NSS: Initgr memory cache should work with fq names

We need to stored two versions of name to the initgroups memory cache.
Otherwise it could be stored many times if sssd is configured with
case_sensitive = false. It would be impossible to invalidate all
version of names after user login. As a result of this wrong user
groups could be returned from initgroups memory cache.

Therefore we store raw name provided by glibc function
and internal sanitized fully qualified name,
which is unique for particular user.

This patch also increase average space for initgroups
because there are also stored two quite long names in case of
fq names.

Resolves:
https://fedorahosted.org/sssd/ticket/2712

Reviewed-by: Michal Židek <mzidek@redhat.com>
(cherry picked from commit dda0258705de7255e6ec54b7f9adbde83a220996)

1 files changed, 4 insertions, 3 deletions

diff --git a/src/util/mmap_cache.h b/src/util/mmap_cache.h
index b5917b3c0..22c1ae62d 100644
--- a/src/util/mmap_cache.h
+++ b/src/util/mmap_cache.h
@@ -138,14 +138,15 @@ struct sss_mc_grp_data {
 };
 
 struct sss_mc_initgr_data {
-    rel_ptr_t name;         /* ptr to name string, rel. to struct base addr */
+    rel_ptr_t unique_name;  /* ptr to unique name string, rel. to struct base addr */
+    rel_ptr_t name;         /* ptr to raw name string, rel. to struct base addr */
     rel_ptr_t strs;         /* ptr to concatenation of all strings */
-    uint32_t reserved;
     uint32_t strs_len;      /* length of strs */
     uint32_t data_len;      /* all initgroups data len */
     uint32_t num_groups;    /* number of groups */
     uint32_t gids[0];       /* array of all groups
-                             * string with name is stored after gids */
+                             * string with name and unique_name is stored
+                             * after gids */
 };
 
 #pragma pack()