diff options
author | Fabiano FidĂȘncio <fidencio@redhat.com> | 2017-02-02 13:06:30 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-03-03 13:54:14 +0100 |
commit | 189db5329db0277425bb3bdd785c19aee23bb364 (patch) | |
tree | 52b59fb950f2ef844e878054252362944ab6d1d2 | |
parent | 8718ff9ccd29f6431bfa8630bfa3576b2692c9ee (diff) | |
download | sssd-189db5329db0277425bb3bdd785c19aee23bb364.tar.gz sssd-189db5329db0277425bb3bdd785c19aee23bb364.tar.xz sssd-189db5329db0277425bb3bdd785c19aee23bb364.zip |
CACHE_REQ: Add cache_req_data_set_bypass_cache()
This new cache_req_data method has been added because of the upcoming
changes in the PAM responder.
For deciding whether to contact the cache, or just query the data
provider directly, PAM responder calls pam_initgr_check_timeout() which
will return whether the cache entry may still be valid. The cache will
be contacted only in case the cache entry is still valid, otherwise the
data provider will be called.
pam_initgr_check_timeout() basically checks whether the user (being
looked up) is still a part of an in-memory hash table. Because the entry
is a part of the hash table for really short period of time, and is
automatically removed, the communication with the data provider is forced
to happen quite often.
As the follow-up changes should not modify this behaviour, this function
was introduced so we can still call pam_initgr_check_timeout() and pass
its result to the cache_req call that will perform the lookup.
Related:
https://fedorahosted.org/sssd/ticket/1126
Signed-off-by: Fabiano FidĂȘncio <fidencio@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-rw-r--r-- | src/responder/common/cache_req/cache_req.h | 3 | ||||
-rw-r--r-- | src/responder/common/cache_req/cache_req_data.c | 12 | ||||
-rw-r--r-- | src/responder/common/cache_req/cache_req_private.h | 2 | ||||
-rw-r--r-- | src/responder/common/cache_req/cache_req_search.c | 2 |
4 files changed, 18 insertions, 1 deletions
diff --git a/src/responder/common/cache_req/cache_req.h b/src/responder/common/cache_req/cache_req.h index 185558d7d..d0e5ff439 100644 --- a/src/responder/common/cache_req/cache_req.h +++ b/src/responder/common/cache_req/cache_req.h @@ -111,6 +111,9 @@ cache_req_data_host(TALLOC_CTX *mem_ctx, const char *name, const char *alias, const char **attrs); +void +cache_req_data_set_bypass_cache(struct cache_req_data *data, + bool bypass_cache); /* Output data. */ diff --git a/src/responder/common/cache_req/cache_req_data.c b/src/responder/common/cache_req/cache_req_data.c index b2e22ec1b..5ab1493b8 100644 --- a/src/responder/common/cache_req/cache_req_data.c +++ b/src/responder/common/cache_req/cache_req_data.c @@ -357,3 +357,15 @@ cache_req_data_host(TALLOC_CTX *mem_ctx, return cache_req_data_create(mem_ctx, type, &input); } + +void +cache_req_data_set_bypass_cache(struct cache_req_data *data, + bool bypass_cache) +{ + if (data == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "cache_req_data should never be NULL\n"); + return; + } + + data->bypass_cache = bypass_cache; +} diff --git a/src/responder/common/cache_req/cache_req_private.h b/src/responder/common/cache_req/cache_req_private.h index cc4737591..3839f5aa1 100644 --- a/src/responder/common/cache_req/cache_req_private.h +++ b/src/responder/common/cache_req/cache_req_private.h @@ -84,6 +84,8 @@ struct cache_req_data { struct cache_req_cased_name protocol; uint16_t port; } svc; + + bool bypass_cache; }; struct tevent_req * diff --git a/src/responder/common/cache_req/cache_req_search.c b/src/responder/common/cache_req/cache_req_search.c index eed82cf26..ebbc2c7d1 100644 --- a/src/responder/common/cache_req/cache_req_search.c +++ b/src/responder/common/cache_req/cache_req_search.c @@ -214,7 +214,7 @@ cache_req_search_send(TALLOC_CTX *mem_ctx, */ state->result = NULL; status = CACHE_OBJECT_MISSING; - if (!cr->plugin->bypass_cache) { + if (!cr->plugin->bypass_cache && !cr->data->bypass_cache) { ret = cache_req_search_cache(state, cr, &state->result); if (ret != EOK && ret != ENOENT) { goto done; |