diff options
author | Jan Zeleny <jzeleny@redhat.com> | 2011-03-07 13:38:43 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-04-19 14:56:30 -0400 |
commit | 743475e5d730f1438bff4bb086600186adfe8311 (patch) | |
tree | b864a7b0305bb3865c625b9657b1d3c4b44c5326 /src/providers/ldap | |
parent | 44c90f21cfd661ef07e74002ae01481a69c22d98 (diff) | |
download | sssd-743475e5d730f1438bff4bb086600186adfe8311.tar.gz sssd-743475e5d730f1438bff4bb086600186adfe8311.tar.xz sssd-743475e5d730f1438bff4bb086600186adfe8311.zip |
Add last usn checking after reconnection
When reconnecting to the LDAP server supporting USNs (either because of new incomming
id operation or invokation of callback responsible for checking status
of the backend), detect whether the highest USN is lower than the one
SSSD has recorded. If so, setup enumeration/cleanup to refresh
potentionally changed account information in the SSSD cache.
Related ticket:
https://fedorahosted.org/sssd/ticket/734
Diffstat (limited to 'src/providers/ldap')
-rw-r--r-- | src/providers/ldap/ldap_id.c | 17 | ||||
-rw-r--r-- | src/providers/ldap/sdap_id_op.c | 15 |
2 files changed, 31 insertions, 1 deletions
diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index e2f08494e..de6183335 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -710,8 +710,13 @@ static void sdap_check_online_done(struct tevent_req *req) int ret; int dp_err = DP_ERR_FATAL; bool can_retry; + struct sdap_id_ctx *ctx; + struct sdap_server_opts *srv_opts; + + ctx = talloc_get_type(be_req->be_ctx->bet_info[BET_ID].pvt_bet_data, + struct sdap_id_ctx); - ret = sdap_cli_connect_recv(req, NULL, &can_retry, NULL, NULL); + ret = sdap_cli_connect_recv(req, NULL, &can_retry, NULL, &srv_opts); talloc_zfree(req); if (ret != EOK) { @@ -720,6 +725,16 @@ static void sdap_check_online_done(struct tevent_req *req) } } else { dp_err = DP_ERR_OK; + + if (strcmp(srv_opts->server_id, ctx->srv_opts->server_id) == 0 && + srv_opts->supports_usn && + ctx->srv_opts->last_usn > srv_opts->last_usn) { + ctx->srv_opts->max_user_value = 0; + ctx->srv_opts->max_group_value = 0; + ctx->srv_opts->last_usn = srv_opts->last_usn; + } + + sdap_steal_server_opts(ctx, &srv_opts); } sdap_handler_done(be_req, dp_err, 0, NULL); diff --git a/src/providers/ldap/sdap_id_op.c b/src/providers/ldap/sdap_id_op.c index 6933b2bb2..1f692a158 100644 --- a/src/providers/ldap/sdap_id_op.c +++ b/src/providers/ldap/sdap_id_op.c @@ -498,6 +498,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) tevent_req_callback_data(subreq, struct sdap_id_conn_data); struct sdap_id_conn_cache *conn_cache = conn_data->conn_cache; struct sdap_server_opts *srv_opts = NULL; + struct sdap_server_opts *current_srv_opts = NULL; bool can_retry = false; bool is_offline = false; int ret; @@ -527,6 +528,20 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq) } if (ret == EOK) { + current_srv_opts = conn_cache->id_ctx->srv_opts; + if (current_srv_opts) { + DEBUG(8, ("Old USN: %lu, New USN: %lu\n", current_srv_opts->last_usn, srv_opts->last_usn)); + + if (strcmp(srv_opts->server_id, current_srv_opts->server_id) == 0 && + srv_opts->supports_usn && + current_srv_opts->last_usn > srv_opts->last_usn) { + DEBUG(5, ("Server was probably re-initialized\n")); + + current_srv_opts->max_user_value= 0; + current_srv_opts->max_group_value = 0; + current_srv_opts->last_usn = 0; + } + } ret = sdap_id_conn_data_set_expire_timer(conn_data); sdap_steal_server_opts(conn_cache->id_ctx, &srv_opts); } |