diff options
author | Petr Cech <pcech@redhat.com> | 2016-04-22 06:39:11 -0400 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-05-11 12:49:51 +0200 |
commit | 0393f0d44ac92035de29a8bc8b2005db6d90b640 (patch) | |
tree | 8d9865b75d63e2c9bec3d3a42a02bfc4bb40927e | |
parent | 39d36216a1692eee6cc5359f6c7ccaa7789be76d (diff) | |
download | sssd-0393f0d44ac92035de29a8bc8b2005db6d90b640.tar.gz sssd-0393f0d44ac92035de29a8bc8b2005db6d90b640.tar.xz sssd-0393f0d44ac92035de29a8bc8b2005db6d90b640.zip |
NEGCACHE: Removing timeout from sss_ncache_check_*
It removes timeout parameter from check functions of negative cache.
Timeout is set ny init function and it is handled internally.
API change:
* int sss_ncache_check_...(struct sss_nc_ctx *ctx,
int ttl, <----- timeout vanished
struct sss_domain_info *dom,
...);
Resolves:
https://fedorahosted.org/sssd/ticket/2317
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
-rw-r--r-- | src/responder/common/negcache.c | 89 | ||||
-rw-r--r-- | src/responder/common/negcache.h | 30 | ||||
-rw-r--r-- | src/responder/common/responder_cache_req.c | 20 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 46 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_services.c | 13 | ||||
-rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 6 | ||||
-rw-r--r-- | src/tests/cmocka/test_negcache.c | 147 |
7 files changed, 154 insertions, 197 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index 57d196902..d48402f8e 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -78,7 +78,7 @@ int sss_ncache_init(TALLOC_CTX *memctx, uint32_t timeout, return EOK; }; -static int sss_ncache_check_str(struct sss_nc_ctx *ctx, char *str, int ttl) +static int sss_ncache_check_str(struct sss_nc_ctx *ctx, char *str) { TDB_DATA key; TDB_DATA data; @@ -115,7 +115,7 @@ static int sss_ncache_check_str(struct sss_nc_ctx *ctx, char *str, int ttl) goto done; } - if (timestamp + ttl >= time(NULL)) { + if (timestamp >= time(NULL)) { /* still valid */ ret = EEXIST; goto done; @@ -140,6 +140,7 @@ static int sss_ncache_set_str(struct sss_nc_ctx *ctx, TDB_DATA key; TDB_DATA data; char *timest; + unsigned long long int timell; int ret; ret = string_to_tdb_data(str, &key); @@ -148,8 +149,8 @@ static int sss_ncache_set_str(struct sss_nc_ctx *ctx, if (permanent) { timest = talloc_strdup(ctx, "0"); } else { - timest = talloc_asprintf(ctx, "%llu", - (unsigned long long int)time(NULL)); + timell = (unsigned long long int)time(NULL) + ctx->timeout; + timest = talloc_asprintf(ctx, "%llu", timell); } if (!timest) return ENOMEM; @@ -171,8 +172,8 @@ done: return ret; } -static int sss_ncache_check_user_int(struct sss_nc_ctx *ctx, int ttl, - const char *domain, const char *name) +static int sss_ncache_check_user_int(struct sss_nc_ctx *ctx, const char *domain, + const char *name) { char *str; int ret; @@ -182,13 +183,13 @@ static int sss_ncache_check_user_int(struct sss_nc_ctx *ctx, int ttl, str = talloc_asprintf(ctx, "%s/%s/%s", NC_USER_PREFIX, domain, name); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -static int sss_ncache_check_group_int(struct sss_nc_ctx *ctx, int ttl, +static int sss_ncache_check_group_int(struct sss_nc_ctx *ctx, const char *domain, const char *name) { char *str; @@ -199,13 +200,13 @@ static int sss_ncache_check_group_int(struct sss_nc_ctx *ctx, int ttl, str = talloc_asprintf(ctx, "%s/%s/%s", NC_GROUP_PREFIX, domain, name); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -static int sss_ncache_check_netgr_int(struct sss_nc_ctx *ctx, int ttl, +static int sss_ncache_check_netgr_int(struct sss_nc_ctx *ctx, const char *domain, const char *name) { char *str; @@ -216,14 +217,13 @@ static int sss_ncache_check_netgr_int(struct sss_nc_ctx *ctx, int ttl, str = talloc_asprintf(ctx, "%s/%s/%s", NC_NETGROUP_PREFIX, domain, name); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } static int sss_ncache_check_service_int(struct sss_nc_ctx *ctx, - int ttl, const char *domain, const char *name) { @@ -238,16 +238,16 @@ static int sss_ncache_check_service_int(struct sss_nc_ctx *ctx, name); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -typedef int (*ncache_check_byname_fn_t)(struct sss_nc_ctx *, int, - const char *, const char *); +typedef int (*ncache_check_byname_fn_t)(struct sss_nc_ctx *, const char *, + const char *); -static int sss_cache_check_ent(struct sss_nc_ctx *ctx, int ttl, +static int sss_cache_check_ent(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, const char *name, ncache_check_byname_fn_t checker) { @@ -257,34 +257,31 @@ static int sss_cache_check_ent(struct sss_nc_ctx *ctx, int ttl, if (dom->case_sensitive == false) { lower = sss_tc_utf8_str_tolower(ctx, name); if (!lower) return