sysdb_add_incomplete_group: store SID string is available

During initgroups request we read the SID of a group from the server but do not save it to the cache. This patch fixes this and might help to avoid an additional lookup of the SID later.
author: Sumit Bose <sbose@redhat.com> 2013-08-08 12:04:11 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2013-08-19 22:32:34 +0200
commit: 75dd4b05e1dacc76dc9d5f16be31978f84a71dc5 (patch)
tree: c01533ef057253df9b22d83db188744a554923c2 /src/providers/ldap/sdap_async_initgroups.c
parent: fd04fbbf93d33db729404cdc4408f59226025ea6 (diff)
download: sssd-75dd4b05e1dacc76dc9d5f16be31978f84a71dc5.tar.gz
sssd-75dd4b05e1dacc76dc9d5f16be31978f84a71dc5.tar.xz
sssd-75dd4b05e1dacc76dc9d5f16be31978f84a71dc5.zip
1 files changed, 17 insertions, 8 deletions
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
index 9a46dc9b9..aa0ea4c1b 100644
--- a/src/providers/ldap/sdap_async_initgroups.c
+++ b/src/providers/ldap/sdap_async_initgroups.c
@@ -48,7 +48,7 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb,
     bool in_transaction = false;
     bool posix;
     time_t now;
-    char *sid_str;
+    char *sid_str = NULL;
     bool use_id_mapping;
     char *tmp_name;
 
@@ -127,16 +127,24 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb,
             if (strcmp(groupname, missing[i]) == 0) {
                 posix = true;
 
+                ret = sdap_attrs_get_sid_str(
+                        tmp_ctx, opts->idmap_ctx, ldap_groups[ai],
+                        opts->group_map[SDAP_AT_GROUP_OBJECTSID].sys_name,
+                        &sid_str);
+                if (ret != EOK && ret != ENOENT) goto done;
+
                 if (use_id_mapping) {
+                    if (sid_str == NULL) {
+                        DEBUG(SSSDBG_MINOR_FAILURE, ("No SID for group [%s] " \
+                                                     "while id-mapping.\n",
+                                                     groupname));
+                        ret = EINVAL;
+                        goto done;
+                    }
+
                     DEBUG(SSSDBG_TRACE_LIBS,
                           ("Mapping group [%s] objectSID to unix ID\n", groupname));
 
-                    ret = sdap_attrs_get_sid_str(
-                            tmp_ctx, opts->idmap_ctx, ldap_groups[ai],
-                            opts->group_map[SDAP_AT_GROUP_OBJECTSID].sys_name,
-                            &sid_str);
-                    if (ret != EOK) goto done;
-
                     DEBUG(SSSDBG_TRACE_INTERNAL,
                           ("Group [%s] has objectSID [%s]\n",
                            groupname, sid_str));
@@ -187,7 +195,8 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb,
                 DEBUG(SSSDBG_TRACE_INTERNAL,
                       ("Adding fake group %s to sysdb\n", groupname));
                 ret = sysdb_add_incomplete_group(sysdb, domain, groupname, gid,
-                                                 original_dn, posix, now);
+                                                 original_dn, sid_str, posix,
+                                                 now);
                 if (ret != EOK) {
                     goto done;
                 }
author	Sumit Bose <sbose@redhat.com>	2013-08-08 12:04:11 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2013-08-19 22:32:34 +0200
commit	75dd4b05e1dacc76dc9d5f16be31978f84a71dc5 (patch)
tree	c01533ef057253df9b22d83db188744a554923c2 /src/providers/ldap/sdap_async_initgroups.c
parent	fd04fbbf93d33db729404cdc4408f59226025ea6 (diff)
download	sssd-75dd4b05e1dacc76dc9d5f16be31978f84a71dc5.tar.gz sssd-75dd4b05e1dacc76dc9d5f16be31978f84a71dc5.tar.xz sssd-75dd4b05e1dacc76dc9d5f16be31978f84a71dc5.zip