sssd/0068-UTIL-move-and-rename-sysdb_error_to_errno-to-utils.patch
Michal Židek c0971b7e39 Backport a bunch of upstream fixes
- Resolves: upstream#3821 - crash related to sbus_router_destructor()
- Resolves: upstream#3810 - sbus2: fix memory leak in sbus_message_bound_ref
- Resolves: upstream#3819 - sssd only sets the SELinux login context if it
                            differs from the default
- Resolves: upstream#3807 - The sbus codegen script relies on "python" which
                            might not be available on all distributions
- Resolves: upstream#3820 - sudo: search with lower cased name for case
                            insensitive domains
- Resolves: upstream#3701 - [RFE] Allow changing default behavior of SSSD from
                            an allow-any default to a deny-any default when it
                            can't find any GPOs to apply to a user login.
- Resolves: upstream#3828 - Invalid domain provider causes SSSD to abort
                            startup
- Resolves: upstream#3500 - Make sure sssd is a replacement for pam_pkcs11
                            also for local account authentication
- Resolves: upstream#3812 - sssd 2.0.0 segfaults on startup
- Resolves: upstream#3826 - Remove references of sss_user/group/add/del
                            commands in man pages since local provider is
                            deprecated
- Resolves: upstream#3827 - SSSD should log to syslog if a domain is not
                            started due to a misconfiguration
- Resolves: upstream#3830 - Printing incorrect information about domain with
                            sssctl utility
- Resolves: upstream#3489 - p11_child should work wit openssl1.0+
- Resolves: upstream#3750 - [RFE] man 5 sssd-files should mention necessary
                            changes in nsswitch.conf
- Resovles: upstream#3650 - RFE: Require smartcard authentication
- Resolves: upstream#3334 - sssctl config-check does not check any special
                            characters in domain name of domain section
- Resolves: upstream#3849 - Files: The files provider always enumerates
                            which causes duplicate when running getent passwd
- Related: upstream#3855 - session not recording for local user when groups
                           defined
- Resolves: upstream#3802 - Reuse sysdb_error_to_errno() outside sysdb
- Related: upstream#3493 - Remove the pysss.local interface
2018-10-24 14:40:58 +02:00

361 lines
13 KiB
Diff

From f62f3b290cb5393bf9c4a9c2c424fd5c5185fe44 Mon Sep 17 00:00:00 2001
From: Tomas Halman <thalman@redhat.com>
Date: Wed, 3 Oct 2018 11:44:13 +0200
Subject: [PATCH 1/5] UTIL: move and rename sysdb_error_to_errno to utils
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The function sysdb_error_to_errno() is used by multiple component,
so we want to move it to shared place. Function is renamed to
sss_ldb_error_to_errno() and moved to util/util_errors.c.
Old name is still #defined in sysdb.h and points to new
name.
Also few places where ldb error code was handled manually
has been updated to use sss_ldb_error_to_errno.
