diff options
author | Pavel Březina <pbrezina@redhat.com> | 2016-10-05 14:05:45 +0200 |
---|---|---|
committer | Lukas Slebodnik <lslebodn@redhat.com> | 2016-12-19 23:28:55 +0100 |
commit | 4049b63f8c67ada17b453463b0451ca6be3d5de4 (patch) | |
tree | 1c0d014c7b63ec9d17eca6bd2891f76072abe92b /src/responder/nss/nsssrv.c | |
parent | a5a3bbb0bbaeb8946c228c2fb7f0cf450595dd3e (diff) | |
download | sssd-4049b63f8c67ada17b453463b0451ca6be3d5de4.tar.gz sssd-4049b63f8c67ada17b453463b0451ca6be3d5de4.tar.xz sssd-4049b63f8c67ada17b453463b0451ca6be3d5de4.zip |
nss: rewrite nss responder so it uses cache_req
Given the size of the current nss responder it was quite impossible
to simply switch into using the cache_req interface, especially
because most of the code was duplication of cache lookups.
This patch completely rewrites the responder from scratch. The amount
of code was reduced to less than a half lines of code with no code duplication,
better documentation and better maintainability and readability.
All functionality should be intact.
*Code organization*
All protocol (parsing input message and send a reply) is placed
in nss_protocol.c. Functions that deals with creating a reply
packet are placed into their specific nss_protocol_$object.c files.
All supported commands are placed into nss_cmd.c. Functions that
deals with cache req are in nss_get_object.c and nss_enum.c.
*Code flow for non-enumeration*
An nss_getby_$input-type is called for each non-enumeration command.
This function parses the input message, creates a cache_req_data
structure and issues nss_get_object that calls cache_req. When
this request is done nss_getby_done make sure a reply is sent to
the client.
*Comments on enumeration*
I made some effort to make sure enumeration shares the same code
for users, groups, services and netgroups. Netgroups now uses
nss negative cache instead of implementing its own.
Resolves:
https://fedorahosted.org/sssd/ticket/3151
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/responder/nss/nsssrv.c')
-rw-r--r-- | src/responder/nss/nsssrv.c | 54 |
1 files changed, 15 insertions, 39 deletions
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index 8318b35f7..70c67d463 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -33,11 +33,10 @@ #include <dbus/dbus.h> #include "util/util.h" -#include "responder/nss/nsssrv.h" -#include "responder/nss/nsssrv_private.h" -#include "responder/nss/nsssrv_mmap_cache.h" -#include "responder/nss/nsssrv_netgroup.h" +#include "util/sss_ptr_hash.h" +#include "responder/nss/nss_private.h" #include "responder/nss/nss_iface.h" +#include "responder/nss/nsssrv_mmap_cache.h" #include "responder/common/negcache.h" #include "db/sysdb.h" #include "confdb/confdb.h" @@ -138,16 +137,15 @@ done: static int nss_clear_netgroup_hash_table(struct sbus_request *dbus_req, void *data) { - errno_t ret; - struct resp_ctx *rctx = talloc_get_type(data, struct resp_ctx); - struct nss_ctx *nctx = (struct nss_ctx*) rctx->pvt_ctx; + struct resp_ctx *rctx; + struct nss_ctx *nss_ctx; - ret = nss_orphan_netgroups(nctx); - if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, - "Could not invalidate netgroups\n"); - return ret; - } + rctx = talloc_get_type(data, struct resp_ctx); + nss_ctx = talloc_get_type(rctx->pvt_ctx, struct nss_ctx); + + DEBUG(SSSDBG_TRACE_FUNC, "Invalidating netgroup hash table\n"); + + sss_ptr_hash_delete_all(nss_ctx->netgrent, true); return sbus_request_return_and_finish(dbus_req, DBUS_TYPE_INVALID); } @@ -326,24 +324,6 @@ done: return ret; } -int nss_memorycache_update_initgroups(struct sbus_request *sbus_req, - void *data, - const char *user, - const char *domain, - uint32_t *groups, - int num_groups) -{ - struct resp_ctx *rctx = talloc_get_type(data, struct resp_ctx); - struct nss_ctx *nctx = talloc_get_type(rctx->pvt_ctx, struct nss_ctx); - - DEBUG(SSSDBG_TRACE_LIBS, "Updating inigroups memory cache of [%s@%s]\n", - user, domain); - - nss_update_initgr_memcache(nctx, user, domain, num_groups, groups); - - return iface_nss_memorycache_UpdateInitgroups_finish(sbus_req); -} - static void nss_dp_reconnect_init(struct sbus_connection *conn, int status, void *pvt) { @@ -382,7 +362,6 @@ int nss_process_init(TALLOC_CTX *mem_ctx, int memcache_timeout; int ret, max_retries; enum idmap_error_code err; - int hret; int fd_limit; nss_cmds = get_nss_cmds(); @@ -443,13 +422,10 @@ int nss_process_init(TALLOC_CTX *mem_ctx, goto fail; } - /* Create the lookup table for netgroup results */ - hret = sss_hash_create_ex(nctx, 10, &nctx->netgroups, 0, 0, 0, 0, - netgroup_hash_delete_cb, NULL); - if (hret != HASH_SUCCESS) { - DEBUG(SSSDBG_FATAL_FAILURE, - "Unable to initialize netgroup hash table\n"); - ret = EIO; + nctx->netgrent = sss_ptr_hash_create(nctx, NULL, NULL); + if (nctx->netgrent == NULL) { + DEBUG(SSSDBG_FATAL_FAILURE, "Unable to initialize netgroups table!\n"); + ret = EFAULT; goto fail; } |