RESPONDER: Removing ncache from pam_ctx

This patch switches ncache from pam_ctx to resp_ctx. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
author: Petr Cech <pcech@redhat.com> 2016-05-05 05:12:48 -0400
committer: Lukas Slebodnik <lslebodn@redhat.com> 2016-05-11 13:43:16 +0200
commit: 8110a8e2369e49c288ede1473657be9451a244e5 (patch)
tree: df3ebc48cc44de568313c4cb79a0d8fed9ff38db
parent: 459f7de99ec65626be5ea6517d9d953c8714c327 (diff)
download: sssd-8110a8e2369e49c288ede1473657be9451a244e5.tar.gz
sssd-8110a8e2369e49c288ede1473657be9451a244e5.tar.xz
sssd-8110a8e2369e49c288ede1473657be9451a244e5.zip
4 files changed, 8 insertions, 21 deletions
diff --git a/src/responder/pam/pamsrv.c b/src/responder/pam/pamsrv.c
index 78521e895..6596ccd75 100644
--- a/src/responder/pam/pamsrv.c
+++ b/src/responder/pam/pamsrv.c
@@ -191,7 +191,6 @@ static int pam_process_init(TALLOC_CTX *mem_ctx,
     struct be_conn *iter;
     struct pam_ctx *pctx;
     int ret, max_retries;
-    uint32_t neg_timeout;
     int id_timeout;
     int fd_limit;
 
@@ -259,17 +258,7 @@ static int pam_process_init(TALLOC_CTX *mem_ctx,
 
     pctx->id_timeout = (size_t)id_timeout;
 
-    ret = responder_get_neg_timeout_from_confdb(cdb, &neg_timeout);
-    if (ret != EOK) goto done;
-
-    ret = sss_ncache_init(pctx, neg_timeout, &pctx->ncache);
-    if (ret != EOK) {
-        DEBUG(SSSDBG_FATAL_FAILURE,
-              "fatal error initializing negative cache\n");
-        goto done;
-    }
-
-    ret = sss_ncache_prepopulate(pctx->ncache, cdb, pctx->rctx);
+    ret = sss_ncache_prepopulate(pctx->rctx->ncache, cdb, pctx->rctx);
     if (ret != EOK) {
         goto done;
     }
@@ -296,7 +285,7 @@ static int pam_process_init(TALLOC_CTX *mem_ctx,
     }
     responder_set_fd_limit(fd_limit);
 
-    ret = schedule_get_domains_task(rctx, rctx->ev, rctx, pctx->ncache);
+    ret = schedule_get_domains_task(rctx, rctx->ev, rctx, pctx->rctx->ncache);
     if (ret != EOK) {
         DEBUG(SSSDBG_FATAL_FAILURE, "schedule_get_domains_tasks failed.\n");
         goto done;
diff --git a/src/responder/pam/pamsrv.h b/src/responder/pam/pamsrv.h
index a4d2ae69e..e686d03a4 100644
--- a/src/responder/pam/pamsrv.h
+++ b/src/responder/pam/pamsrv.h
@@ -33,7 +33,6 @@ typedef void (pam_dp_callback_t)(struct pam_auth_req *preq);
 
 struct pam_ctx {
     struct resp_ctx *rctx;
-    struct sss_nc_ctx *ncache;
     time_t id_timeout;
     hash_table_t *id_table;
     size_t trusted_uids_count;
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index 6fd934509..a25d2ef64 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -1142,7 +1142,8 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
                 goto done;
             }
 
-            ncret = sss_ncache_check_user(pctx->ncache, preq->domain, pd->user);
+            ncret = sss_ncache_check_user(pctx->rctx->ncache,
+                                          preq->domain, pd->user);
             if (ncret == EEXIST) {
                 /* User found in the negative cache */
                 ret = ENOENT;
@@ -1154,7 +1155,8 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
                  dom = get_next_domain(dom, 0)) {
                 if (dom->fqnames) continue;
 
-                ncret = sss_ncache_check_user(pctx->ncache, dom, pd->user);
+                ncret = sss_ncache_check_user(pctx->rctx->ncache,
+                                              dom, pd->user);
                 if (ncret == ENOENT) {
                     /* User not found in the negative cache
                      * Proceed with PAM actions
@@ -1247,7 +1249,7 @@ static void pam_forwarder_cert_cb(struct tevent_req *req)
 
 
     req = cache_req_user_by_cert_send(preq, cctx->ev, cctx->rctx,
-                                      pctx->ncache, 0, NULL, cert);
+                                      pctx->rctx->ncache, 0, NULL, cert);
     if (req == NULL) {
         DEBUG(SSSDBG_OP_FAILURE, "cache_req_user_by_cert_send failed.\n");
         ret = ENOMEM;
@@ -1504,7 +1506,7 @@ static int pam_check_user_search(struct pam_auth_req *preq)
         if (ret == ENOENT) {
             if (preq->check_provider == false) {
                 /* set negative cache only if not result of cache check */
-                ret = sss_ncache_set_user(pctx->ncache, false, dom, name);
+                ret = sss_ncache_set_user(pctx->rctx->ncache, false, dom, name);
                 if (ret != EOK) {
                     /* Should not be fatal, just slower next time */
                     DEBUG(SSSDBG_MINOR_FAILURE,
diff --git a/src/tests/cmocka/test_pam_srv.c b/src/tests/cmocka/test_pam_srv.c
index d88d9a036..1e3ac542c 100644
--- a/src/tests/cmocka/test_pam_srv.c
+++ b/src/tests/cmocka/test_pam_srv.c
@@ -177,9 +177,6 @@ struct pam_ctx *mock_pctx(TALLOC_CTX *mem_ctx)
     pctx = talloc_zero(mem_ctx, struct pam_ctx);
     assert_non_null(pctx);
 
-    ret = sss_ncache_init(pctx, 10, &pctx->ncache);
-    assert_int_equal(ret, EOK);
-
     ret = sss_hash_create(pctx, 10, &pctx->id_table);
     assert_int_equal(ret, EOK);
author	Petr Cech <pcech@redhat.com>	2016-05-05 05:12:48 -0400
committer	Lukas Slebodnik <lslebodn@redhat.com>	2016-05-11 13:43:16 +0200
commit	8110a8e2369e49c288ede1473657be9451a244e5 (patch)
tree	df3ebc48cc44de568313c4cb79a0d8fed9ff38db
parent	459f7de99ec65626be5ea6517d9d953c8714c327 (diff)
download	sssd-8110a8e2369e49c288ede1473657be9451a244e5.tar.gz sssd-8110a8e2369e49c288ede1473657be9451a244e5.tar.xz sssd-8110a8e2369e49c288ede1473657be9451a244e5.zip