summaryrefslogtreecommitdiffstats
path: root/src/responder
diff options
context:
space:
mode:
Diffstat (limited to 'src/responder')
-rw-r--r--src/responder/common/negcache.c40
-rw-r--r--src/responder/common/negcache.h12
-rw-r--r--src/responder/common/responder_cache_req.c8
-rw-r--r--src/responder/nss/nsssrv_cmd.c19
4 files changed, 55 insertions, 24 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c
index 64270f467..fc482c411 100644
--- a/src/responder/common/negcache.c
+++ b/src/responder/common/negcache.c
@@ -376,12 +376,18 @@ int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl,
-int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, uid_t uid)
+int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl,
+ struct sss_domain_info *dom, uid_t uid)
{
char *str;
int ret;
- str = talloc_asprintf(ctx, "%s/%"SPRIuid, NC_UID_PREFIX, uid);
+ if (dom != NULL) {
+ str = talloc_asprintf(ctx, "%s/%s/%"SPRIuid, NC_UID_PREFIX, dom->name,
+ uid);
+ } else {
+ str = talloc_asprintf(ctx, "%s/%"SPRIuid, NC_UID_PREFIX, uid);
+ }
if (!str) return ENOMEM;
ret = sss_ncache_check_str(ctx, str, ttl);
@@ -390,12 +396,18 @@ int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, uid_t uid)
return ret;
}
-int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, gid_t gid)
+int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl,
+ struct sss_domain_info *dom, gid_t gid)
{
char *str;
int ret;
- str = talloc_asprintf(ctx, "%s/%"SPRIgid, NC_GID_PREFIX, gid);
+ if (dom != NULL) {
+ str = talloc_asprintf(ctx, "%s/%s/%"SPRIgid, NC_GID_PREFIX, dom->name,
+ gid);
+ } else {
+ str = talloc_asprintf(ctx, "%s/%"SPRIgid, NC_GID_PREFIX, gid);
+ }
if (!str) return ENOMEM;
ret = sss_ncache_check_str(ctx, str, ttl);
@@ -522,12 +534,18 @@ int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent,
return sss_ncache_set_ent(ctx, permanent, dom, name, sss_ncache_set_netgr_int);
}
-int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, uid_t uid)
+int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent,
+ struct sss_domain_info *dom, uid_t uid)
{
char *str;
int ret;
- str = talloc_asprintf(ctx, "%s/%"SPRIuid, NC_UID_PREFIX, uid);
+ if (dom != NULL) {
+ str = talloc_asprintf(ctx, "%s/%s/%"SPRIuid, NC_UID_PREFIX, dom->name,
+ uid);
+ } else {
+ str = talloc_asprintf(ctx, "%s/%"SPRIuid, NC_UID_PREFIX, uid);
+ }
if (!str) return ENOMEM;
ret = sss_ncache_set_str(ctx, str, permanent);
@@ -536,12 +554,18 @@ int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, uid_t uid)
return ret;
}
-int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent, gid_t gid)
+int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent,
+ struct sss_domain_info *dom, gid_t gid)
{
char *str;
int ret;
- str = talloc_asprintf(ctx, "%s/%"SPRIgid, NC_GID_PREFIX, gid);
+ if (dom != NULL) {
+ str = talloc_asprintf(ctx, "%s/%s/%"SPRIgid, NC_GID_PREFIX, dom->name,
+ gid);
+ } else {
+ str = talloc_asprintf(ctx, "%s/%"SPRIgid, NC_GID_PREFIX, gid);
+ }
if (!str) return ENOMEM;
ret = sss_ncache_set_str(ctx, str, permanent);
diff --git a/src/responder/common/negcache.h b/src/responder/common/negcache.h
index e7cbfe114..46e66d503 100644
--- a/src/responder/common/negcache.h
+++ b/src/responder/common/negcache.h
@@ -34,8 +34,10 @@ int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl,
struct sss_domain_info *dom, const char *name);
int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl,
struct sss_domain_info *dom, const char *name);
-int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, uid_t uid);
-int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, gid_t gid);
+int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl,
+ struct sss_domain_info *dom, uid_t uid);
+int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl,
+ struct sss_domain_info *dom, gid_t gid);
int sss_ncache_check_sid(struct sss_nc_ctx *ctx, int ttl, const char *sid);
int sss_ncache_check_cert(struct sss_nc_ctx *ctx, int ttl, const char *cert);
@@ -58,8 +60,10 @@ int sss_ncache_set_group(struct sss_nc_ctx *ctx, bool permanent,
struct sss_domain_info *dom, const char *name);
int sss_ncache_set_netgr(struct sss_nc_ctx *ctx, bool permanent,
struct sss_domain_info *dom, const char *name);
-int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, uid_t uid);
-int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent, gid_t gid);
+int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent,
