Blame SOURCES/0057-AD-Implement-background-refresh-for-AD-domains.patch

5cd47f
From 6777831bc1b0d1218d635d2913326883f509f3e8 Mon Sep 17 00:00:00 2001
5cd47f
From: Jakub Hrozek <jhrozek@redhat.com>
5cd47f
Date: Wed, 24 Apr 2019 20:52:11 +0200
5cd47f
Subject: [PATCH 57/64] AD: Implement background refresh for AD domains
5cd47f
5cd47f
Split out the actual useful functionality from the AD account handler
5cd47f
into a tevent request. This tevent request is then subsequently used by
5cd47f
a new ad_refresh module.
5cd47f
5cd47f
Related:
5cd47f
https://pagure.io/SSSD/sssd/issue/4012
5cd47f
5cd47f
Reviewed-by: Sumit Bose <sbose@redhat.com>
5cd47f
(cherry picked from commit b72adfcc332b13489931483201bcc4c7ecf9ecb6)
5cd47f
5cd47f
Reviewed-by: Sumit Bose <sbose@redhat.com>
5cd47f
---
5cd47f
 Makefile.am                   |   5 +-
5cd47f
 src/providers/ad/ad_common.h  |   4 +
5cd47f
 src/providers/ad/ad_id.c      | 140 +++++++++++++----
5cd47f
 src/providers/ad/ad_id.h      |  10 ++
5cd47f
 src/providers/ad/ad_init.c    |   2 +-
5cd47f
 src/providers/ad/ad_refresh.c | 283 ++++++++++++++++++++++++++++++++++
5cd47f
 6 files changed, 412 insertions(+), 32 deletions(-)
5cd47f
 create mode 100644 src/providers/ad/ad_refresh.c
5cd47f
5cd47f
diff --git a/Makefile.am b/Makefile.am
5cd47f
index 0c24ae664..7d83b6847 100644
5cd47f
--- a/Makefile.am
5cd47f
+++ b/Makefile.am
5cd47f
@@ -4243,7 +4243,10 @@ libsss_ad_la_SOURCES = \
5cd47f
     src/providers/ad/ad_gpo_ndr.c \
5cd47f
     src/providers/ad/ad_srv.c \
5cd47f
     src/providers/ad/ad_subdomains.c \
5cd47f
-    src/providers/ad/ad_domain_info.c
5cd47f
+    src/providers/ad/ad_domain_info.c \
5cd47f
+    src/providers/ad/ad_refresh.c \
5cd47f
+    $(NULL)
5cd47f
+
5cd47f
 
5cd47f
 if BUILD_SUDO
5cd47f
 libsss_ad_la_SOURCES += \
5cd47f
diff --git a/src/providers/ad/ad_common.h b/src/providers/ad/ad_common.h
5cd47f
index 2f624df3d..44369288e 100644
5cd47f
--- a/src/providers/ad/ad_common.h
5cd47f
+++ b/src/providers/ad/ad_common.h
5cd47f
@@ -221,4 +221,8 @@ errno_t ad_inherit_opts_if_needed(struct dp_option *parent_opts,
5cd47f
                                   struct confdb_ctx *cdb,
5cd47f
                                   const char *subdom_conf_path,
5cd47f
                                   int opt_id);
5cd47f
+
5cd47f
+errno_t ad_refresh_init(struct be_ctx *be_ctx,
5cd47f
+                        struct ad_id_ctx *id_ctx);
5cd47f
+
5cd47f
 #endif /* AD_COMMON_H_ */
5cd47f
diff --git a/src/providers/ad/ad_id.c b/src/providers/ad/ad_id.c
5cd47f
index c3bda1662..eb6e36824 100644
5cd47f
--- a/src/providers/ad/ad_id.c
5cd47f
+++ b/src/providers/ad/ad_id.c
5cd47f
@@ -360,44 +360,36 @@ get_conn_list(TALLOC_CTX *mem_ctx, struct ad_id_ctx *ad_ctx,
5cd47f
     return clist;
5cd47f
 }
5cd47f
 
5cd47f
-struct ad_account_info_handler_state {
5cd47f
-    struct sss_domain_info *domain;
5cd47f
-    struct dp_reply_std reply;
5cd47f
+struct ad_account_info_state {
5cd47f
+    const char *err_msg;
5cd47f
+    int dp_error;
5cd47f
 };
5cd47f
 