ENOMEM; - ret = checker(ctx, ttl, dom->name, lower); + ret = checker(ctx, dom->name, lower); talloc_free(lower); } else { - ret = checker(ctx, ttl, dom->name, name); + ret = checker(ctx, dom->name, name); } return ret; } -int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name) +int sss_ncache_check_user(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name) { - return sss_cache_check_ent(ctx, ttl, dom, name, - sss_ncache_check_user_int); + return sss_cache_check_ent(ctx, dom, name, sss_ncache_check_user_int); } -int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name) +int sss_ncache_check_group(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name) { - return sss_cache_check_ent(ctx, ttl, dom, name, - sss_ncache_check_group_int); + return sss_cache_check_ent(ctx, dom, name, sss_ncache_check_group_int); } -int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name) +int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name) { - return sss_cache_check_ent(ctx, ttl, dom, name, - sss_ncache_check_netgr_int); + return sss_cache_check_ent(ctx, dom, name, sss_ncache_check_netgr_int); } static int sss_ncache_set_service_int(struct sss_nc_ctx *ctx, bool permanent, @@ -321,10 +318,8 @@ int sss_ncache_set_service_name(struct sss_nc_ctx *ctx, bool permanent, return ret; } -int sss_ncache_check_service(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, - const char *name, - const char *proto) +int sss_ncache_check_service(struct sss_nc_ctx *ctx,struct sss_domain_info *dom, + const char *name, const char *proto) { int ret; char *service_and_protocol = talloc_asprintf(ctx, "%s:%s", @@ -332,7 +327,7 @@ int sss_ncache_check_service(struct sss_nc_ctx *ctx, int ttl, proto ? proto : "<ANY>"); if (!service_and_protocol) return ENOMEM; - ret = sss_cache_check_ent(ctx, ttl, dom, service_and_protocol, + ret = sss_cache_check_ent(ctx, dom, service_and_protocol, sss_ncache_check_service_int); talloc_free(service_and_protocol); return ret; @@ -355,7 +350,7 @@ int sss_ncache_set_service_port(struct sss_nc_ctx *ctx, bool permanent, return ret; } -int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl, +int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, uint16_t port, const char *proto) @@ -366,7 +361,7 @@ int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl, proto ? proto : "<ANY>"); if (!service_and_protocol) return ENOMEM; - ret = sss_cache_check_ent(ctx, ttl, dom, service_and_protocol, + ret = sss_cache_check_ent(ctx, dom, service_and_protocol, sss_ncache_check_service_int); talloc_free(service_and_protocol); return ret; @@ -374,8 +369,8 @@ int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl, -int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, uid_t uid) +int sss_ncache_check_uid(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + uid_t uid) { char *str; int ret; @@ -388,14 +383,14 @@ int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, } if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, gid_t gid) +int sss_ncache_check_gid(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + gid_t gid) { char *str; int ret; @@ -408,13 +403,13 @@ int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, } if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -int sss_ncache_check_sid(struct sss_nc_ctx *ctx, int ttl, const char *sid) +int sss_ncache_check_sid(struct sss_nc_ctx *ctx, const char *sid) { char *str; int ret; @@ -422,13 +417,13 @@ int sss_ncache_check_sid(struct sss_nc_ctx *ctx, int ttl, const char *sid) str = talloc_asprintf(ctx, "%s/%s", NC_SID_PREFIX, sid); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -int sss_ncache_check_cert(struct sss_nc_ctx *ctx, int ttl, const char *cert) +int sss_ncache_check_cert(struct sss_nc_ctx *ctx, const char *cert) { char *str; int ret; @@ -436,7 +431,7 @@ int sss_ncache_check_cert(struct sss_nc_ctx *ctx, int ttl, const char *cert) str = talloc_asprintf(ctx, "%s/%s", NC_CERT_PREFIX, cert); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; diff --git a/src/responder/common/negcache.h b/src/responder/common/negcache.h index bad8e5109..8c805b24b 100644 --- a/src/responder/common/negcache.h +++ b/src/responder/common/negcache.h @@ -29,24 +29,24 @@ int sss_ncache_init(TALLOC_CTX *memctx, uint32_t timeout, struct sss_nc_ctx **_ctx); /* check if the user is expired according to the passed in time to live */ -int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name); -int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name); -int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name); -int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, uid_t uid); -int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, gid_t