Resolves:
https://pagure.io/SSSD/sssd/issue/3802
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Michal Židek <mzidek@redhat.com>
---
src/confdb/confdb.c | 6 ++---
src/confdb/confdb_setup.c | 6 ++---
src/db/sysdb.c | 25 ---------------------
src/db/sysdb.h | 6 ++---
.../common/cache_req/cache_req_sr_overlay.c | 4 ++--
src/responder/ifp/ifp_cache.c | 2 +-
src/tools/sss_override.c | 6 ++---
src/util/secrets/secrets.c | 26 +++++++---------------
src/util/util_errors.c | 25 +++++++++++++++++++++
src/util/util_errors.h | 3 +++
10 files changed, 51 insertions(+), 58 deletions(-)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index fdc6122..b0d886c 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -842,7 +842,7 @@ static int confdb_get_domain_section(TALLOC_CTX *mem_ctx,
ret = ldb_search(cdb->ldb, tmp_ctx, &res, dn,
LDB_SCOPE_BASE, NULL, NULL);
if (ret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(ret);
+ ret = sss_ldb_error_to_errno(ret);
goto done;
}
@@ -2076,7 +2076,7 @@ static int confdb_merge_parent_domain(const char *name,
ret = ldb_modify(cdb->ldb, replace_msg);
if (ret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(ret);
+ ret = sss_ldb_error_to_errno(ret);
DEBUG(SSSDBG_OP_FAILURE,
"Inheriting options from parent domain failed [%d]: %s\n",
ret, sss_strerror(ret));
@@ -2131,7 +2131,7 @@ static int confdb_merge_parent_domain(const char *name,
*/
ret = sss_ldb_modify_permissive(cdb->ldb, app_msg);
if (ret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(ret);
+ ret = sss_ldb_error_to_errno(ret);
DEBUG(SSSDBG_OP_FAILURE,
"Adding app-specific options failed [%d]: %s\n",
ret, sss_strerror(ret));
diff --git a/src/confdb/confdb_setup.c b/src/confdb/confdb_setup.c
index 5e35589..c2b7f9f 100644
--- a/src/confdb/confdb_setup.c
+++ b/src/confdb/confdb_setup.c
@@ -96,7 +96,7 @@ static int confdb_purge(struct confdb_ctx *cdb)
ret = ldb_search(cdb->ldb, tmp_ctx, &res, dn,
LDB_SCOPE_SUBTREE, attrs, NULL);
if (ret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(ret);
+ ret = sss_ldb_error_to_errno(ret);
goto done;
}
@@ -104,7 +104,7 @@ static int confdb_purge(struct confdb_ctx *cdb)
/* Delete this DN */
ret = ldb_delete(cdb->ldb, res->msgs[i]->dn);
if (ret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(ret);
+ ret = sss_ldb_error_to_errno(ret);
goto done;
}
}
@@ -313,7 +313,7 @@ static int confdb_init_db(const char *config_file, const char *config_dir,
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to start a transaction for "
"updating the configuration\n");
- ret = sysdb_error_to_errno(ret);
+ ret = sss_ldb_error_to_errno(ret);
goto done;
}
in_transaction = true;
diff --git a/src/db/sysdb.c b/src/db/sysdb.c
index 06d7f27..51acb86 100644
--- a/src/db/sysdb.c
+++ b/src/db/sysdb.c
@@ -871,31 +871,6 @@ char *sysdb_group_strdn(TALLOC_CTX *mem_ctx,
return build_dom_dn_str_escape(mem_ctx, SYSDB_TMPL_GROUP, domain, name);
}
-/* TODO: make a more complete and precise mapping */
-int sysdb_error_to_errno(int ldberr)
-{
- switch (ldberr) {
- case LDB_SUCCESS:
- return EOK;
- case LDB_ERR_OPERATIONS_ERROR:
- return EIO;
- case LDB_ERR_NO_SUCH_OBJECT:
- return ENOENT;
- case LDB_ERR_BUSY:
- return EBUSY;
- case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
- case LDB_ERR_ENTRY_ALREADY_EXISTS:
- return EEXIST;
- case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
- return EINVAL;
- default:
- DEBUG(SSSDBG_CRIT_FAILURE,
- "LDB returned unexpected error: [%s]\n",
- ldb_strerror(ldberr));
- return EFAULT;
