diff options
Diffstat (limited to 'src/responder/common')
| -rw-r--r-- | src/responder/common/negcache.c | 40 | ||||
| -rw-r--r-- | src/responder/common/negcache.h | 12 | ||||
| -rw-r--r-- | src/responder/common/responder_cache_req.c | 8 |
3 files changed, 44 insertions, 16 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index 64270f467..fc482c411 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -376,12 +376,18 @@ int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl, -int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, uid_t uid) +int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, + struct sss_domain_info *dom, uid_t uid) { char *str; int ret; - str = talloc_asprintf(ctx, "%s/%"SPRIuid, NC_UID_PREFIX, uid); + if (dom != NULL) { + str = talloc_asprintf(ctx, "%s/%s/%"SPRIuid, NC_UID_PREFIX, dom->name, + uid); + } else { + str = talloc_asprintf(ctx, "%s/%"SPRIuid, NC_UID_PREFIX, uid); + } if (!str) return ENOMEM; ret = sss_ncache_check_str(ctx, str, ttl); @@ -390,12 +396,18 @@ int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, uid_t uid) return ret; } -int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, gid_t gid) +int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, + struct sss_domain_info *dom, gid_t gid) { char *str; int ret; - str = talloc_asprintf(ctx, "%s/%"SPRIgid, NC_GID_PREFIX, gid); + if (dom != NULL) { + str = talloc_asprintf(ctx, "%s/%s/%"SPRIgid, NC_GID_PREFIX, dom->name, + gid); + } else { + str = talloc_asprintf(ctx, "%s/%"SPRIgid, NC_GID_PREFIX, gid); + } if (!str) return ENOMEM; ret = sss_ncache_check_str(ctx, str, ttl); @@ -522,12 +534,18 @@ int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent, return sss_ncache_set_ent(ctx, permanent, dom, name, sss_ncache_set_netgr_int); } -int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, uid_t uid) +int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, + struct sss_domain_info *dom, uid_t uid) { char *str; int ret; - str = talloc_asprintf(ctx, "%s/%"SPRIuid, NC_UID_PREFIX, uid); + if (dom != NULL) { + str = talloc_asprintf(ctx, "%s/%s/%"SPRIuid, NC_UID_PREFIX, dom->name, + uid); + } else { + str = talloc_asprintf(ctx, "%s/%"SPRIuid, NC_UID_PREFIX, uid); + } if (!str) return ENOMEM; ret = sss_ncache_set_str(ctx, str, permanent); @@ -536,12 +554,18 @@ int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, uid_t uid) return ret; } -int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent, gid_t gid) +int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent, + struct sss_domain_info *dom, gid_t gid) { char *str; int ret; - str = talloc_asprintf(ctx, "%s/%"SPRIgid, NC_GID_PREFIX, gid); + if (dom != NULL) { + str = talloc_asprintf(ctx, "%s/%s/%"SPRIgid, NC_GID_PREFIX, dom->name, + gid); + } else { + str = talloc_asprintf(ctx, "%s/%"SPRIgid, NC_GID_PREFIX, gid); + } if (!str) return ENOMEM; ret = sss_ncache_set_str(ctx, str, permanent); diff --git a/src/responder/common/negcache.h b/src/responder/common/negcache.h index e7cbfe114..46e66d503 100644 --- a/src/responder/common/negcache.h +++ b/src/responder/common/negcache.h @@ -34,8 +34,10 @@ int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl, struct sss_domain_info *dom, const char *name); int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl, struct sss_domain_info *dom, const char *name); -int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, uid_t uid); -int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, gid_t gid); +int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, + struct sss_domain_info *dom, uid_t uid); +int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, + struct sss_domain_info *dom, gid_t gid); int sss_ncache_check_sid(struct sss_nc_ctx *ctx, int ttl, const char *sid); int sss_ncache_check_cert(struct sss_nc_ctx *ctx, int ttl, const char *cert); @@ -58,8 +60,10 @@ int sss_ncache_set_group(struct sss_nc_ctx *ctx, bool permanent, struct sss_domain_info *dom, const char *name); int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent, struct sss_domain_info *dom, const char *name); -int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, uid_t uid); -int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent, gid_t gid); +int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, + struct sss_domain_info *dom, uid_t uid); +int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent, + struct sss_domain_info *dom, gid_t gid); int sss_ncache_set_sid(struct sss_nc_ctx *ctx, bool permanent, const char *sid); int sss_ncache_set_cert(struct sss_nc_ctx *ctx, bool permanent, const char *cert); diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c index e7099f171..d0a90d2c9 100644 --- a/src/responder/common/responder_cache_req.c +++ b/src/responder/common/responder_cache_req.c @@ -303,10 +303,10 @@ static errno_t cache_req_check_ncache(struct cache_req_input *input, input->domain, input->dom_objname); break; case CACHE_REQ_USER_BY_ID: - ret = sss_ncache_check_uid(ncache, neg_timeout, input->id); + ret = sss_ncache_check_uid(ncache, neg_timeout, NULL, input->id); break; case CACHE_REQ_GROUP_BY_ID: - ret = sss_ncache_check_gid(ncache, neg_timeout, input->id); + ret = sss_ncache_check_gid(ncache, neg_timeout, NULL, input->id); break; case CACHE_REQ_USER_BY_CERT: ret = sss_ncache_check_cert(ncache, neg_timeout, input->cert); @@ -382,10 +382,10 @@ static void cache_req_add_to_ncache_global(struct cache_req_input *input, ret = EOK; break; case CACHE_REQ_USER_BY_ID: - ret = sss_ncache_set_uid(ncache, false, input->id); + ret = sss_ncache_set_uid(ncache, false, NULL, input->id); break; case CACHE_REQ_GROUP_BY_ID: - ret = sss_ncache_set_gid(ncache, false, input->id); + ret = sss_ncache_set_gid(ncache, false, NULL, input->id); break; case CACHE_REQ_USER_BY_CERT: ret = sss_ncache_set_cert(ncache, false, input->cert); |