gid); -int sss_ncache_check_sid(struct sss_nc_ctx *ctx, int ttl, const char *sid); -int sss_ncache_check_cert(struct sss_nc_ctx *ctx, int ttl, const char *cert); - -int sss_ncache_check_service(struct sss_nc_ctx *ctx, int ttl, +int sss_ncache_check_user(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name); +int sss_ncache_check_group(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name); +int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name); +int sss_ncache_check_uid(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + uid_t uid); +int sss_ncache_check_gid(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + gid_t gid); +int sss_ncache_check_sid(struct sss_nc_ctx *ctx, const char *sid); +int sss_ncache_check_cert(struct sss_nc_ctx *ctx, const char *cert); + +int sss_ncache_check_service(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, const char *name, const char *proto); -int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl, +int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, uint16_t port, const char *proto); diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c index dcb41d363..a9af150f2 100644 --- a/src/responder/common/responder_cache_req.c +++ b/src/responder/common/responder_cache_req.c @@ -529,8 +529,7 @@ cache_req_assume_upn(struct cache_req *cr) } static errno_t cache_req_check_ncache(struct cache_req *cr, - struct sss_nc_ctx *ncache, - int neg_timeout) + struct sss_nc_ctx *ncache) { errno_t ret = ERR_INTERNAL; @@ -542,28 +541,26 @@ static errno_t cache_req_check_ncache(struct cache_req *cr, case CACHE_REQ_USER_BY_UPN: case CACHE_REQ_INITGROUPS: case CACHE_REQ_INITGROUPS_BY_UPN: - ret = sss_ncache_check_user(ncache, neg_timeout, - cr->domain, cr->data->name.lookup); + ret = sss_ncache_check_user(ncache, cr->domain, cr->data->name.lookup); break; case CACHE_REQ_GROUP_BY_NAME: - ret = sss_ncache_check_group(ncache, neg_timeout, - cr->domain, cr->data->name.lookup); + ret = sss_ncache_check_group(ncache, cr->domain, cr->data->name.lookup); break; case CACHE_REQ_USER_BY_ID: - ret = sss_ncache_check_uid(ncache, neg_timeout, NULL, cr->data->id); + ret = sss_ncache_check_uid(ncache, NULL, cr->data->id); break; case CACHE_REQ_GROUP_BY_ID: - ret = sss_ncache_check_gid(ncache, neg_timeout, NULL, cr->data->id); + ret = sss_ncache_check_gid(ncache, NULL, cr->data->id); break; case CACHE_REQ_USER_BY_CERT: - ret = sss_ncache_check_cert(ncache, neg_timeout, cr->data->cert); + ret = sss_ncache_check_cert(ncache, cr->data->cert); break; case CACHE_REQ_USER_BY_FILTER: case CACHE_REQ_GROUP_BY_FILTER: ret = EOK; break; case CACHE_REQ_OBJECT_BY_SID: - ret = sss_ncache_check_sid(ncache, neg_timeout, cr->data->sid); + ret = sss_ncache_check_sid(ncache, cr->data->sid); break; } @@ -937,8 +934,7 @@ static struct tevent_req *cache_req_cache_send(TALLOC_CTX *mem_ctx, state->cr = cr; /* Check negative cache first. */ - ret = cache_req_check_ncache(state->cr, state->ncache, - state->neg_timeout); + ret = cache_req_check_ncache(state->cr, state->ncache); if (ret == EEXIST) { ret = ENOENT; goto immediately; diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index e8c4d0e1c..30daf4bc5 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -408,9 +408,7 @@ static int fill_pwent(struct sss_packet *packet, } if (filter_users) { - ncret = sss_ncache_check_user(nctx->ncache, - nctx->neg_timeout, - dom, orig_name); + ncret = sss_ncache_check_user(nctx->ncache, dom, orig_name); if (ncret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "User [%s@%s] filtered out! (negative cache)\n", @@ -1009,8 +1007,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) /* verify this user has not yet been negatively cached, * or has been permanently filtered */ - ret = sss_ncache_check_user(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_user(nctx->ncache, dom, name); /* if neg cached, return we didn't find it */ if (ret == EEXIST) { @@ -1950,8 +1947,7 @@ static int nss_cmd_getbyid(enum sss_cli_command cmd, struct cli_ctx *cctx) switch(dctx->cmdctx->cmd) { case SSS_NSS_GETPWUID: - ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, NULL, - cmdctx->id); + ret = sss_ncache_check_uid(nctx->ncache, NULL, cmdctx->id); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "Uid [%"PRIu32"] does not exist! (negative cache)\n", @@ -1961,8 +1957,7 @@ static int nss_cmd_getbyid(enum sss_cli_command cmd, struct cli_ctx *cctx) } break; case SSS_NSS_GETGRGID: - ret = sss_ncache_check_gid(nctx->ncache, nctx->neg_timeout, NULL, - cmdctx->id); + ret = sss_ncache_check_gid(nctx->ncache, NULL, cmdctx->id); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "Gid [%"PRIu32"] does not exist! (negative