CONFDB: introduce helper to read a full list of configured services,

including implicitly configured
alexey-tikhonov · Oct 9, 2024 · d0ff89f · d0ff89f
1 parent b5f745f
commit d0ff89f
Show file tree

Hide file tree

Showing 3 changed files with 147 additions and 121 deletions.
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
@@ -642,6 +642,135 @@ int confdb_get_string_as_list(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
     return ret;
 }
 
+static errno_t add_implicit_services(struct confdb_ctx *cdb, TALLOC_CTX *mem_ctx,
+                                     char ***_services)
+{
+    int ret;
+    char **domain_names;
+    TALLOC_CTX *tmp_ctx;
+    size_t c;
+    char *conf_path;
+    char *id_provider;
+    bool add_pac = false;
+    bool implicit_pac_responder = true;
+
+    tmp_ctx = talloc_new(NULL);
+    if (tmp_ctx == NULL) {
+        DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n");
+        return ENOMEM;
+    }
+
+    ret = confdb_get_enabled_domain_list(cdb, tmp_ctx, &domain_names);
+    if (ret == ENOENT) {
+        DEBUG(SSSDBG_OP_FAILURE, "No domains configured!\n");
+        goto done;
+    } else if (ret != EOK) {
+        DEBUG(SSSDBG_FATAL_FAILURE, "Error retrieving domains list [%d]: %s\n",
+              ret, sss_strerror(ret));
+        goto done;
+    }
+
+    ret = confdb_get_bool(cdb, CONFDB_MONITOR_CONF_ENTRY,
+                          CONFDB_MONITOR_IMPLICIT_PAC_RESPONDER, true,
+                          &implicit_pac_responder);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE,
+              "Failed to read implicit_pac_responder option, "
+              "using default 'true'.\n");
+        implicit_pac_responder = true;
+    }
+
+    for (c = 0; domain_names[c] != NULL; c++) {
+        if (!is_valid_domain_name(domain_names[c])) {
+            DEBUG(SSSDBG_CRIT_FAILURE,
+                  "Skipping invalid domain name '%s'\n", domain_names[c]);
+            continue;
+        }
+        conf_path = talloc_asprintf(tmp_ctx, CONFDB_DOMAIN_PATH_TMPL,
+                                    domain_names[c]);
+        if (conf_path == NULL) {
+            DEBUG(SSSDBG_OP_FAILURE, "talloc_asprintf failed.\n");
+            ret = ENOMEM;
+            goto done;
+        }
+
+        ret = confdb_get_string(cdb, tmp_ctx, conf_path,
+                                CONFDB_DOMAIN_ID_PROVIDER, NULL, &id_provider);
+        if (ret == EOK) {
+            if (id_provider == NULL) {
+                DEBUG(SSSDBG_OP_FAILURE, "id_provider is not set for "
+                      "domain [%s], trying next domain.\n", domain_names[c]);
+                continue;
+            }
+
+            if (strcasecmp(id_provider, "IPA") == 0
+                        || strcasecmp(id_provider, "AD") == 0) {
+                if (implicit_pac_responder) {
+                    add_pac = true;
+                } else {
+                    DEBUG(SSSDBG_CONF_SETTINGS,
+                          "PAC resonder not enabled for id provider [%s] "
+                          "because implicit_pac_responder is set to 'false'.\n",
+                          id_provider);
+                    add_pac = false;
+                }
+            }
+        } else {
+            DEBUG(SSSDBG_OP_FAILURE, "Failed to get id_provider for " \
+                                      "domain [%s], trying next domain.\n",
+                                      domain_names[c]);
+        }
+    }
+
+    if (BUILD_WITH_PAC_RESPONDER && add_pac &&
+        !string_in_list("pac", *_services, false)) {
+        ret = add_string_to_list(mem_ctx, "pac", _services);
+        if (ret != EOK) {
+            DEBUG(SSSDBG_OP_FAILURE, "add_string_to_list failed.\n");
+            goto done;
+        }
+    }
+
+    ret = EOK;
+
+done:
+    talloc_free(tmp_ctx);
+
+    return ret;
+}
+
+int confdb_get_services_as_list(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
+                                char ***_result)
+{
+    int ret;
+
+    ret = confdb_get_string_as_list(cdb, ctx,
+                                    CONFDB_MONITOR_CONF_ENTRY,
+                                    CONFDB_MONITOR_ACTIVE_SERVICES,
+                                    _result);
+#ifdef HAVE_SYSTEMD
+    if (ret != EOK && ret != ENOENT) {
+        DEBUG(SSSDBG_FATAL_FAILURE,
+              "Failed to get the explicitly configured services!\n");
+        return EINVAL;
+    }
+#else
+    if (ret != EOK) {
+        DEBUG(SSSDBG_FATAL_FAILURE, "No services configured!\n");
+        return EINVAL;
+    }
+#endif
+
+    /* `add_implicit_services()` can handle (*_result == NULL) */
+    ret = add_implicit_services(cdb, ctx, _result);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE, "Failed to add implicitly configured services\n");
+        return EINVAL;
+    }
+
+    return EOK;
+}
+
 int confdb_init(TALLOC_CTX *mem_ctx,
                 struct confdb_ctx **cdb_ctx,
                 const char *confdb_location)

diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
@@ -731,7 +731,7 @@ int confdb_set_string(struct confdb_ctx *cdb,
  * @param[in] attribute The name of the attribute to update
  * @param[out] result A pointer to the retrieved array of strings
  *
- * @return 0 - Successfully retrieved the entry (or used the default)
+ * @return 0 - Successfully retrieved the entry
  * @return ENOMEM - There was insufficient memory to complete the operation
  * @return EINVAL - The section could not be parsed, or the attribute was not
  *                  single-valued.
@@ -742,6 +742,19 @@ int confdb_get_string_as_list(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
                               const char *section, const char *attribute,
                               char ***result);
 
+/**
+ * @brief Convenience function to retrieve a list of configured services,
+ * including implicitly configured, as a null-terminated array of strings.
+ *
+ * @param[in] cdb The connection object to the confdb
+ * @param[in] ctx The parent memory context for the returned string
+ * @param[out] _result A pointer to the retrieved array of strings
+ *
+ * @return 0 on success, error code otherwise
+ */
+int confdb_get_services_as_list(struct confdb_ctx *cdb, TALLOC_CTX *ctx,
+                                char ***_result);
+
 /**
  * @brief Convenience function to retrieve a list of subsections given a
  * configuration section name

diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
@@ -674,103 +674,6 @@ static int check_domain_ranges(struct sss_domain_info *domains)
     return EOK;
 }
 