- }
-}
-
/* =Transactions========================================================== */
int sysdb_transaction_start(struct sysdb_ctx *sysdb)
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 2187947..f6e3160 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -454,9 +454,6 @@ errno_t sysdb_get_highest_usn(TALLOC_CTX *mem_ctx,
size_t num_attrs,
char **_usn);
-/* convert an ldb error into an errno error */
-int sysdb_error_to_errno(int ldberr);
-
/* DNs related helper functions */
errno_t sysdb_get_rdn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
const char *dn, char **_name, char **_val);
@@ -1434,4 +1431,7 @@ errno_t sysdb_handle_original_uuid(const char *orig_name,
struct sysdb_attrs *dest_attrs,
const char *dest_name);
+/* define old name for backward compatibility */
+#define sysdb_error_to_errno(ldberr) sss_ldb_error_to_errno(ldberr)
+
#endif /* __SYS_DB_H__ */
diff --git a/src/responder/common/cache_req/cache_req_sr_overlay.c b/src/responder/common/cache_req/cache_req_sr_overlay.c
index 60da26f..b06a80a 100644
--- a/src/responder/common/cache_req/cache_req_sr_overlay.c
+++ b/src/responder/common/cache_req/cache_req_sr_overlay.c
@@ -192,7 +192,7 @@ static errno_t cache_req_sr_overlay_match_users(
}
lret = ldb_msg_add_string(msg, SYSDB_SESSION_RECORDING, enabled_str);
if (lret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(lret);
+ ret = sss_ldb_error_to_errno(lret);
CACHE_REQ_DEBUG(SSSDBG_CRIT_FAILURE, cr,
"Failed adding %s attribute: %s\n",
SYSDB_SESSION_RECORDING, sss_strerror(ret));
@@ -279,7 +279,7 @@ static void cache_req_sr_overlay_match_all_step_done(
}
lret = ldb_msg_add_string(msg, SYSDB_SESSION_RECORDING, enabled_copy);
if (lret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(lret);
+ ret = sss_ldb_error_to_errno(lret);
CACHE_REQ_DEBUG(SSSDBG_CRIT_FAILURE, state->cr,
"Failed adding %s attribute: %s\n",
SYSDB_SESSION_RECORDING, sss_strerror(ret));
diff --git a/src/responder/ifp/ifp_cache.c b/src/responder/ifp/ifp_cache.c
index 083f274..27681d0 100644
--- a/src/responder/ifp/ifp_cache.c
+++ b/src/responder/ifp/ifp_cache.c
@@ -119,7 +119,7 @@ ifp_cache_get_cached_objects(TALLOC_CTX *mem_ctx,
SYSDB_IFP_CACHED);
if (ldb_ret != LDB_SUCCESS) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to search the cache\n");
- ret = sysdb_error_to_errno(ldb_ret);
+ ret = sss_ldb_error_to_errno(ldb_ret);
goto done;
}
diff --git a/src/tools/sss_override.c b/src/tools/sss_override.c
index 21fe62d..a12aa27 100644
--- a/src/tools/sss_override.c
+++ b/src/tools/sss_override.c
@@ -936,7 +936,7 @@ static errno_t override_object_del(struct sss_domain_info *domain,
ret = ldb_msg_add_empty(msg, SYSDB_OVERRIDE_DN, LDB_FLAG_MOD_DELETE, NULL);
if (ret != LDB_SUCCESS) {
DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_empty() failed\n");
- ret = sysdb_error_to_errno(ret);
+ ret = sss_ldb_error_to_errno(ret);
goto done;
}
@@ -945,7 +945,7 @@ static errno_t override_object_del(struct sss_domain_info *domain,
DEBUG(SSSDBG_OP_FAILURE,
"ldb_modify() failed: [%s](%d)[%s]\n",
ldb_strerror(ret), ret, ldb_errstring(ldb));
- ret = sysdb_error_to_errno(ret);
+ ret = sss_ldb_error_to_errno(ret);
goto done;
}
@@ -1025,7 +1025,7 @@ static errno_t append_name(struct sss_domain_info *domain,
ret = ldb_msg_add_string(override, ORIGNAME, fqname);
if (ret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(ret);
+ ret = sss_ldb_error_to_errno(ret);
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add attribute to msg\n");