cache)\n", @@ -1972,11 +1967,9 @@ static int nss_cmd_getbyid(enum sss_cli_command cmd, struct cli_ctx *cctx) } break; case SSS_NSS_GETSIDBYID: - ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, NULL, - cmdctx->id); + ret = sss_ncache_check_uid(nctx->ncache, NULL, cmdctx->id); if (ret != EEXIST) { - ret = sss_ncache_check_gid(nctx->ncache, nctx->neg_timeout, - NULL, cmdctx->id); + ret = sss_ncache_check_gid(nctx->ncache, NULL, cmdctx->id); } if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, @@ -2830,9 +2823,7 @@ static int fill_members(struct sss_packet *packet, } if (nctx->filter_users_in_groups) { - ret = sss_ncache_check_user(nctx->ncache, - nctx->neg_timeout, - dom, tmpstr); + ret = sss_ncache_check_user(nctx->ncache, dom, tmpstr); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "Group [%s] member [%s@%s] filtered out!" @@ -2988,8 +2979,7 @@ static int fill_grent(struct sss_packet *packet, } if (filter_groups) { - ret = sss_ncache_check_group(nctx->ncache, - nctx->neg_timeout, dom, orig_name); + ret = sss_ncache_check_group(nctx->ncache, dom, orig_name); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "Group [%s@%s] filtered out! (negative cache)\n", @@ -3226,8 +3216,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) /* verify this group has not yet been negatively cached, * or has been permanently filtered */ - ret = sss_ncache_check_group(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_group(nctx->ncache, dom, name); /* if neg cached, return we didn't find it */ if (ret == EEXIST) { @@ -4344,8 +4333,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) /* verify this user has not yet been negatively cached, * or has been permanently filtered */ - ret = sss_ncache_check_user(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_user(nctx->ncache, dom, name); /* if neg cached, return we didn't find it */ if (ret == EEXIST) { @@ -4554,11 +4542,9 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) DEBUG(SSSDBG_TRACE_FUNC, "Requesting info for [%"PRIu32"@%s]\n", cmdctx->id, dom->name); - ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, dom, - cmdctx->id); + ret = sss_ncache_check_uid(nctx->ncache, dom, cmdctx->id); if (ret == EEXIST) { - ret = sss_ncache_check_gid(nctx->ncache, nctx->neg_timeout, dom, - cmdctx->id); + ret = sss_ncache_check_gid(nctx->ncache, dom, cmdctx->id); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "ID [%"PRIu32"] does not exist in [%s]! (negative cache)\n", @@ -4609,12 +4595,10 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) /* verify this name has not yet been negatively cached, as user * and groupm, or has been permanently filtered */ - ret = sss_ncache_check_user(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_user(nctx->ncache, dom, name); if (ret == EEXIST) { - ret = sss_ncache_check_group(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_group(nctx->ncache, dom, name); if (ret == EEXIST) { /* if neg cached, return we didn't find it */ DEBUG(SSSDBG_TRACE_FUNC, @@ -4854,7 +4838,7 @@ static errno_t nss_cmd_getbysid_search(struct nss_dom_ctx *dctx) /* verify this user has not yet been negatively cached, * or has been permanently filtered */ - ret = sss_ncache_check_sid(nctx->ncache, nctx->neg_timeout, cmdctx->secid); + ret = sss_ncache_check_sid(nctx->ncache, cmdctx->secid); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "SID [%s] does not exist! (negative cache)\n", cmdctx->secid); diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c index a9fdeb6c9..213d2926b 100644 --- a/src/responder/nss/nsssrv_services.c +++ b/src/responder/nss/nsssrv_services.c @@ -174,11 +174,8 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If we're looking up by name */ if (service_name) { /* Check the negative cache */ - ret = sss_ncache_check_service(nctx->ncache, - nctx->neg_timeout, - dom, - SVC_NAME_CASED, - SVC_PROTO_CASED); + ret = sss_ncache_check_service(nctx->ncache, dom, + SVC_NAME_CASED, SVC_PROTO_CASED); /* If negatively cached, return we didn't find it */ if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, @@ -216,10 +213,8 @@ getserv_send(TALLOC_CTX *mem_ctx, &state->res); } else { /* Looking up by port */ /* Check the negative cache */ - ret = sss_ncache_check_service_port(nctx->ncache, - nctx->neg_timeout, - dom, port, - SVC_PROTO_CASED); + ret = sss_ncache_check_service_port(nctx->ncache, dom, port, + SVC_PROTO_CASED); /* If negatively cached, return we didn't find it */ if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index d86807e79..fb0cbbbea 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -1142,8 +1142,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) goto done; } - ncret = sss_ncache_check_user(pctx->ncache, pctx->neg_timeout, - preq->domain, pd->user); + ncret = sss_ncache_check_user(pctx->ncache, preq->domain, pd->user); if (ncret == EEXIST) { /* User found in the negative cache */ ret = ENOENT; @@ -1155,8 +1154,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) dom = get_next_domain(dom, 0)) { if (dom->fqnames) continue; - ncret = sss_ncache_check_user(pctx->ncache, pctx->neg_timeout, - dom, pd->user); + ncret = sss_ncache_check_user(pctx->ncache, dom, pd->user); if (ncret == ENOENT) { /* User not found in the negative cache * Proceed with PAM actions diff --git a/src/tests/cmocka/test_negcache.c b/src/tests/cmocka/test_negcache.c index fcd30fbf0..e764c511c 100644 --- a/src/tests/cmocka/test_negcache.c +++ b/src/tests/cmocka/test_negcache.c @@ -47,7 +47,6 @@ #define SID "S-1-2-3-4-5" #define CERT "MIIECTCCAvGgAwIBAgIBCTANBgkqhkiG9w0BAQsFADA0MRIwEAYDVQQKDAlJUEEuREVWRUwxHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNTA0MjgxMDIxMTFaFw0xNzA0MjgxMDIxMTFaMDIxEjAQBgNVBAoMCUlQQS5ERVZFTDEcMBoGA1UEAwwTaXBhLWRldmVsLmlwYS5kZXZlbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALIykqtHuAwTVEofHikG/9BQy/dfeZFlsTkBg2qtnnc78w3XufbcnkpJp9Bmcsy/d9beqf5nlsxJ8TcjLsRQ9Ou6YtQjTfM3OILuOz8s0ICbF6qb66bd9hX/BrLO/9+KnpWFSR+E/YEmzgYyDTbKfBWBaGuPPrOi/K6vwkRYFZVA/FYZkYDtQhFmBO884HYzS4P6frRH3PvtRqWNCmaHpe97dGKsvnM2ybT+IMSB8/54GajQr3+BciRh2XaT4wvSTxkXM1fUgrDxqAP2AZmpuIyDyboZh+rWOwbrTPfx5SipELZG3uHhP8HMcr4qQ8b20LWgxCRuT73sIooHET350xUCAwEAAaOCASYwggEiMB8GA1UdIwQYMBaAFPKdQk4PxEglWC8czg+hPyLIVciRMDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL2lwYS1jYS5pcGEuZGV2ZWwvY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHQGA1UdHwRtMGswaaAxoC+GLWh0dHA6Ly9pcGEtY2EuaXBhLmRldmVsL2lwYS9jcmwvTWFzdGVyQ1JMLmJpbqI0pDIwMDEOMAwGA1UECgwFaXBhY2ExHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTAdBgNVHQ4EFgQULSs/y/Wy/zIsqMIc3b2MgB7dMYIwDQYJKoZIhvcNAQELBQADggEBAJpHLlCnTR1TD8lxQgzl2n1JZOeryN/fAsGH0Vve2m8r5PC+ugnfAoULiuabBn1pOGxy/0x7Kg0/Iy8WRv8Fk7DqJCjXEqFXuFkZJfNDCtP9DzeNuMoV50iKoMfHS38BPFjXN+X/fSsBrA2fUWrlQCTmXlUN97gvQqxt5Slrxgukvxm9OSfu/sWz22LUvtJHupYwWv1iALgnXS86lAuVNYVALLxn34r58XsZlj5CSBMjBJWpaxEzgUdag3L2IPqOQXuPd0d8x11G9E/9gQquOSe2aiZjsdO/VYOCmzZsM2QPUMBVlBPDhfTVcWXQwN385uycW/ARtSzzSME2jKKWSIQ=" #define PROTO "TCP" -#define LIFETIME 200 #define SHORTSPAN 1 #define NAME "foo_name" #define TESTS_PATH "tp_" BASE_FILE_STEM @@ -150,17 +149,16 @@ static void test_sss_ncache_init(void **state) static void test_sss_ncache_uid(void **state) { uid_t uid; - int ret, ttl; + int ret; bool permanent; struct test_state *ts; - ttl = LIFETIME; uid = getuid(); ts = talloc_get_type_abort(*state, struct test_state); /* test when uid not present in database */ - ret = sss_ncache_check_uid(ts->ctx, ttl, NULL, uid); + ret = sss_ncache_check_uid(ts->ctx, NULL, uid); assert_int_equal(ret, ENOENT); /* test when uid is present in database */ @@ -172,19 +170,18 @@ static void test_sss_ncache_uid(void **state) ret = sss_ncache_set_uid(ts->ctx, permanent, NULL, uid); assert_int_equal(ret, EOK); - ret = sss_ncache_check_uid(ts->ctx, ttl, NULL, uid); + ret = sss_ncache_check_uid(ts->ctx, NULL, uid); assert_int_equal(ret, EEXIST); - ttl = SHORTSPAN; ret = sss_ncache_set_uid(ts->ctx, permanent, NULL, uid); assert_int_equal(ret, EOK); - ret = sss_ncache_check_uid(ts->ctx, ttl, NULL, uid); + ret = sss_ncache_check_uid(ts->ctx, NULL, uid); assert_int_equal(ret, EEXIST); sleep(SHORTSPAN + 1); - ret = sss_ncache_check_uid(ts->ctx, ttl, NULL, uid); + ret = sss_ncache_check_uid(ts->ctx, NULL, uid); assert_int_equal(ret, EEXIST); permanent = false; @@ -192,12 +189,12 @@ static void test_sss_ncache_uid(void **state) ret = sss_ncache_set_uid(ts->ctx, permanent, NULL, uid); assert_int_equal(ret, EOK); - ret = sss_ncache_check_uid(ts->ctx, ttl, NULL, uid); + ret = sss_ncache_check_uid(ts->ctx, NULL, uid); assert_int_equal(ret, EEXIST); sleep(SHORTSPAN + 1); - ret = sss_ncache_check_uid(ts->ctx, ttl, NULL, uid); + ret = sss_ncache_check_uid(ts->ctx, NULL, uid); assert_int_equal(ret, ENOENT); ret = sss_ncache_set_uid(ts->ctx, permanent, NULL, uid); @@ -211,16 +208,15 @@ static void test_sss_ncache_uid(void **state) static void test_sss_ncache_gid(void **state) { gid_t gid; - int ret, ttl; + int ret; bool permanent; struct test_state *ts; - ttl = LIFETIME; gid = getgid(); ts = talloc_get_type_abort(*state, struct test_state); /* test when gid is not present in database */ - ret = sss_ncache_check_gid(ts->ctx, ttl, NULL, gid); + ret = sss_ncache_check_gid(ts->ctx, NULL, gid); assert_int_equal(ret, ENOENT); /* test when gid is present in database */ @@ -228,14 +224,14 @@ static void test_sss_ncache_gid(void **state) ret = sss_ncache_set_gid(ts->ctx, permanent, NULL, gid); assert_int_equal(ret, EOK); - ret = sss_ncache_check_gid(ts->ctx, ttl, NULL, gid); + ret = sss_ncache_check_gid(ts->ctx, NULL, gid); assert_int_equal(ret, EEXIST); permanent = false; ret = sss_ncache_set_gid(ts->ctx, permanent, NULL, gid); assert_int_equal(ret, EOK); - ret = sss_ncache_check_gid(ts->ctx, ttl, NULL, gid); + ret = sss_ncache_check_gid(ts->ctx, NULL, gid); assert_int_equal(ret, EEXIST); } @@ -246,17 +242,16 @@ static void test_sss_ncache_gid(void **state) */ static void test_sss_ncache_sid(void **state) { - int ret, ttl; + int ret; bool permanent; const char *sid = NULL; struct test_state *ts; - ttl = LIFETIME; sid = SID; ts = talloc_get_type_abort(*state, struct test_state); /*test when sid in not present in database */ - ret = sss_ncache_check_sid(ts->ctx, ttl, sid); + ret = sss_ncache_check_sid(ts->ctx, sid); assert_int_equal(ret, ENOENT); /* test when sid is present in database */ @@ -264,14 +259,14 @@ static void test_sss_ncache_sid(void **state) ret = sss_ncache_set_sid(ts->ctx, permanent, sid); assert_int_equal(ret, EOK); - ret = sss_ncache_check_sid(ts->ctx, ttl, sid); + ret = sss_ncache_check_sid(ts->ctx, sid); assert_int_equal(ret, EEXIST); permanent = false; ret = sss_ncache_set_sid(ts->ctx, permanent, sid); assert_int_equal(ret, EOK); - ret = sss_ncache_check_sid(ts->ctx, ttl, sid); + ret = sss_ncache_check_sid(ts->ctx, sid); assert_int_equal(ret, EEXIST); } @@ -281,17 +276,16 @@ static void test_sss_ncache_sid(void **state) */ static void test_sss_ncache_cert(void **state) { - int ret, ttl; + int ret; bool permanent; const char *cert = NULL; struct test_state *ts; - ttl = LIFETIME; cert = CERT; ts = talloc_get_type_abort(*state, struct test_state); /*test when cert in not present in database */ - ret = sss_ncache_check_cert(ts->ctx, ttl, cert); + ret = sss_ncache_check_cert(ts->ctx, cert); assert_int_equal(ret, ENOENT); /* test when cert is present in database */ @@ -299,14 +293,14 @@ static void test_sss_ncache_cert(void **state) ret = sss_ncache_set_cert(ts->ctx, permanent, cert); assert_int_equal(ret, EOK); - ret = sss_ncache_check_cert(ts->ctx, ttl, cert); + ret = sss_ncache_check_cert(ts->ctx, cert); assert_int_equal(ret, EEXIST); permanent = false; ret = sss_ncache_set_cert(ts->ctx, permanent, cert); assert_int_equal(ret, EOK); - ret = sss_ncache_check_cert(ts->ctx, ttl, cert); + ret = sss_ncache_check_cert(ts->ctx, cert); assert_int_equal(ret, EEXIST); } @@ -316,24 +310,23 @@ static void test_sss_ncache_cert(void **state) */ static void test_sss_ncache_user(void **state) { - int ret, ttl; + int ret; bool permanent; const char *name = NAME; struct test_state *ts; struct sss_domain_info *dom; - ttl = LIFETIME; ts = talloc_get_type_abort(*state, struct test_state); dom = talloc(ts, struct sss_domain_info); dom->name = discard_const_p(char, TEST_DOM_NAME); /* test when domain name is not present in database */ dom->case_sensitive = false; - ret = sss_ncache_check_user(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_user(ts->ctx, dom, name); assert_int_equal(ret, ENOENT); dom->case_sensitive = true; - ret = sss_ncache_check_user(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_user(ts->ctx, dom, name); assert_int_equal(ret, ENOENT); /* test when domain name is present in database */ @@ -341,14 +334,14 @@ static void test_sss_ncache_user(void **state) ret = sss_ncache_set_user(ts->ctx, permanent, dom, name); assert_int_equal(ret, EOK); - ret = sss_ncache_check_user(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_user(ts->ctx, dom, name); assert_int_equal(ret, EEXIST); permanent = false; ret = sss_ncache_set_user(ts->ctx, permanent, dom, name); assert_int_equal(ret, EOK); - ret = sss_ncache_check_user(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_user(ts->ctx, dom, name); assert_int_equal(ret, EEXIST); } @@ -358,24 +351,23 @@ static void test_sss_ncache_user(void **state) */ static void test_sss_ncache_group(void **state) { - int ret, ttl; + int ret; bool permanent; const char *name = NAME; struct test_state *ts; struct sss_domain_info *dom; - ttl = LIFETIME; ts = talloc_get_type_abort(*state, struct test_state); dom = talloc(ts, struct sss_domain_info); dom->name = discard_const_p(char, TEST_DOM_NAME); /* test when domain name is not present in database */ dom->case_sensitive = false; - ret = sss_ncache_check_group(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_group(ts->ctx, dom, name); assert_int_equal(ret, ENOENT); dom->case_sensitive = true; - ret = sss_ncache_check_group(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_group(ts->ctx, dom, name); assert_int_equal(ret, ENOENT); /* test when domain name