Line data Source code
1 : /*
2 : SSSD
3 :
4 : Authors:
5 : Stephen Gallagher <sgallagh@redhat.com>
6 :
7 : Copyright (C) 2011 Red Hat
8 :
9 : This program is free software; you can redistribute it and/or modify
10 : it under the terms of the GNU General Public License as published by
11 : the Free Software Foundation; either version 3 of the License, or
12 : (at your option) any later version.
13 :
14 : This program is distributed in the hope that it will be useful,
15 : but WITHOUT ANY WARRANTY; without even the implied warranty of
16 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 : GNU General Public License for more details.
18 :
19 : You should have received a copy of the GNU General Public License
20 : along with this program. If not, see <http://www.gnu.org/licenses/>.
21 : */
22 :
23 :
24 : #include "src/responder/pam/pam_helpers.h"
25 :
26 : struct pam_initgr_table_ctx {
27 : hash_table_t *id_table;
28 : char *name;
29 : };
30 :
31 : static void pam_initgr_cache_remove(struct tevent_context *ev,
32 : struct tevent_timer *te,
33 : struct timeval tv,
34 : void *pvt);
35 :
36 62 : errno_t pam_initgr_cache_set(struct tevent_context *ev,
37 : hash_table_t *id_table,
38 : char *name,
39 : long timeout)
40 : {
41 : errno_t ret;
42 : hash_key_t key;
43 : hash_value_t val;
44 : int hret;
45 : struct tevent_timer *te;
46 : struct timeval tv;
47 : struct pam_initgr_table_ctx *table_ctx;
48 :
49 62 : table_ctx = talloc_zero(id_table, struct pam_initgr_table_ctx);
50 62 : if (!table_ctx) return ENOMEM;
51 :
52 62 : table_ctx->id_table = id_table;
53 62 : table_ctx->name = talloc_strdup(table_ctx, name);
54 62 : if (!table_ctx->name) {
55 0 : ret = ENOMEM;
56 0 : goto done;
57 : }
58 :
59 62 : key.type = HASH_KEY_STRING;
60 62 : key.str = name;
61 :
62 : /* The value isn't relevant, since we're using
63 : * a timer to remove the entry.
64 : */
65 62 : val.type = HASH_VALUE_UNDEF;
66 :
67 62 : hret = hash_enter(id_table, &key, &val);
68 62 : if (hret != HASH_SUCCESS) {
69 0 : DEBUG(SSSDBG_MINOR_FAILURE,
70 : "Could not update initgr cache for [%s]: [%s]\n",
71 : name, hash_error_string(hret));
72 0 : ret = EIO;
73 0 : goto done;
74 : } else {
75 62 : DEBUG(SSSDBG_TRACE_INTERNAL,
76 : "[%s] added to PAM initgroup cache\n",
77 : name);
78 : }
79 :
80 : /* Create a timer event to remove the entry from the cache */
81 62 : tv = tevent_timeval_current_ofs(timeout, 0);
82 62 : te = tevent_add_timer(ev, table_ctx, tv,
83 : pam_initgr_cache_remove,
84 : table_ctx);
85 62 : if (!te) {
86 0 : ret = ENOMEM;
87 0 : goto done;
88 : }
89 :
90 62 : ret = EOK;
91 :
92 : done:
93 62 : if (ret != EOK) {
94 0 : talloc_free(table_ctx);
95 : }
96 62 : return ret;
97 : }
98 :
99 16 : static void pam_initgr_cache_remove(struct tevent_context *ev,
100 : struct tevent_timer *te,
101 : struct timeval tv,
102 : void *pvt)
103 : {
104 : int hret;
105 : hash_key_t key;
106 :
107 16 : struct pam_initgr_table_ctx *table_ctx =
108 : talloc_get_type(pvt, struct pam_initgr_table_ctx);
109 :
110 16 : key.type = HASH_KEY_STRING;
111 16 : key.str = table_ctx->name;
112 :
113 16 : hret = hash_delete(table_ctx->id_table, &key);
114 16 : if (hret != HASH_SUCCESS
115 0 : && hret != HASH_ERROR_KEY_NOT_FOUND) {
116 0 : DEBUG(SSSDBG_MINOR_FAILURE,
117 : "Could not clear [%s] from initgr cache: [%s]\n",
118 : table_ctx->name,
119 : hash_error_string(hret));
120 : } else {
121 16 : DEBUG(SSSDBG_TRACE_INTERNAL,
122 : "[%s] removed from PAM initgroup cache\n",
123 : table_ctx->name);
124 : }
125 :
126 16 : talloc_free(table_ctx);
127 16 : }
128 :
129 22 : errno_t pam_initgr_check_timeout(hash_table_t *id_table,
130 : char *name)
131 : {
132 : hash_key_t key;
133 : hash_value_t val;
134 : int hret;
135 :
136 22 : key.type = HASH_KEY_STRING;
137 22 : key.str = name;
138 :
139 22 : hret = hash_lookup(id_table, &key, &val);
140 22 : if (hret != HASH_SUCCESS
141 0 : && hret != HASH_ERROR_KEY_NOT_FOUND) {
142 0 : DEBUG(SSSDBG_TRACE_ALL, "Error searching user [%s] in PAM cache.\n",
143 : name);
144 0 : return EIO;
145 22 : } else if (hret == HASH_ERROR_KEY_NOT_FOUND) {
146 0 : DEBUG(SSSDBG_TRACE_ALL, "User [%s] not found in PAM cache.\n", name);
147 0 : return ENOENT;
148 : }
149 :
150 : /* If there's a value here, then the cache
151 : * entry is still valid.
152 : */
153 22 : DEBUG(SSSDBG_TRACE_INTERNAL, "User [%s] found in PAM cache.\n", name);
154 22 : return EOK;
155 : }
156 :
|