5cd47f
-static void ad_account_info_handler_done(struct tevent_req *subreq);
5cd47f
+static void ad_account_info_done(struct tevent_req *subreq);
5cd47f
 
5cd47f
 struct tevent_req *
5cd47f
-ad_account_info_handler_send(TALLOC_CTX *mem_ctx,
5cd47f
-                              struct ad_id_ctx *id_ctx,
5cd47f
-                              struct dp_id_data *data,
5cd47f
-                              struct dp_req_params *params)
5cd47f
+ad_account_info_send(TALLOC_CTX *mem_ctx,
5cd47f
+                     struct be_ctx *be_ctx,
5cd47f
+                     struct ad_id_ctx *id_ctx,
5cd47f
+                     struct dp_id_data *data)
5cd47f
 {
5cd47f
-    struct ad_account_info_handler_state *state;
5cd47f
-    struct sdap_id_conn_ctx **clist;
5cd47f
-    struct sdap_id_ctx *sdap_id_ctx;
5cd47f
-    struct sss_domain_info *domain;
5cd47f
+    struct sss_domain_info *domain = NULL;
5cd47f
+    struct ad_account_info_state *state = NULL;
5cd47f
+    struct tevent_req *req = NULL;
5cd47f
+    struct tevent_req *subreq = NULL;
5cd47f
+    struct sdap_id_conn_ctx **clist = NULL;
5cd47f
+    struct sdap_id_ctx *sdap_id_ctx = NULL;
5cd47f
     struct sdap_domain *sdom;
5cd47f
-    struct tevent_req *subreq;
5cd47f
-    struct tevent_req *req;
5cd47f
-    struct be_ctx *be_ctx;
5cd47f
     errno_t ret;
5cd47f
 
5cd47f
-    sdap_id_ctx = id_ctx->sdap_id_ctx;
5cd47f
-    be_ctx = params->be_ctx;
5cd47f
-
5cd47f
     req = tevent_req_create(mem_ctx, &state,
5cd47f
-                            struct ad_account_info_handler_state);
5cd47f
+                            struct ad_account_info_state);
5cd47f
     if (req == NULL) {
5cd47f
         DEBUG(SSSDBG_CRIT_FAILURE, "tevent_req_create() failed\n");
5cd47f
         return NULL;
5cd47f
     }
5cd47f
 
5cd47f
-    if (sdap_is_enum_request(data)) {
5cd47f
-        DEBUG(SSSDBG_TRACE_LIBS, "Skipping enumeration on demand\n");
5cd47f
-        ret = EOK;
5cd47f
-        goto immediately;
5cd47f
-    }
5cd47f
+    sdap_id_ctx = id_ctx->sdap_id_ctx;
5cd47f
 
5cd47f
     domain = be_ctx->domain;
5cd47f
     if (strcasecmp(data->domain, be_ctx->domain->name) != 0) {
5cd47f
@@ -406,6 +398,7 @@ ad_account_info_handler_send(TALLOC_CTX *mem_ctx,
5cd47f
     }
5cd47f
 
5cd47f
     if (domain == NULL) {
5cd47f
+        DEBUG(SSSDBG_CRIT_FAILURE, "Unknown domain\n");
5cd47f
         ret = EINVAL;
5cd47f
         goto immediately;
5cd47f
     }
5cd47f
@@ -413,6 +406,7 @@ ad_account_info_handler_send(TALLOC_CTX *mem_ctx,
5cd47f
     /* Determine whether to connect to GC, LDAP or try both. */
5cd47f
     clist = get_conn_list(state, id_ctx, domain, data);
5cd47f
     if (clist == NULL) {
5cd47f
+        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot create conn list\n");
5cd47f
         ret = EIO;
5cd47f
         goto immediately;
5cd47f
     }
5cd47f
@@ -423,14 +417,100 @@ ad_account_info_handler_send(TALLOC_CTX *mem_ctx,
5cd47f
         goto immediately;
5cd47f
     }
5cd47f
 