+ struct sss_domain_info *dom, uid_t uid);
+int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent,
+ struct sss_domain_info *dom, gid_t gid);
int sss_ncache_set_sid(struct sss_nc_ctx *ctx, bool permanent, const char *sid);
int sss_ncache_set_cert(struct sss_nc_ctx *ctx, bool permanent,
const char *cert);
diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c
index e7099f171..d0a90d2c9 100644
--- a/src/responder/common/responder_cache_req.c
+++ b/src/responder/common/responder_cache_req.c
@@ -303,10 +303,10 @@ static errno_t cache_req_check_ncache(struct cache_req_input *input,
input->domain, input->dom_objname);
break;
case CACHE_REQ_USER_BY_ID:
- ret = sss_ncache_check_uid(ncache, neg_timeout, input->id);
+ ret = sss_ncache_check_uid(ncache, neg_timeout, NULL, input->id);
break;
case CACHE_REQ_GROUP_BY_ID:
- ret = sss_ncache_check_gid(ncache, neg_timeout, input->id);
+ ret = sss_ncache_check_gid(ncache, neg_timeout, NULL, input->id);
break;
case CACHE_REQ_USER_BY_CERT:
ret = sss_ncache_check_cert(ncache, neg_timeout, input->cert);
@@ -382,10 +382,10 @@ static void cache_req_add_to_ncache_global(struct cache_req_input *input,
ret = EOK;
break;
case CACHE_REQ_USER_BY_ID:
- ret = sss_ncache_set_uid(ncache, false, input->id);
+ ret = sss_ncache_set_uid(ncache, false, NULL, input->id);
break;
case CACHE_REQ_GROUP_BY_ID:
- ret = sss_ncache_set_gid(ncache, false, input->id);
+ ret = sss_ncache_set_gid(ncache, false, NULL, input->id);
break;
case CACHE_REQ_USER_BY_CERT:
ret = sss_ncache_set_cert(ncache, false, input->cert);
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index b3998015f..93c9bb81d 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -1710,7 +1710,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx)
done:
if (ret == ENOENT) {
/* The entry was not found, need to set result in negative cache */
- err = sss_ncache_set_uid(nctx->ncache, false, cmdctx->id);
+ err = sss_ncache_set_uid(nctx->ncache, false, NULL, cmdctx->id);
if (err != EOK) {
DEBUG(SSSDBG_MINOR_FAILURE,
"Cannot set negative cache for UID %"PRIu32"\n", cmdctx->id);
@@ -1779,7 +1779,8 @@ static int nss_cmd_getbyid(enum sss_cli_command cmd, struct cli_ctx *cctx)
switch(dctx->cmdctx->cmd) {
case SSS_NSS_GETPWUID:
- ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, cmdctx->id);
+ ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, NULL,
+ cmdctx->id);
if (ret == EEXIST) {
DEBUG(SSSDBG_TRACE_FUNC,
"Uid [%"PRIu32"] does not exist! (negative cache)\n",
@@ -1789,7 +1790,8 @@ static int nss_cmd_getbyid(enum sss_cli_command cmd, struct cli_ctx *cctx)
}
break;
case SSS_NSS_GETGRGID:
- ret = sss_ncache_check_gid(nctx->ncache, nctx->neg_timeout, cmdctx->id);
+ ret = sss_ncache_check_gid(nctx->ncache, nctx->neg_timeout, NULL,
+ cmdctx->id);
if (ret == EEXIST) {
DEBUG(SSSDBG_TRACE_FUNC,
"Gid [%"PRIu32"] does not exist! (negative cache)\n",
@@ -1799,10 +1801,11 @@ static int nss_cmd_getbyid(enum sss_cli_command cmd, struct cli_ctx *cctx)
}
break;
case SSS_NSS_GETSIDBYID:
- ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, cmdctx->id);
+ ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, NULL,
+ cmdctx->id);
if (ret != EEXIST) {
ret = sss_ncache_check_gid(nctx->ncache, nctx->neg_timeout,
- cmdctx->id);
+ NULL, cmdctx->id);
}
if (ret == EEXIST) {
DEBUG(SSSDBG_TRACE_FUNC,
@@ -3288,7 +3291,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx)
done:
if (ret == ENOENT) {
/* The entry was not found, need to set result in negative cache */
- err = sss_ncache_set_gid(nctx->ncache, false, cmdctx->id);
+ err = sss_ncache_set_gid(nctx->ncache, false, NULL, cmdctx->id);
if (err != EOK) {
DEBUG(SSSDBG_MINOR_FAILURE,
"Cannot set negative cache for GID %"PRIu32"\n", cmdctx->id);
@@ -4592,13 +4595,13 @@ done:
if (cmdctx->cmd == SSS_NSS_GETSIDBYID) {
DEBUG(SSSDBG_MINOR_FAILURE,
"No matching domain found for [%"PRIu32"], fail!\n", cmdctx->id);
- err = sss_ncache_set_uid(nctx->ncache, false, cmdctx->id);
+ err = sss_ncache_set_uid(nctx->ncache, false, NULL, cmdctx->id);
if (err != EOK) {
DEBUG(SSSDBG_MINOR_FAILURE,
"Cannot set negative cache for UID %"PRIu32"\n", cmdctx->id);
}
- err = sss_ncache_set_gid(nctx->ncache, false, cmdctx->id);
+ err = sss_ncache_set_gid(nctx->ncache, false, NULL, cmdctx->id);
if (err != EOK) {
DEBUG(SSSDBG_MINOR_FAILURE,
"Cannot set negative cache for GID %"PRIu32"\n", cmdctx->id);
generated by cgit (git 2.34.1) at 2024-04-30 10:09:02 +0000