is present in database */ @@ -383,14 +375,14 @@ static void test_sss_ncache_group(void **state) ret = sss_ncache_set_group(ts->ctx, permanent, dom, name); assert_int_equal(ret, EOK); - ret = sss_ncache_check_group(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_group(ts->ctx, dom, name); assert_int_equal(ret, EEXIST); permanent = false; ret = sss_ncache_set_group(ts->ctx, permanent, dom, name); assert_int_equal(ret, EOK); - ret = sss_ncache_check_group(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_group(ts->ctx, dom, name); assert_int_equal(ret, EEXIST); } @@ -400,24 +392,23 @@ static void test_sss_ncache_group(void **state) */ static void test_sss_ncache_netgr(void **state) { - int ret, ttl; + int ret; bool permanent; const char *name = NAME; struct test_state *ts; struct sss_domain_info *dom; - ttl = LIFETIME; ts = talloc_get_type_abort(*state, struct test_state); dom = talloc(ts, struct sss_domain_info); dom->name = discard_const_p(char, TEST_DOM_NAME); /* test when domain name is not present in database */ dom->case_sensitive = false; - ret = sss_ncache_check_netgr(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_netgr(ts->ctx, dom, name); assert_int_equal(ret, ENOENT); dom->case_sensitive = true; - ret = sss_ncache_check_netgr(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_netgr(ts->ctx, dom, name); assert_int_equal(ret, ENOENT); /* test when domain name is present in database */ @@ -425,14 +416,14 @@ static void test_sss_ncache_netgr(void **state) ret = sss_ncache_set_netgr(ts->ctx, permanent, dom, name); assert_int_equal(ret, EOK); - ret = sss_ncache_check_netgr(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_netgr(ts->ctx, dom, name); assert_int_equal(ret, EEXIST); permanent = false; ret = sss_ncache_set_netgr(ts->ctx, permanent, dom, name); assert_int_equal(ret, EOK); - ret = sss_ncache_check_netgr(ts->ctx, ttl, dom, name); + ret = sss_ncache_check_netgr(ts->ctx, dom, name); assert_int_equal(ret, EEXIST); } @@ -442,24 +433,23 @@ static void test_sss_ncache_netgr(void **state) */ static void test_sss_ncache_service_name(void **state) { - int ret, ttl; + int ret; bool permanent; const char *name = NAME; struct test_state *ts; struct sss_domain_info *dom; - ttl = LIFETIME; ts = talloc_get_type_abort(*state, struct test_state); dom = talloc(ts, struct sss_domain_info); dom->name = discard_const_p(char, TEST_DOM_NAME); /* test when domain name and protocol are not present in database */ dom->case_sensitive = false; - ret = sss_ncache_check_service(ts->ctx, ttl, dom, name, PROTO); + ret = sss_ncache_check_service(ts->ctx, dom, name, PROTO); assert_int_equal(ret, ENOENT); dom->case_sensitive = true; - ret = sss_ncache_check_service(ts->ctx, ttl, dom, name, PROTO); + ret = sss_ncache_check_service(ts->ctx, dom, name, PROTO); assert_int_equal(ret, ENOENT); /* test when domain name and protocol are present in database */ @@ -467,14 +457,14 @@ static void test_sss_ncache_service_name(void **state) ret = sss_ncache_set_service_name(ts->ctx, permanent, dom, name, PROTO); assert_int_equal(ret, EOK); - ret = sss_ncache_check_service(ts->ctx, ttl, dom, name, PROTO); + ret = sss_ncache_check_service(ts->ctx, dom, name, PROTO); assert_int_equal(ret, EEXIST); permanent = false; ret = sss_ncache_set_service_name(ts->ctx, permanent, dom, name, PROTO); assert_int_equal(ret, EOK); - ret = sss_ncache_check_service(ts->ctx, ttl, dom, name, PROTO); + ret = sss_ncache_check_service(ts->ctx, dom, name, PROTO); assert_int_equal(ret, EEXIST); } @@ -484,24 +474,23 @@ static void test_sss_ncache_service_name(void **state) */ static void test_sss_ncache_service_port(void **state) { - int ret, ttl; + int ret; bool permanent; struct test_state *ts; struct sss_domain_info *dom; - ttl = LIFETIME; ts = talloc_get_type_abort(*state, struct test_state); dom = talloc(ts, struct sss_domain_info); dom->name = discard_const_p(char, TEST_DOM_NAME); /* test when domain name, port and protocol are not present in database */ dom->case_sensitive = false; - ret = sss_ncache_check_service_port(ts->ctx, ttl, dom, (uint16_t)PORT, + ret = sss_ncache_check_service_port(ts->ctx, dom, (uint16_t)PORT, PROTO); assert_int_equal(ret, ENOENT); dom->case_sensitive = true; - ret = sss_ncache_check_service_port(ts->ctx, ttl, dom, (uint16_t)PORT, + ret = sss_ncache_check_service_port(ts->ctx, dom, (uint16_t)PORT, PROTO); assert_int_equal(ret, ENOENT); @@ -511,7 +500,7 @@ static void test_sss_ncache_service_port(void **state) PROTO); assert_int_equal(ret, EOK); - ret = sss_ncache_check_service_port(ts->ctx, ttl, dom, (uint16_t)PORT, + ret = sss_ncache_check_service_port(ts->ctx, dom, (uint16_t)PORT, PROTO); assert_int_equal(ret, EEXIST); @@ -520,7 +509,7 @@ static void test_sss_ncache_service_port(void **state) PROTO); assert_int_equal(ret, EOK); - ret = sss_ncache_check_service_port(ts->ctx, ttl, dom, (uint16_t)PORT, + ret = sss_ncache_check_service_port(ts->ctx, dom, (uint16_t)PORT, PROTO); assert_int_equal(ret, EEXIST); } @@ -537,13 +526,13 @@ static void test_sss_ncache_reset_permanent(void **state) ret = sss_ncache_set_uid(ts->ctx, permanent, NULL, 0); assert_int_equal(ret, EOK); - ret = sss_ncache_check_uid(ts->ctx, 0, NULL, 0); + ret = sss_ncache_check_uid(ts->ctx, NULL, 0); assert_int_equal(ret, EEXIST); ret = sss_ncache_reset_permanent(ts->ctx); assert_int_equal(ret, EOK); - ret = sss_ncache_check_uid(ts->ctx, 0, NULL, 0); + ret = sss_ncache_check_uid(ts->ctx, NULL, 0); assert_int_equal(ret, ENOENT); } @@ -590,28 +579,28 @@ static void test_sss_ncache_prepopulate(void **state) sleep(SHORTSPAN); - ret = sss_ncache_check_user(ncache, 1, dom, "testuser1"); + ret = sss_ncache_check_user(ncache, dom, "testuser1"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_group(ncache, 1, dom, "testgroup1"); + ret = sss_ncache_check_group(ncache, dom, "testgroup1"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_user(ncache, 1, dom, "testuser2"); + ret = sss_ncache_check_user(ncache, dom, "testuser2"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_group(ncache, 1, dom, "testgroup2"); + ret = sss_ncache_check_group(ncache, dom, "testgroup2"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_user(ncache, 1, dom, "testuser3"); + ret = sss_ncache_check_user(ncache, dom, "testuser3"); assert_int_equal(ret, ENOENT); - ret = sss_ncache_check_group(ncache, 1, dom, "testgroup3"); + ret = sss_ncache_check_group(ncache, dom, "testgroup3"); assert_int_equal(ret, ENOENT); - ret = sss_ncache_check_user(ncache, 1, dom, "testuser3@somedomain"); + ret = sss_ncache_check_user(ncache, dom, "testuser3@somedomain"); assert_int_equal(ret, ENOENT); - ret = sss_ncache_check_group(ncache, 1, dom, "testgroup3@somedomain"); + ret = sss_ncache_check_group(ncache, dom, "testgroup3@somedomain"); assert_int_equal(ret, ENOENT); } @@ -657,22 +646,22 @@ static void test_sss_ncache_default_domain_suffix(void **state) ret = sss_ncache_prepopulate(ncache, tc->confdb, ts->rctx); assert_int_equal(ret, EOK); - ret = sss_ncache_check_user(ncache, 1, dom, "testuser1"); + ret = sss_ncache_check_user(ncache, dom, "testuser1"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_group(ncache, 1, dom, "testgroup1"); + ret = sss_ncache_check_group(ncache, dom, "testgroup1"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_user(ncache, 1, dom, "testuser2"); + ret = sss_ncache_check_user(ncache, dom, "testuser2"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_group(ncache, 1, dom, "testgroup2"); + ret = sss_ncache_check_group(ncache, dom, "testgroup2"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_user(ncache, 1, dom, "testuser3"); + ret = sss_ncache_check_user(ncache, dom, "testuser3"); assert_int_equal(ret, ENOENT); - ret = sss_ncache_check_group(ncache, 1, dom, "testgroup3"); + ret = sss_ncache_check_group(ncache, dom, "testgroup3"); assert_int_equal(ret, ENOENT); } @@ -740,32 +729,32 @@ static void test_sss_ncache_reset_prepopulate(void **state) dom2->names = dom->names; /* First domain should not be known, the second not */ - ret = sss_ncache_check_user(ncache, 1, dom, "testuser1"); + ret = sss_ncache_check_user(ncache, dom, "testuser1"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_group(ncache, 1, dom, "testgroup1"); + ret = sss_ncache_check_group(ncache, dom, "testgroup1"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_user(ncache, 1, dom2, "testuser2"); + ret = sss_ncache_check_user(ncache, dom2, "testuser2"); assert_int_equal(ret, ENOENT); - ret = sss_ncache_check_group(ncache, 1, dom2, "testgroup2"); + ret = sss_ncache_check_group(ncache, dom2, "testgroup2"); assert_int_equal(ret, ENOENT); ret = sss_ncache_reset_repopulate_permanent(ts->rctx, ncache); assert_int_equal(ret, EOK); /* First domain should not be known, the second not */ - ret = sss_ncache_check_user(ncache, 1, dom, "testuser1"); + ret = sss_ncache_check_user(ncache, dom, "testuser1"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_group(ncache, 1, dom, "testgroup1"); + ret = sss_ncache_check_group(ncache, dom, "testgroup1"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_user(ncache, 1, dom2, "testuser2"); + ret = sss_ncache_check_user(ncache, dom2, "testuser2"); assert_int_equal(ret, EEXIST); - ret = sss_ncache_check_group(ncache, 1, dom2, "testgroup2"); + ret = sss_ncache_check_group(ncache, dom2, "testgroup2"); assert_int_equal(ret, EEXIST); } int main(void) |