5cd47f
-    state->domain = sdom->dom;
5cd47f
-
5cd47f
     subreq = ad_handle_acct_info_send(state, data, sdap_id_ctx,
5cd47f
                                       id_ctx->ad_options, sdom, clist);
5cd47f
     if (subreq == NULL) {
5cd47f
         ret = ENOMEM;
5cd47f
         goto immediately;
5cd47f
     }
5cd47f
+    tevent_req_set_callback(subreq, ad_account_info_done, req);
5cd47f
+    return req;
5cd47f
+
5cd47f
+immediately:
5cd47f
+    tevent_req_error(req, ret);
5cd47f
+    tevent_req_post(req, be_ctx->ev);
5cd47f
+    return req;
5cd47f
+}
5cd47f
+
5cd47f
+static void ad_account_info_done(struct tevent_req *subreq)
5cd47f
+{
5cd47f
+    struct ad_account_info_state *state = NULL;
5cd47f
+    struct tevent_req *req = NULL;
5cd47f
+    errno_t ret;
5cd47f
+
5cd47f
+    req = tevent_req_callback_data(subreq, struct tevent_req);
5cd47f
+    state = tevent_req_data(req, struct ad_account_info_state);
5cd47f
+
5cd47f
+    ret = ad_handle_acct_info_recv(subreq, &state->dp_error, &state->err_msg);
5cd47f
+    if (ret != EOK) {
5cd47f
+        DEBUG(SSSDBG_OP_FAILURE,
5cd47f
+              "ad_handle_acct_info_recv failed [%d]: %s\n",
5cd47f
+              ret, sss_strerror(ret));
5cd47f
+        /* The caller wouldn't fail either, just report the error up */
5cd47f
+    }
5cd47f
+    talloc_zfree(subreq);
5cd47f
+    tevent_req_done(req);
5cd47f
+}
5cd47f
+
5cd47f
+errno_t ad_account_info_recv(struct tevent_req *req,
5cd47f
+                             int *_dp_error,
5cd47f
+                             const char **_err_msg)
5cd47f
+{
5cd47f
+    struct ad_account_info_state *state = NULL;
5cd47f
+
5cd47f
+    state = tevent_req_data(req, struct ad_account_info_state);
5cd47f
+
5cd47f
+    if (_err_msg != NULL) {
5cd47f
+        *_err_msg = state->err_msg;
5cd47f
+    }
5cd47f
+
5cd47f
+    if (_dp_error) {
5cd47f
+        *_dp_error = state->dp_error;
5cd47f
+    }
5cd47f
+
5cd47f
+
5cd47f
+    TEVENT_REQ_RETURN_ON_ERROR(req);
5cd47f
+
5cd47f
+    return EOK;
5cd47f
+}
5cd47f
+
5cd47f
+struct ad_account_info_handler_state {
5cd47f
+    struct sss_domain_info *domain;
5cd47f
+    struct dp_reply_std reply;
5cd47f
+};
5cd47f
+
5cd47f
+static void ad_account_info_handler_done(struct tevent_req *subreq);
5cd47f
+
5cd47f
+struct tevent_req *
5cd47f
+ad_account_info_handler_send(TALLOC_CTX *mem_ctx,
5cd47f
+                              struct ad_id_ctx *id_ctx,
5cd47f
+                              struct dp_id_data *data,
5cd47f
+                              struct dp_req_params *params)
5cd47f
+{
5cd47f
+    struct ad_account_info_handler_state *state;
5cd47f
+    struct tevent_req *subreq;
5cd47f
+    struct tevent_req *req;
5cd47f
+    errno_t ret;
5cd47f
+
5cd47f
+
5cd47f
+    req = tevent_req_create(mem_ctx, &state,
5cd47f
+                            struct ad_account_info_handler_state);
5cd47f
+    if (req == NULL) {
5cd47f
+        DEBUG(SSSDBG_CRIT_FAILURE, "tevent_req_create() failed\n");
5cd47f
+        return NULL;
5cd47f
+    }
5cd47f
+
5cd47f
+    if (sdap_is_enum_request(data)) {
5cd47f
+        DEBUG(SSSDBG_TRACE_LIBS, "Skipping enumeration on demand\n");
5cd47f
+        ret = EOK;
5cd47f
+        goto immediately;
5cd47f
+    }
5cd47f
+
5cd47f
+    subreq = ad_account_info_send(state, params->be_ctx, id_ctx, data);
5cd47f
+    if (subreq == NULL) {
5cd47f
+        ret = ENOMEM;
5cd47f
+        goto immediately;
5cd47f
+    }
5cd47f
 
5cd47f
     tevent_req_set_callback(subreq, ad_account_info_handler_done, req);
5cd47f
 
