From 565e6d91814884054ec0dc4d770804d7bf472d3f Mon Sep 17 00:00:00 2001 From: Petr Cech Date: Mon, 9 Nov 2015 09:51:05 -0500 Subject: IPA_PROVIDER: Explicit no handle of services Function get_object_from_cache() does not handle services. This patch adds quick shortcut to avoid sending an LDAP query to cache. Resolves: https://fedorahosted.org/sssd/ticket/2747 Reviewed-by: Jakub Hrozek --- src/providers/ipa/ipa_id.c | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ipa_id.c index e81ccb34d..27cc2548d 100644 --- a/src/providers/ipa/ipa_id.c +++ b/src/providers/ipa/ipa_id.c @@ -30,6 +30,27 @@ #include "providers/ldap/sdap_async.h" #include "providers/ipa/ipa_id.h" +static bool is_object_overridable(struct be_acct_req *ar) +{ + bool ret = false; + + switch (ar->entry_type & BE_REQ_TYPE_MASK) { + case BE_REQ_USER: + case BE_REQ_GROUP: + case BE_REQ_INITGROUPS: + case BE_REQ_BY_SECID: + case BE_REQ_USER_AND_GROUP: + case BE_REQ_BY_UUID: + case BE_REQ_BY_CERT: + ret = true; + break; + default: + break; + } + + return ret; +} + static const char *ipa_account_info_error_text(int ret, int *dp_error, const char *default_text) { @@ -638,7 +659,8 @@ ipa_id_get_account_info_send(TALLOC_CTX *memctx, struct tevent_context *ev, || state->ar->filter_type == BE_FILTER_SECID || state->ar->extra_value == NULL || strcmp(state->ar->extra_value, - EXTRA_INPUT_MAYBE_WITH_VIEW) != 0 ) { + EXTRA_INPUT_MAYBE_WITH_VIEW) != 0 + || ! is_object_overridable(state->ar)) { ret = ipa_id_get_account_info_get_original_step(req, ar); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, @@ -820,6 +842,12 @@ static void ipa_id_get_account_info_orig_done(struct tevent_req *subreq) goto fail; } + if (! is_object_overridable(state->ar)) { + state->dp_error = DP_ERR_OK; + tevent_req_done(req); + return; + } + ret = get_object_from_cache(state, state->domain, state->ar, &state->obj_msg); if (ret == ENOENT) { -- cgit