From df6e69c6ee28d68f7f4badc97f697a2b1329ffd0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= Date: Wed, 13 Mar 2013 15:13:46 +0100 Subject: [PATCH 4/9] DNS sites support - SRV DNS lookup plugin https://fedorahosted.org/sssd/ticket/1032 This plugin mimics the current behaviour. If discovery_domain is set it is the only domain that is tried. If discovery_domain is not set, we try to autodetect domain first and if that fails or SRV lookup on this domain fails, we fallback to SSSD domain name. --- Makefile.am | 1 + src/providers/data_provider_fo.c | 20 ++ src/providers/dp_backend.h | 3 + src/providers/fail_over_srv.c | 460 +++++++++++++++++++++++++++++++++++++++ src/providers/fail_over_srv.h | 27 +++ 5 files changed, 511 insertions(+) create mode 100644 src/providers/fail_over_srv.c diff --git a/Makefile.am b/Makefile.am index b3f262c0905cb735427b8e0a31596330451f7be0..b21a8342a901ab6e94ff76b955aba35f53cbcf6c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -323,6 +323,7 @@ endif SSSD_FAILOVER_OBJ = \ src/providers/fail_over.c \ + src/providers/fail_over_srv.c \ $(SSSD_RESOLV_OBJ) SSSD_LIBS = \ diff --git a/src/providers/data_provider_fo.c b/src/providers/data_provider_fo.c index 232717e75d3a5f995897ef81de5ec2bb2ad59834..7dcd2a4831d53baba0a7d6f75a7345e319376fb8 100644 --- a/src/providers/data_provider_fo.c +++ b/src/providers/data_provider_fo.c @@ -254,6 +254,26 @@ void be_fo_set_srv_lookup_plugin(struct be_ctx *ctx, } } +void be_fo_set_standard_srv_lookup_plugin(struct be_ctx *be_ctx, + const char *hostname) +{ + struct fo_resolve_srv_dns_ctx *srv_ctx = NULL; + + srv_ctx = fo_resolve_srv_dns_ctx_init(be_ctx, be_ctx->be_res->resolv, + be_ctx->be_res->family_order, + default_host_dbs, hostname, + be_ctx->domain->name); + if (srv_ctx == NULL) { + DEBUG(SSSDBG_FATAL_FAILURE, ("Out of memory?\n")); + return; + } + + be_fo_set_srv_lookup_plugin(be_ctx, fo_resolve_srv_dns_send, + fo_resolve_srv_dns_recv, srv_ctx, "DNS"); + + return; +} + int be_fo_add_srv_server(struct be_ctx *ctx, const char *service_name, const char *query_service, diff --git a/src/providers/dp_backend.h b/src/providers/dp_backend.h index 1b8a59e60f13b08ac4bc6dc404e70efcb669f403..931fefd3ace8cd9c554844fb91c415eb157bad5a 100644 --- a/src/providers/dp_backend.h +++ b/src/providers/dp_backend.h @@ -218,6 +218,9 @@ void be_fo_set_srv_lookup_plugin(struct be_ctx *ctx, void *pvt, const char *plugin_name); +void be_fo_set_standard_srv_lookup_plugin(struct be_ctx *be_ctx, + const char *hostname); + int be_fo_add_srv_server(struct be_ctx *ctx, const char *service_name, const char *query_service, diff --git a/src/providers/fail_over_srv.c b/src/providers/fail_over_srv.c new file mode 100644 index 0000000000000000000000000000000000000000..85c3488ad4e0997b60e52844efe74fa28a1f22ee --- /dev/null +++ b/src/providers/fail_over_srv.c @@ -0,0 +1,460 @@ +/* + Authors: + Pavel Březina + + Copyright (C) 2013 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include +#include +#include + +#include "util/util.h" +#include "resolv/async_resolv.h" +#include "providers/fail_over_srv.h" + +struct fo_discover_srv_state { + char *dns_domain; + struct fo_server_info *servers; + size_t num_servers; +}; + +static void fo_discover_srv_done(struct tevent_req *subreq); + +static struct tevent_req *fo_discover_srv_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct resolv_ctx *resolv_ctx, + const char *service, + const char *protocol, + const char **discovery_domains) +{ + struct fo_discover_srv_state *state = NULL; + struct tevent_req *req = NULL; + struct tevent_req *subreq = NULL; + errno_t ret; + + req = tevent_req_create(mem_ctx, &state, struct fo_discover_srv_state); + if (req == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("tevent_req_create() failed\n")); + return NULL; + } + + subreq = resolv_discover_srv_send(state, ev, resolv_ctx, service, + protocol, discovery_domains); + if (subreq == NULL) { + ret = ENOMEM; + goto immediately; + } + + tevent_req_set_callback(subreq, fo_discover_srv_done, req); + + return req; + +immediately: + if (ret == EOK) { + tevent_req_done(req); + } else { + tevent_req_error(req, ret); + } + tevent_req_post(req, ev); + + return req; +} + +static void fo_discover_srv_done(struct tevent_req *subreq) +{ + struct fo_discover_srv_state *state = NULL; + struct tevent_req *req = NULL; + struct ares_srv_reply *reply_list = NULL; + struct ares_srv_reply *record = NULL; + int i; + errno_t ret; + + req = tevent_req_callback_data(subreq, struct tevent_req); + state = tevent_req_data(req, struct fo_discover_srv_state); + + ret = resolv_discover_srv_recv(state, subreq, + &reply_list, &state->dns_domain); + talloc_zfree(subreq); + if (ret == ENOENT) { + ret = ERR_SRV_NOT_FOUND; + goto done; + } else if (ret == EIO) { + ret = ERR_SRV_LOOKUP_ERROR; + goto done; + } else if (ret != EOK) { + goto done; + } + + DEBUG(SSSDBG_TRACE_FUNC, ("Got answer. Processing...\n")); + + /* sort and store the answer */ + ret = resolv_sort_srv_reply(state, &reply_list); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Could not sort the answers from DNS " + "[%d]: %s\n", ret, strerror(ret))); + goto done; + } + + state->num_servers = 0; + for (record = reply_list; record != NULL; record = record->next) { + state->num_servers++; + } + + state->servers = talloc_array(state, struct fo_server_info, + state->num_servers); + if (state->servers == NULL) { + ret = ENOMEM; + goto done; + } + + for (record = reply_list, i = 0; + record != NULL; + record = record->next, i++) { + state->servers[i].host = talloc_steal(state, record->host); + state->servers[i].port = record->port; + } + + talloc_zfree(reply_list); + + ret = EOK; + +done: + if (ret != EOK) { + tevent_req_error(req, ret); + return; + } + + tevent_req_done(req); +} + +static errno_t fo_discover_srv_recv(TALLOC_CTX *mem_ctx, + struct tevent_req *req, + char **_dns_domain, + struct fo_server_info **_servers, + size_t *_num_servers) +{ + struct fo_discover_srv_state *state = NULL; + state = tevent_req_data(req, struct fo_discover_srv_state); + + TEVENT_REQ_RETURN_ON_ERROR(req); + + if (_dns_domain != NULL) { + *_dns_domain = talloc_steal(mem_ctx, state->dns_domain); + } + + if (_servers != NULL) { + *_servers = talloc_steal(mem_ctx, state->servers); + } + + if (_num_servers != NULL) { + *_num_servers = state->num_servers; + } + + return EOK; +} + +struct fo_resolve_srv_dns_ctx { + struct resolv_ctx *resolv_ctx; + enum restrict_family family_order; + enum host_database *host_dbs; + char *hostname; + char *sssd_domain; + char *detected_domain; +}; + +struct fo_resolve_srv_dns_state { + struct tevent_context *ev; + struct fo_resolve_srv_dns_ctx *ctx; + char *service; + char *protocol; + char *discovery_domain; + + char *dns_domain; + struct fo_server_info *servers; + size_t num_servers; +}; + +static void fo_resolve_srv_dns_domain_done(struct tevent_req *subreq); +static errno_t fo_resolve_srv_dns_discover(struct tevent_req *req); +static void fo_resolve_srv_dns_done(struct tevent_req *subreq); + +struct fo_resolve_srv_dns_ctx * +fo_resolve_srv_dns_ctx_init(TALLOC_CTX *mem_ctx, + struct resolv_ctx *resolv_ctx, + enum restrict_family