goto done;
}
diff --git a/src/util/secrets/secrets.c b/src/util/secrets/secrets.c
index ca3e657..6a317a0 100644
--- a/src/util/secrets/secrets.c
+++ b/src/util/secrets/secrets.c
@@ -417,17 +417,16 @@ static int local_db_create(struct sss_sec_req *req)
}
ret = ldb_add(req->sctx->ldb, msg);
- if (ret != EOK) {
+ if (ret != LDB_SUCCESS) {
if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
DEBUG(SSSDBG_OP_FAILURE,
"Secret %s already exists\n", ldb_dn_get_linearized(msg->dn));
- ret = EEXIST;
} else {
DEBUG(SSSDBG_CRIT_FAILURE,
"Failed to add secret [%s]: [%d]: %s\n",
ldb_dn_get_linearized(msg->dn), ret, ldb_strerror(ret));
- ret = EIO;
}
+ ret = sss_ldb_error_to_errno (ret);
goto done;
}
@@ -1109,17 +1108,16 @@ errno_t sss_sec_put(struct sss_sec_req *req,
}
ret = ldb_add(req->sctx->ldb, msg);
- if (ret != EOK) {
+ if (ret != LDB_SUCCESS) {
if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
DEBUG(SSSDBG_OP_FAILURE,
"Secret %s already exists\n", ldb_dn_get_linearized(msg->dn));
- ret = EEXIST;
} else {
DEBUG(SSSDBG_CRIT_FAILURE,
"Failed to add secret [%s]: [%d]: %s\n",
ldb_dn_get_linearized(msg->dn), ret, ldb_strerror(ret));
- ret = EIO;
}
+ ret = sss_ldb_error_to_errno (ret);
goto done;
}
@@ -1210,13 +1208,13 @@ errno_t sss_sec_update(struct sss_sec_req *req,
ret = ldb_modify(req->sctx->ldb, msg);
if (ret == LDB_ERR_NO_SUCH_OBJECT) {
DEBUG(SSSDBG_MINOR_FAILURE, "No such object to modify\n");
- ret = ENOENT;
+ ret = sss_ldb_error_to_errno (ret);
goto done;
} else if (ret != LDB_SUCCESS) {
DEBUG(SSSDBG_MINOR_FAILURE,
"ldb_modify failed: [%s](%d)[%s]\n",
ldb_strerror(ret), ret, ldb_errstring(req->sctx->ldb));
- ret = EIO;
+ ret = sss_ldb_error_to_errno (ret);
goto done;
}
@@ -1282,20 +1280,12 @@ errno_t sss_sec_delete(struct sss_sec_req *req)
/* fall through */
}
- switch (ret) {
- case LDB_SUCCESS:
- ret = EOK;
- break;
- case LDB_ERR_NO_SUCH_OBJECT:
- ret = ENOENT;
- break;
- default:
+ if (ret != LDB_SUCCESS && ret != LDB_ERR_NO_SUCH_OBJECT) {
DEBUG(SSSDBG_CRIT_FAILURE,
"LDB returned unexpected error: [%s]\n",
ldb_strerror(ret));
- ret = EFAULT;
- break;
}
+ ret = sss_ldb_error_to_errno (ret);
done:
talloc_free(tmp_ctx);
diff --git a/src/util/util_errors.c b/src/util/util_errors.c
index 5f8a2a2..d3f5e89 100644
--- a/src/util/util_errors.c
+++ b/src/util/util_errors.c
@@ -19,6 +19,7 @@
*/
#include "util/util.h"
+#include <ldb.h>
struct err_string {
const char *msg;
@@ -146,3 +147,27 @@ const char *sss_strerror(errno_t error)
return strerror(error);
}
+/* TODO: make a more complete and precise mapping */
+errno_t sss_ldb_error_to_errno(int ldberr)
+{
+ switch (ldberr) {
+ case LDB_SUCCESS:
+ return EOK;
+ case LDB_ERR_OPERATIONS_ERROR:
+ return EIO;
+ case LDB_ERR_NO_SUCH_OBJECT:
+ return ENOENT;
+ case LDB_ERR_BUSY:
+ return EBUSY;
+ case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
+ case LDB_ERR_ENTRY_ALREADY_EXISTS:
+ return EEXIST;
+ case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
+ return EINVAL;
+ default:
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "LDB returned unexpected error: [%i]\n",
+ ldberr);
+ return EFAULT;
+ }
+}
diff --git a/src/util/util_errors.h b/src/util/util_errors.h
index c6731d4..a799bba 100644
--- a/src/util/util_errors.h
+++ b/src/util/util_errors.h
@@ -178,4 +178,7 @@ enum sssd_errors {
*/
const char *sss_strerror(errno_t error);
+/* return ldb error converted to an errno */
+errno_t sss_ldb_error_to_errno(int ldberr);
+
#endif /* __SSSD_UTIL_ERRORS_H__ */
--
2.9.5