_add(ipa_opts->id,
ipa_opts->id_ctx->sdap_id_ctx->be->domain,
diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h
index 3a1259ccd..725e0e937 100644
--- a/src/providers/ipa/ipa_common.h
+++ b/src/providers/ipa/ipa_common.h
@@ -235,6 +235,7 @@ int ipa_get_options(TALLOC_CTX *memctx,
int ipa_get_id_options(struct ipa_options *ipa_opts,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sdap_options **_opts);
int ipa_get_auth_options(struct ipa_options *ipa_opts,
diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c
index cd2227896..931145985 100644
--- a/src/providers/ipa/ipa_init.c
+++ b/src/providers/ipa/ipa_init.c
@@ -161,7 +161,10 @@ static errno_t ipa_init_id_ctx(TALLOC_CTX *mem_ctx,
ipa_id_ctx->sdap_id_ctx = sdap_id_ctx;
ipa_options->id_ctx = ipa_id_ctx;
- ret = ipa_get_id_options(ipa_options, be_ctx->cdb, be_ctx->conf_path,
+ ret = ipa_get_id_options(ipa_options,
+ be_ctx->cdb,
+ be_ctx->conf_path,
+ be_ctx->provider,
&sdap_id_ctx->opts);
if (ret != EOK) {
goto done;
diff --git a/src/providers/ipa/ipa_subdomains_server.c b/src/providers/ipa/ipa_subdomains_server.c
index d670a156b..1e53e7a95 100644
--- a/src/providers/ipa/ipa_subdomains_server.c
+++ b/src/providers/ipa/ipa_subdomains_server.c
@@ -148,6 +148,7 @@ ipa_create_1way_trust_ctx(struct ipa_id_ctx *id_ctx,
ad_options = ad_create_1way_trust_options(id_ctx,
be_ctx->cdb,
subdom_conf_path,
+ be_ctx->provider,
subdom,
id_ctx->server_mode->hostname,
keytab,
@@ -186,6 +187,7 @@ static struct ad_options *ipa_ad_options_new(struct be_ctx *be_ctx,
ad_options = ad_create_2way_trust_options(id_ctx,
be_ctx->cdb,
subdom_conf_path,
+ be_ctx->provider,
id_ctx->server_mode->realm,
subdom,
id_ctx->server_mode->hostname,
diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h
index 44dbc3fb0..548f0f985 100644
--- a/src/providers/ldap/ldap_common.h
+++ b/src/providers/ldap/ldap_common.h
@@ -193,6 +193,7 @@ int ldap_get_options(TALLOC_CTX *memctx,
struct sss_domain_info *dom,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sdap_options **_opts);
int ldap_get_sudo_options(struct confdb_ctx *cdb,
diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c
index 83075b5d3..44b3e9ab3 100644
--- a/src/providers/ldap/ldap_init.c
+++ b/src/providers/ldap/ldap_init.c
@@ -458,7 +458,8 @@ errno_t sssm_ldap_init(TALLOC_CTX *mem_ctx,
/* Always initialize options since it is needed everywhere. */
ret = ldap_get_options(init_ctx, be_ctx->domain, be_ctx->cdb,
- be_ctx->conf_path, &init_ctx->options);
+ be_ctx->conf_path, be_ctx->provider,
+ &init_ctx->options);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to initialize LDAP options "
"[%d]: %s\n", ret, sss_strerror(ret));
diff --git a/src/providers/ldap/ldap_options.c b/src/providers/ldap/ldap_options.c
index ccc1a2c5b..0b79715d2 100644
--- a/src/providers/ldap/ldap_options.c
+++ b/src/providers/ldap/ldap_options.c
@@ -27,6 +27,7 @@ int ldap_get_options(TALLOC_CTX *memctx,
struct sss_domain_info *dom,
struct confdb_ctx *cdb,
const char *conf_path,
+ struct data_provider *dp,
struct sdap_options **_opts)
{
struct sdap_attr_map *default_attr_map;
@@ -57,6 +58,7 @@ int ldap_get_options(TALLOC_CTX *memctx,
opts = talloc_zero(memctx, struct sdap_options);
if (!opts) return ENOMEM;
+ opts->dp = dp;
ret = sdap_domain_add(opts, dom, NULL);
if (ret != EOK) {
diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
index ecf9c4d2e..e892c4071 100644
--- a/src/providers/ldap/sdap.h
+++ b/src/providers/ldap/sdap.h
@@ -465,6 +465,7 @@ struct sdap_certmap_ctx;
struct sdap_options {
struct dp_option *basic;
+ struct data_provider *dp;
struct sdap_attr_map *gen_map;
struct sdap_attr_map *user_map;
size_t user_map_cnt;
diff --git a/src/tests/cmocka/common_mock_sdap.c b/src/tests/cmocka/common_mock_sdap.c
index cef321613..fa4787c4b 100644
--- a/src/tests/cmocka/common_mock_sdap.c
+++ b/src/tests/cmocka/common_mock_sdap.c
@@ -48,7 +48,7 @@ struct sdap_options *mock_sdap_options_ldap(TALLOC_CTX *mem_ctx,
struct sdap_options *opts = NULL;
errno_t ret;
- ret = ldap_get_options(mem_ctx, domain, confdb_ctx, conf_path, &opts);
+ ret = ldap_get_options(mem_ctx, domain, confdb_ctx, conf_path, NULL, &opts);
if (ret != EOK) {
return NULL;
}
diff --git a/src/tests/cmocka/test_ad_common.c b/src/tests/cmocka/test_ad_common.c
index 94f351e19..39ebbc633 100644
--- a/src/tests/cmocka/test_ad_common.c
+++ b/src/tests/cmocka/test_ad_common.c
@@ -449,6 +449,7 @@ static void test_ad_create_1way_trust_options(void **state)
test_ctx->ad_ctx,
NULL,
NULL,
+ NULL,
test_ctx->subdom,
ONEWAY_HOST_NAME,
ONEWAY_KEYTAB_PATH,
@@ -515,6 +516,7 @@ static void test_ad_create_2way_trust_options(void **state)
test_ctx->ad_ctx,
NULL,
NULL,
+ NULL,
REALMNAME,
test_ctx->subdom,
HOST_NAME,
@@ -585,6 +587,7 @@ test_ldap_conn_setup(void **state)
ad_ctx,
NULL,
NULL,
+ NULL,
REALMNAME,
test_ctx->subdom,
HOST_NAME,
--
2.14.3