family_order, + enum host_database *host_dbs, + const char *hostname, + const char *sssd_domain) +{ + struct fo_resolve_srv_dns_ctx *ctx = NULL; + + ctx = talloc_zero(mem_ctx, struct fo_resolve_srv_dns_ctx); + if (ctx == NULL) { + return NULL; + } + + ctx->resolv_ctx = resolv_ctx; + ctx->family_order = family_order; + ctx->host_dbs = host_dbs; + + ctx->hostname = talloc_strdup(ctx, hostname); + if (ctx->hostname == NULL) { + goto fail; + } + + ctx->sssd_domain = talloc_strdup(ctx, sssd_domain); + if (ctx->sssd_domain == NULL) { + goto fail; + } + + return ctx; + +fail: + talloc_free(ctx); + return NULL; +} + +struct tevent_req *fo_resolve_srv_dns_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + const char *service, + const char *protocol, + const char *discovery_domain, + void *pvt) +{ + struct fo_resolve_srv_dns_state *state = NULL; + struct fo_resolve_srv_dns_ctx *ctx = NULL; + struct tevent_req *req = NULL; + struct tevent_req *subreq = NULL; + errno_t ret; + + req = tevent_req_create(mem_ctx, &state, struct fo_resolve_srv_dns_state); + if (req == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("tevent_req_create() failed\n")); + return NULL; + } + + ctx = talloc_get_type(pvt, struct fo_resolve_srv_dns_ctx); + if (ctx == NULL) { + ret = EINVAL; + goto immediately; + } + + state->ev = ev; + state->ctx = ctx; + + state->service = talloc_strdup(state, service); + if (state->service == NULL) { + ret = ENOMEM; + goto immediately; + } + + state->protocol = talloc_strdup(state, protocol); + if (state->protocol == NULL) { + ret = ENOMEM; + goto immediately; + } + + if (discovery_domain == NULL) { + state->discovery_domain = NULL; + } else { + state->discovery_domain = talloc_strdup(state, discovery_domain); + if (state->discovery_domain == NULL) { + ret = ENOMEM; + goto immediately; + } + } + + if (discovery_domain == NULL && ctx->detected_domain == NULL) { + /* we will try to detect proper discovery domain */ + subreq = resolv_get_domain_send(state, state->ev, ctx->resolv_ctx, + ctx->hostname, ctx->host_dbs, + ctx->family_order); + if (subreq == NULL) { + ret = ENOMEM; + goto immediately; + } + + tevent_req_set_callback(subreq, fo_resolve_srv_dns_domain_done, req); + } else { + /* we will use either provided or previously detected + * discovery domain */ + ret = fo_resolve_srv_dns_discover(req); + if (ret != EAGAIN) { + goto immediately; + } + } + + return req; + +immediately: + if (ret == EOK) { + tevent_req_done(req); + } else { + tevent_req_error(req, ret); + } + tevent_req_post(req, ev); + + return req; +} + +static void fo_resolve_srv_dns_domain_done(struct tevent_req *subreq) +{ + struct fo_resolve_srv_dns_state *state = NULL; + struct tevent_req *req = NULL; + errno_t ret; + + req = tevent_req_callback_data(subreq, struct tevent_req); + state = tevent_req_data(req, struct fo_resolve_srv_dns_state); + + ret = resolv_get_domain_recv(state->ctx, subreq, + &state->ctx->detected_domain); + talloc_zfree(subreq); + if (ret != EOK) { + goto done; + } + + ret = fo_resolve_srv_dns_discover(req); + +done: + if (ret == EOK) { + tevent_req_done(req); + } else if (ret != EAGAIN) { + tevent_req_error(req, ret); + } + + return; +} + +static errno_t fo_resolve_srv_dns_discover(struct tevent_req *req) +{ + struct fo_resolve_srv_dns_state *state = NULL; + struct fo_resolve_srv_dns_ctx *ctx = NULL; + struct tevent_req *subreq = NULL; + const char **domains = NULL; + errno_t ret; + + state = tevent_req_data(req, struct fo_resolve_srv_dns_state); + ctx = state->ctx; + + domains = talloc_zero_array(state, const char *, 3); + if (domains == NULL) { + ret = ENOMEM; + goto done; + } + + if (state->discovery_domain == NULL) { + /* we will use detected domain with SSSD domain as fallback */ + domains[0] = talloc_strdup(domains, ctx->detected_domain); + if (domains[0] == NULL) { + ret = ENOMEM; + goto done; + } + + if (strcmp(ctx->detected_domain, ctx->sssd_domain) != 0) { + domains[1] = talloc_strdup(domains, ctx->sssd_domain); + if (domains[1] == NULL) { + ret = ENOMEM; + goto done; + } + } + } else { + /* We will use only discovery domain that was provided via plugin + * interface. We don't have to dup here because it is already on + * state. */ + domains[0] = state->discovery_domain; + } + + subreq = fo_discover_srv_send(state, state->ev, ctx->resolv_ctx, + state->service, state->protocol, domains); + if (subreq == NULL) { + ret = ENOMEM; + goto done; + } + + tevent_req_set_callback(subreq, fo_resolve_srv_dns_done, req); + + ret = EAGAIN; + +done: + if (ret != EAGAIN) { + talloc_free(domains); + } + + return ret; +} + +static void fo_resolve_srv_dns_done(struct tevent_req *subreq) +{ + struct fo_resolve_srv_dns_state *state = NULL; + struct tevent_req *req = NULL; + errno_t ret; + + req = tevent_req_callback_data(subreq, struct tevent_req); + state = tevent_req_data(req, struct fo_resolve_srv_dns_state); + + ret = fo_discover_srv_recv(state, subreq, &state->dns_domain, + &state->servers, &state->num_servers); + talloc_zfree(subreq); + if (ret != EOK) { + goto done; + } + +done: + if (ret != EOK) { + tevent_req_error(req, ret); + return; + } + + tevent_req_done(req); +} + +errno_t fo_resolve_srv_dns_recv(TALLOC_CTX *mem_ctx, + struct tevent_req *req, + char **_dns_domain, + struct fo_server_info **_primary_servers, + size_t *_num_primary_servers, + struct fo_server_info **_backup_servers, + size_t *_num_backup_servers) +{ + struct fo_resolve_srv_dns_state *state = NULL; + state = tevent_req_data(req, struct fo_resolve_srv_dns_state); + + TEVENT_REQ_RETURN_ON_ERROR(req); + + if (_primary_servers) { + *_primary_servers = talloc_steal(mem_ctx, state->servers); + } + + if (_num_primary_servers) { + *_num_primary_servers = state->num_servers; + } + + /* backup servers are not supported by simple srv lookup */ + if (_backup_servers) { + *_backup_servers = NULL; + } + + if (_num_backup_servers) { + *_num_backup_servers = 0; + } + + if (_dns_domain) { + *_dns_domain = talloc_steal(mem_ctx, state->dns_domain); + } + + return EOK; +} diff --git a/src/providers/fail_over_srv.h b/src/providers/fail_over_srv.h index 76bc1b927b99916e038e8a5353b3bfdee0419db2..ed89594ecb40c19104d8301652488546cdd9117a 100644 --- a/src/providers/fail_over_srv.h +++ b/src/providers/fail_over_srv.h @@ -69,4 +69,31 @@ typedef errno_t struct fo_server_info **_backup_servers, size_t *_num_backup_servers); +/* Simple SRV lookup plugin */ + +struct fo_resolve_srv_dns_ctx; + +struct fo_resolve_srv_dns_ctx * +fo_resolve_srv_dns_ctx_init(TALLOC_CTX *mem_ctx, + struct resolv_ctx *resolv_ctx, + enum restrict_family family_order, + enum host_database *host_dbs, + const char *hostname, + const char *sssd_domain); + +struct tevent_req *fo_resolve_srv_dns_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + const char *service, + const char *protocol, + const char *discovery_domain, + void *pvt); + +errno_t fo_resolve_srv_dns_recv(TALLOC_CTX *mem_ctx, + struct tevent_req *req, + char **_dns_domain, + struct fo_server_info **_primary_servers, + size_t *_num_primary_servers, + struct fo_server_info **_backup_servers, + size_t *_num_backup_servers); + #endif /* __FAIL_OVER_SRV_H__ */ -- 1.7.11.7