diff options
| author | Yassir Elley <yelley@redhat.com> | 2014-09-07 23:23:26 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-09-08 20:49:06 +0200 |
| commit | eb0cde4e6dfdbda08588860534f7ece5776ec3af (patch) | |
| tree | 78fbcff93cf8a9edcce7473fd6c4df4e6071e85b /src/providers/ad/ad_gpo.c | |
| parent | 53b6d6e82dbe52aa655f910e87eb3595584aa9c9 (diff) | |
| download | sssd-eb0cde4e6dfdbda08588860534f7ece5776ec3af.tar.gz sssd-eb0cde4e6dfdbda08588860534f7ece5776ec3af.tar.xz sssd-eb0cde4e6dfdbda08588860534f7ece5776ec3af.zip | |
AD-GPO: delete stale GPOs
https://fedorahosted.org/sssd/ticket/2431
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers/ad/ad_gpo.c')
| -rw-r--r-- | src/providers/ad/ad_gpo.c | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/src/providers/ad/ad_gpo.c b/src/providers/ad/ad_gpo.c index 9afb9ff89..de4d44166 100644 --- a/src/providers/ad/ad_gpo.c +++ b/src/providers/ad/ad_gpo.c @@ -1733,6 +1733,7 @@ ad_gpo_process_gpo_done(struct tevent_req *subreq) struct gp_gpo **candidate_gpos = NULL; int num_candidate_gpos = 0; int i = 0; + const char **cse_filtered_gpo_guids; req = tevent_req_callback_data(subreq, struct tevent_req); state = tevent_req_data(req, struct ad_gpo_access_state); @@ -1798,14 +1799,49 @@ ad_gpo_process_gpo_done(struct tevent_req *subreq) goto done; } + /* we create and populate an array of applicable gpo-guids */ + cse_filtered_gpo_guids = + talloc_array(state, const char *, state->num_cse_filtered_gpos); + if (cse_filtered_gpo_guids == NULL) { + ret = ENOMEM; + goto done; + } + for (i = 0; i < state->num_cse_filtered_gpos; i++) { DEBUG(SSSDBG_TRACE_FUNC, "cse_filtered_gpos[%d]->gpo_guid is %s\n", i, state->cse_filtered_gpos[i]->gpo_guid); + cse_filtered_gpo_guids[i] = talloc_steal(cse_filtered_gpo_guids, + state->cse_filtered_gpos[i]->gpo_guid); + if (cse_filtered_gpo_guids[i] == NULL) { + ret = ENOMEM; + goto done; + } } DEBUG(SSSDBG_TRACE_FUNC, "num_cse_filtered_gpos: %d\n", state->num_cse_filtered_gpos); + /* + * we now have the array of applicable gpos in hand; however, since we + * may have cached a larger set of gpo-guids previously, we delete + * all stale gpo cache entries (i.e. entries that have a gpo-guid that + * doesn't match any of the gpo-guids in the cse_filtered_gpo_guids list) + */ + ret = sysdb_gpo_delete_stale_gpos(state, state->domain, + cse_filtered_gpo_guids, + state->num_cse_filtered_gpos); + if (ret != EOK) { + switch (ret) { + case ENOENT: + DEBUG(SSSDBG_OP_FAILURE, "No GPOs available in cache\n"); + default: + DEBUG(SSSDBG_FATAL_FAILURE, + "Could not delete stale GPOs from cache: [%s]\n", + strerror(ret)); + goto done; + } + } + ret = ad_gpo_cse_step(req); done: |