5cd47f
@@ -451,13 +531,13 @@ static void ad_account_info_handler_done(struct tevent_req *subreq)
5cd47f
     struct ad_account_info_handler_state *state;
5cd47f
     struct tevent_req *req;
5cd47f
     const char *err_msg;
5cd47f
-    int dp_error;
5cd47f
+    int dp_error = DP_ERR_FATAL;
5cd47f
     errno_t ret;
5cd47f
 
5cd47f
     req = tevent_req_callback_data(subreq, struct tevent_req);
5cd47f
     state = tevent_req_data(req, struct ad_account_info_handler_state);
5cd47f
 
5cd47f
-    ret = ad_handle_acct_info_recv(subreq, &dp_error, &err_msg);
5cd47f
+    ret = ad_account_info_recv(subreq, &dp_error, &err_msg);
5cd47f
     talloc_zfree(subreq);
5cd47f
 
5cd47f
     /* TODO For backward compatibility we always return EOK to DP now. */
5cd47f
@@ -466,8 +546,8 @@ static void ad_account_info_handler_done(struct tevent_req *subreq)
5cd47f
 }
5cd47f
 
5cd47f
 errno_t ad_account_info_handler_recv(TALLOC_CTX *mem_ctx,
5cd47f
-                                      struct tevent_req *req,
5cd47f
-                                      struct dp_reply_std *data)
5cd47f
+                                     struct tevent_req *req,
5cd47f
+                                     struct dp_reply_std *data)
5cd47f
 {
5cd47f
     struct ad_account_info_handler_state *state = NULL;
5cd47f
 
5cd47f
diff --git a/src/providers/ad/ad_id.h b/src/providers/ad/ad_id.h
5cd47f
index 5154393c5..19cc54eec 100644
5cd47f
--- a/src/providers/ad/ad_id.h
5cd47f
+++ b/src/providers/ad/ad_id.h
5cd47f
@@ -33,6 +33,16 @@ errno_t ad_account_info_handler_recv(TALLOC_CTX *mem_ctx,
5cd47f
                                       struct tevent_req *req,
5cd47f
                                       struct dp_reply_std *data);
5cd47f
 
5cd47f
+struct tevent_req *
5cd47f
+ad_account_info_send(TALLOC_CTX *mem_ctx,
5cd47f
+                     struct be_ctx *be_ctx,
5cd47f
+                     struct ad_id_ctx *id_ctx,
5cd47f
+                     struct dp_id_data *data);
5cd47f
+
5cd47f
+errno_t ad_account_info_recv(struct tevent_req *req,
5cd47f
+                             int *_dp_error,
5cd47f
+                             const char **_err_msg);
5cd47f
+
5cd47f
 struct tevent_req *
5cd47f
 ad_handle_acct_info_send(TALLOC_CTX *mem_ctx,
5cd47f
                          struct dp_id_data *ar,
5cd47f
diff --git a/src/providers/ad/ad_init.c b/src/providers/ad/ad_init.c
5cd47f
index 42c2f150a..f5aea8904 100644
5cd47f
--- a/src/providers/ad/ad_init.c
5cd47f
+++ b/src/providers/ad/ad_init.c
5cd47f
@@ -408,7 +408,7 @@ static errno_t ad_init_misc(struct be_ctx *be_ctx,
5cd47f
         return ret;
5cd47f
     }
5cd47f
 