-static errno_t add_implicit_services(struct confdb_ctx *cdb, TALLOC_CTX *mem_ctx,
-                                     char ***_services)
-{
-    int ret;
-    char **domain_names;
-    TALLOC_CTX *tmp_ctx;
-    size_t c;
-    char *conf_path;
-    char *id_provider;
-    bool add_pac = false;
-    bool implicit_pac_responder = true;
-
-    tmp_ctx = talloc_new(NULL);
-    if (tmp_ctx == NULL) {
-        DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n");
-        return ENOMEM;
-    }
-
-    ret = confdb_get_enabled_domain_list(cdb, tmp_ctx, &domain_names);
-    if (ret == ENOENT) {
-        DEBUG(SSSDBG_OP_FAILURE, "No domains configured!\n");
-        goto done;
-    } else if (ret != EOK) {
-        DEBUG(SSSDBG_FATAL_FAILURE, "Error retrieving domains list [%d]: %s\n",
-              ret, sss_strerror(ret));
-        goto done;
-    }
-
-    ret = confdb_get_bool(cdb, CONFDB_MONITOR_CONF_ENTRY,
-                          CONFDB_MONITOR_IMPLICIT_PAC_RESPONDER, true,
-                          &implicit_pac_responder);
-    if (ret != EOK) {
-        DEBUG(SSSDBG_OP_FAILURE,
-              "Failed to read implicit_pac_responder option, "
-              "using default 'true'.\n");
-        implicit_pac_responder = true;
-    }
-
-    for (c = 0; domain_names[c] != NULL; c++) {
-        if (!is_valid_domain_name(domain_names[c])) {
-            DEBUG(SSSDBG_CRIT_FAILURE,
-                  "Skipping invalid domain name '%s'\n", domain_names[c]);
-            continue;
-        }
-        conf_path = talloc_asprintf(tmp_ctx, CONFDB_DOMAIN_PATH_TMPL,
-                                    domain_names[c]);
-        if (conf_path == NULL) {
-            DEBUG(SSSDBG_OP_FAILURE, "talloc_asprintf failed.\n");
-            ret = ENOMEM;
-            goto done;
-        }
-
-        ret = confdb_get_string(cdb, tmp_ctx, conf_path,
-                                CONFDB_DOMAIN_ID_PROVIDER, NULL, &id_provider);
-        if (ret == EOK) {
-            if (id_provider == NULL) {
-                DEBUG(SSSDBG_OP_FAILURE, "id_provider is not set for "
-                      "domain [%s], trying next domain.\n", domain_names[c]);
-                continue;
-            }
-
-            if (strcasecmp(id_provider, "IPA") == 0
-                        || strcasecmp(id_provider, "AD") == 0) {
-                if (implicit_pac_responder) {
-                    add_pac = true;
-                } else {
-                    DEBUG(SSSDBG_CONF_SETTINGS,
-                          "PAC resonder not enabled for id provider [%s] "
-                          "because implicit_pac_responder is set to 'false'.\n",
-                          id_provider);
-                    add_pac = false;
-                }
-            }
-        } else {
-            DEBUG(SSSDBG_OP_FAILURE, "Failed to get id_provider for " \
-                                      "domain [%s], trying next domain.\n",
-                                      domain_names[c]);
-        }
-    }
-
-    if (BUILD_WITH_PAC_RESPONDER && add_pac &&
-        !string_in_list("pac", *_services, false)) {
-        ret = add_string_to_list(mem_ctx, "pac", _services);
-        if (ret != EOK) {
-            DEBUG(SSSDBG_OP_FAILURE, "add_string_to_list failed.\n");
-            goto done;
-        }
-    }
-
-    ret = EOK;
-
-done:
-    talloc_free(tmp_ctx);
-
-    return ret;
-}
-
 static char *check_service(char *service)
 {
     const char * const *known_services = get_known_services();
@@ -893,29 +796,10 @@ static int get_monitor_config(struct mt_ctx *ctx)
     char *badsrv = NULL;
     int i;
 
-    ret = confdb_get_string_as_list(ctx->cdb, ctx,
-                                    CONFDB_MONITOR_CONF_ENTRY,
-                                    CONFDB_MONITOR_ACTIVE_SERVICES,
-                                    &ctx->services);
-
-#ifdef HAVE_SYSTEMD
-    if (ret != EOK && ret != ENOENT) {
-        DEBUG(SSSDBG_FATAL_FAILURE,
-              "Failed to get the explicitly configured services!\n");
-        return EINVAL;
-    }
-#else
-    if (ret != EOK) {
-        DEBUG(SSSDBG_FATAL_FAILURE, "No services configured!\n");
-        return EINVAL;
-    }
-#endif
-
-    ret = add_implicit_services(ctx->cdb, ctx, &ctx->services);
+    ret = confdb_get_services_as_list(ctx->cdb, ctx,
+                                      &ctx->services);
     if (ret != EOK) {
-        DEBUG(SSSDBG_OP_FAILURE, "Failed to add implicit configured "
-                                 "services. Some functionality might "
-                                 "be missing\n");
+        return ret;
     }
 
     badsrv = check_services(ctx->services);
@@ -1657,7 +1541,7 @@ static void monitor_sbus_connected(struct tevent_req *req)
          *  expires) */
         ret = add_services_startup_timeout(ctx);
     } else {
-        DEBUG(SSSDBG_FATAL_FAILURE, "No providers configured.");
+        DEBUG(SSSDBG_FATAL_FAILURE, "No providers configured.\n");
         ret = ERR_INVALID_CONFIG;
     }