diff options
| author | Lukas Slebodnik <lslebodn@redhat.com> | 2015-05-20 13:13:40 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-05-22 12:26:59 +0200 |
| commit | 75e4a7753c44e9f2a7a65fad77d95e394f81c125 (patch) | |
| tree | 29b218c4c4f4978d67e8407c0cd7be552faa0fb6 /src/responder | |
| parent | 5c2f80ef0b6ace6b331bcf99e5e5c7d73cfb92c6 (diff) | |
| download | sssd-75e4a7753c44e9f2a7a65fad77d95e394f81c125.tar.gz sssd-75e4a7753c44e9f2a7a65fad77d95e394f81c125.tar.xz sssd-75e4a7753c44e9f2a7a65fad77d95e394f81c125.zip | |
negcache: Soften condition for expired entries
Type of timestamp for entries in negative cache is time_t
which is number of *seconds* that have elapsed since 1 January 1970.
The condition for ttl was to strict so entry could be valid
from "ttl-1" to ttl e.g.
* ttl is 1 second
* entry was stored to negative cache at 1432120871.999639
stored_timestamp = 1432120871
* entry was tested few miliseconds later 1432120872.001293
current_time = 1432120872
Entry was marked as expired becuase result of condition was false
stored_timestamp + ttl < current_time
1432120871 + 1 < 1432120872
This is a reason why ./test-negcache sometime fails.
It's quite easily reproducible on slow machine or when valgrind was used.
sh$ while libtool --mode=execute valgrind ./test-negcache ; do echo OK: done
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Diffstat (limited to 'src/responder')
| -rw-r--r-- | src/responder/common/negcache.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index 2fa61af53..cf70dc52f 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -116,7 +116,7 @@ static int sss_ncache_check_str(struct sss_nc_ctx *ctx, char *str, int ttl) goto done; } - if (timestamp + ttl > time(NULL)) { + if (timestamp + ttl >= time(NULL)) { /* still valid */ ret = EEXIST; goto done; |