5cd47f
-    ret = sdap_refresh_init(be_ctx, sdap_id_ctx);
5cd47f
+    ret = ad_refresh_init(be_ctx, ad_id_ctx);
5cd47f
     if (ret != EOK && ret != EEXIST) {
5cd47f
         DEBUG(SSSDBG_MINOR_FAILURE, "Periodical refresh "
5cd47f
               "will not work [%d]: %s\n", ret, sss_strerror(ret));
5cd47f
diff --git a/src/providers/ad/ad_refresh.c b/src/providers/ad/ad_refresh.c
5cd47f
new file mode 100644
5cd47f
index 000000000..ee541056f
5cd47f
--- /dev/null
5cd47f
+++ b/src/providers/ad/ad_refresh.c
5cd47f
@@ -0,0 +1,283 @@
5cd47f
+/*
5cd47f
+    Copyright (C) 2019 Red Hat
5cd47f
+
5cd47f
+    This program is free software; you can redistribute it and/or modify
5cd47f
+    it under the terms of the GNU General Public License as published by
5cd47f
+    the Free Software Foundation; either version 3 of the License, or
5cd47f
+    (at your option) any later version.
5cd47f
+
5cd47f
+    This program is distributed in the hope that it will be useful,
5cd47f
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
5cd47f
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
5cd47f
+    GNU General Public License for more details.
5cd47f
+
5cd47f
+    You should have received a copy of the GNU General Public License
5cd47f
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
5cd47f
+*/
5cd47f
+
5cd47f
+#include <talloc.h>
5cd47f
+#include <tevent.h>
5cd47f
+
5cd47f
+#include "providers/ad/ad_common.h"
5cd47f
+#include "providers/ad/ad_id.h"
5cd47f
+
5cd47f
+struct ad_refresh_state {
5cd47f
+    struct tevent_context *ev;
5cd47f
+    struct be_ctx *be_ctx;
5cd47f
+    struct dp_id_data *account_req;
5cd47f
+    struct ad_id_ctx *id_ctx;
5cd47f
+    char **names;
5cd47f
+    size_t index;
5cd47f
+};
5cd47f
+
5cd47f
+static errno_t ad_refresh_step(struct tevent_req *req);
5cd47f
+static void ad_refresh_done(struct tevent_req *subreq);
5cd47f
+
5cd47f
+static struct tevent_req *ad_refresh_send(TALLOC_CTX *mem_ctx,
5cd47f
+                                            struct tevent_context *ev,
5cd47f
+                                            struct be_ctx *be_ctx,
5cd47f
+                                            struct sss_domain_info *domain,
5cd47f
+                                            int entry_type,
5cd47f
+                                            char **names,
5cd47f
+                                            void *pvt)
5cd47f
+{
5cd47f
+    struct ad_refresh_state *state = NULL;
5cd47f
+    struct tevent_req *req = NULL;
5cd47f
+    errno_t ret;
5cd47f
+    uint32_t filter_type;
5cd47f
+
5cd47f
+    req = tevent_req_create(mem_ctx, &state,
5cd47f
+                            struct ad_refresh_state);
5cd47f
+    if (req == NULL) {
5cd47f
+        DEBUG(SSSDBG_CRIT_FAILURE, "tevent_req_create() failed\n");
5cd47f
+        return NULL;
5cd47f
+    }
5cd47f
+
5cd47f
+    if (names == NULL) {
5cd47f
+        ret = EOK;
5cd47f
+        goto immediately;
5cd47f
+    }
5cd47f
+
5cd47f
+    state->ev = ev;
5cd47f
+    state->be_ctx = be_ctx;
5cd47f
+    state->id_ctx = talloc_get_type(pvt, struct ad_id_ctx);
5cd47f
+    state->names = names;
5cd47f
+    state->index = 0;
5cd47f
+
5cd47f
+    switch (entry_type) {
5cd47f
+    case BE_REQ_NETGROUP:
5cd47f
+        filter_type = BE_FILTER_NAME;
5cd47f
+        break;
5cd47f
+    case BE_REQ_USER:
5cd47f
+    case BE_REQ_GROUP:
5cd47f
+        filter_type = BE_FILTER_SECID;
5cd47f
+        break;
5cd47f
+    default:
5cd47f
+        ret = EINVAL;
5cd47f
+        goto immediately;
5cd47f
+    }
5cd47f
+
5cd47f
+    state->account_req = be_refresh_acct_req(state, entry_type,
5cd47f
+                                             filter_type, domain);
5cd47f
+    if (state->account_req == NULL) {
5cd47f
+        ret = ENOMEM;
5cd47f
+        goto immediately;
5cd47f
+    }
5cd47f
+
5cd47f
+    ret = ad_refresh_step(req);
5cd47f
+    if (ret == EOK) {
5cd47f
+        DEBUG(SSSDBG_TRACE_FUNC, "Nothing to refresh\n");
5cd47f
+        goto immediately;
5cd47f
+    } else if (ret != EAGAIN) {
5cd47f
+        DEBUG(SSSDBG_CRIT_FAILURE, "ad_refresh_step() failed "
5cd47f
+                                   "[%d]: %s\n", ret, sss_strerror(ret));
5cd47f
+        goto immediately;
5cd47f
+    }
5cd47f
+
5cd47f
+    return req;
5cd47f
+
5cd47f
+immediately:
5cd47f
+    if (ret == EOK) {
5cd47f
+        tevent_req_done(req);
5cd47f
+    } else {
5cd47f
+        tevent_req_error(req, ret);
5cd47f
+    }
5cd47f
+    tevent_req_post(req, ev);
5cd47f
+
5cd47f
+    return req;
5cd47f
+}
5cd47f
+
5cd47f
+static errno_t ad_refresh_step(struct tevent_req *req)
5cd47f
+{
5cd47f
+    struct ad_refresh_state *state = NULL;
5cd47f
+    struct tevent_req *subreq = NULL;
5cd47f
+    errno_t ret;
5cd47f
+
5cd47f
+    state = tevent_req_data(req, struct ad_refresh_state);
5cd47f
+
5cd47f
+    if (state->names == NULL) {
5cd47f
+        ret = EOK;
5cd47f
+        goto done;
5cd47f
+    }
5cd47f
+
5cd47f
+    state->account_req->filter_value = state->names[state->index];
5cd47f
+    if (state->account_req->filter_value == NULL) {
5cd47f
+        ret = EOK;
5cd47f
+        goto done;
5cd47f
+    }
5cd47f
+
5cd47f
+    DEBUG(SSSDBG_TRACE_FUNC, "Issuing refresh of %s %s\n",
5cd47f
+          be_req2str(state->account_req->entry_type),
5cd47f
+          state->account_req->filter_value);
5cd47f
+
5cd47f
+    subreq = ad_account_info_send(state, state->be_ctx, state->id_ctx,
5cd47f
+                                  state->account_req);
5cd47f
+    if (subreq == NULL) {
5cd47f
+        ret = ENOMEM;
5cd47f
+        goto done;
5cd47f
+    }
5cd47f
+
5cd47f
+    tevent_req_set_callback(subreq, ad_refresh_done, req);
5cd47f
+
5cd47f
+    state->index++;
5cd47f
+    ret = EAGAIN;
5cd47f
+
5cd47f
+done:
5cd47f
+    return ret;
5cd47f
+}
5cd47f
+
5cd47f
+static void ad_refresh_done(struct tevent_req *subreq)
5cd47f
+{
5cd47f
+    struct ad_refresh_state *state = NULL;
5cd47f
+    struct tevent_req *req = NULL;
5cd47f
+    const char *err_msg = NULL;
5cd47f
+    errno_t dp_error;
5cd47f
+    errno_t ret;
5cd47f
+
5cd47f
+    req = tevent_req_callback_data(subreq, struct tevent_req);
5cd47f
+    state = tevent_req_data(req, struct ad_refresh_state);
5cd47f
+
5cd47f
+    ret = ad_account_info_recv(subreq, &dp_error, &err_msg);
5cd47f
+    talloc_zfree(subreq);
5cd47f
+    if (ret != EOK) {
5cd47f
+        DEBUG(SSSDBG_CRIT_FAILURE, "Unable to refresh %s [dp_error: %d, "
5cd47f
+              "errno: %d]: %s\n", be_req2str(state->account_req->entry_type),
5cd47f
+              dp_error, ret, err_msg);
5cd47f
+        goto done;
5cd47f
+    }
5cd47f
+
5cd47f
+    ret = ad_refresh_step(req);
5cd47f
+    if (ret == EAGAIN) {
5cd47f
+        return;
5cd47f
+    }
5cd47f
+
5cd47f
+done:
5cd47f
+    if (ret != EOK) {
5cd47f
+        tevent_req_error(req, ret);
5cd47f
+        return;
5cd47f
+    }
5cd47f
+
5cd47f
+    tevent_req_done(req);
5cd47f
+}
5cd47f
+
5cd47f
+static errno_t ad_refresh_recv(struct tevent_req *req)
5cd47f
+{
5cd47f
+    TEVENT_REQ_RETURN_ON_ERROR(req);
5cd47f
+
5cd47f
+    return EOK;
5cd47f
+}
5cd47f
+
5cd47f
+static struct tevent_req *
5cd47f
+ad_refresh_users_send(TALLOC_CTX *mem_ctx,
5cd47f
+                      struct tevent_context *ev,
5cd47f
+                      struct be_ctx *be_ctx,
5cd47f
+                      struct sss_domain_info *domain,
5cd47f
+                      char **names,
5cd47f
+                      void *pvt)
5cd47f
+{
5cd47f
+    return ad_refresh_send(mem_ctx, ev, be_ctx, domain,
5cd47f
+                           BE_REQ_USER, names, pvt);
5cd47f
+}
5cd47f
+
5cd47f
+static errno_t ad_refresh_users_recv(struct tevent_req *req)
5cd47f
+{
5cd47f
+    return ad_refresh_recv(req);
5cd47f
+}
5cd47f
+
5cd47f
+static struct tevent_req *
5cd47f
+ad_refresh_groups_send(TALLOC_CTX *mem_ctx,
5cd47f
+                       struct tevent_context *ev,
5cd47f
+                       struct be_ctx *be_ctx,
5cd47f
+                       struct sss_domain_info *domain,
5cd47f
+                       char **names,
5cd47f
+                       void *pvt)
5cd47f
+{
5cd47f
+    return ad_refresh_send(mem_ctx, ev, be_ctx, domain,
5cd47f
+                           BE_REQ_GROUP, names, pvt);
5cd47f
+}
5cd47f
+
5cd47f
+static errno_t ad_refresh_groups_recv(struct tevent_req *req)
5cd47f
+{
5cd47f
+    return ad_refresh_recv(req);
5cd47f
+}
5cd47f
+
5cd47f
+static struct tevent_req *
5cd47f
+ad_refresh_netgroups_send(TALLOC_CTX *mem_ctx,
5cd47f
+                          struct tevent_context *ev,
5cd47f
+                          struct be_ctx *be_ctx,
5cd47f
+                          struct sss_domain_info *domain,
5cd47f
+                          char **names,
5cd47f
+                          void *pvt)
5cd47f
+{
5cd47f
+    return ad_refresh_send(mem_ctx, ev, be_ctx, domain,
5cd47f
+                           BE_REQ_NETGROUP, names, pvt);
5cd47f
+}
5cd47f
+
5cd47f
+static errno_t ad_refresh_netgroups_recv(struct tevent_req *req)
5cd47f
+{
5cd47f
+    return ad_refresh_recv(req);
5cd47f
+}
5cd47f
+
5cd47f
+errno_t ad_refresh_init(struct be_ctx *be_ctx,
5cd47f
+                        struct ad_id_ctx *id_ctx)
5cd47f
+{
5cd47f
+    errno_t ret;
5cd47f
+
5cd47f
+    ret = be_refresh_ctx_init(be_ctx, SYSDB_SID_STR);
5cd47f
+    if (ret != EOK) {
5cd47f
+        DEBUG(SSSDBG_FATAL_FAILURE, "Unable to initialize refresh_ctx\n");
5cd47f
+        return ret;
5cd47f
+    }
5cd47f
+
5cd47f
+    ret = be_refresh_add_cb(be_ctx->refresh_ctx,
5cd47f
+                            BE_REFRESH_TYPE_USERS,
5cd47f
+                            ad_refresh_users_send,
5cd47f
+                            ad_refresh_users_recv,
5cd47f
+                            id_ctx);
5cd47f
+    if (ret != EOK && ret != EEXIST) {
5cd47f
+        DEBUG(SSSDBG_MINOR_FAILURE, "Periodical refresh of users "
5cd47f
+              "will not work [%d]: %s\n", ret, strerror(ret));
5cd47f
+    }
5cd47f
+
5cd47f
+    ret = be_refresh_add_cb(be_ctx->refresh_ctx,
5cd47f
+                            BE_REFRESH_TYPE_GROUPS,
5cd47f
+                            ad_refresh_groups_send,
5cd47f
+                            ad_refresh_groups_recv,
5cd47f
+                            id_ctx);
5cd47f
+    if (ret != EOK && ret != EEXIST) {
5cd47f
+        DEBUG(SSSDBG_MINOR_FAILURE, "Periodical refresh of groups "
5cd47f
+              "will not work [%d]: %s\n", ret, strerror(ret));
5cd47f
+    }
5cd47f
+
5cd47f
+    ret = be_refresh_add_cb(be_ctx->refresh_ctx,
5cd47f
+                            BE_REFRESH_TYPE_NETGROUPS,
5cd47f
+                            ad_refresh_netgroups_send,
5cd47f
+                            ad_refresh_netgroups_recv,
5cd47f
+                            id_ctx);
5cd47f
+    if (ret != EOK && ret != EEXIST) {
5cd47f
+        DEBUG(SSSDBG_MINOR_FAILURE, "Periodical refresh of netgroups "
5cd47f
+              "will not work [%d]: %s\n", ret, strerror(ret));
5cd47f
+    }
5cd47f
+
5cd47f
+    return ret;
5cd47f
+}
5cd47f
-- 
5cd47f
2.20.1
5cd47f