NCACHE: Store FQDNs internaly, check for shortnames in files

When storing users and groups by their name in the negative cache, store them fully qualfied so that the responder only has to track the name in the internal format once the input is converted. Reviewed-by: Sumit Bose <sbose@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2016-06-19 19:54:50 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2016-07-07 10:25:57 +0200
commit: 27bf39ed3e197497cf4aca58038d788ea5b5ddbc (patch)
tree: 004c1ff348b90ff519f60047bdd4a72cbcda16ba /src/responder/common/negcache.c
parent: e43929e2cebc3140b550fb6305ba42b8465efc59 (diff)
download: sssd-27bf39ed3e197497cf4aca58038d788ea5b5ddbc.tar.gz
sssd-27bf39ed3e197497cf4aca58038d788ea5b5ddbc.tar.xz
sssd-27bf39ed3e197497cf4aca58038d788ea5b5ddbc.zip
1 files changed, 47 insertions, 6 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c
index 025455238..dfeb0d483 100644
--- a/src/responder/common/negcache.c
+++ b/src/responder/common/negcache.c
@@ -679,6 +679,11 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
     char *conf_path = NULL;
     TALLOC_CTX *tmpctx = talloc_new(NULL);
     int i;
+    char *fqname = NULL;
+
+    if (tmpctx == NULL) {
+        return ENOMEM;
+    }
 
     /* Populate domain-specific negative cache entries */
     for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) {
@@ -721,7 +726,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
                 continue;
             }
 
-            ret = sss_ncache_set_user(ncache, true, dom, name);
+            fqname = sss_create_internal_fqname(tmpctx, name, dom->name);
+            if (fqname == NULL) {
+                continue;
+            }
+
+            ret = sss_ncache_set_user(ncache, true, dom, fqname);
+            talloc_zfree(fqname);
             if (ret != EOK) {
                 DEBUG(SSSDBG_CRIT_FAILURE,
                       "Failed to store permanent user filter for [%s]"
@@ -773,7 +784,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
                 continue;
             }
 
-            ret = sss_ncache_set_user(ncache, true, dom, name);
+            fqname = sss_create_internal_fqname(tmpctx, name, dom->name);
+            if (fqname == NULL) {
+                continue;
+            }
+
+            ret = sss_ncache_set_user(ncache, true, dom, fqname);
+            talloc_zfree(fqname);
             if (ret != EOK) {
                 DEBUG(SSSDBG_CRIT_FAILURE,
                       "Failed to store permanent user filter for [%s]"
@@ -783,7 +800,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
             }
         } else {
             for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) {
-                ret = sss_ncache_set_user(ncache, true, dom, name);
+                fqname = sss_create_internal_fqname(tmpctx, name, dom->name);
+                if (fqname == NULL) {
+                    continue;
+                }
+
+                ret = sss_ncache_set_user(ncache, true, dom, fqname);
+                talloc_zfree(fqname);
                 if (ret != EOK) {
                    DEBUG(SSSDBG_CRIT_FAILURE,
                          "Failed to store permanent user filter for"
@@ -829,7 +852,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
                 continue;
             }
 
-            ret = sss_ncache_set_group(ncache, true, dom, name);
+            fqname = sss_create_internal_fqname(tmpctx, name, dom->name);
+            if (fqname == NULL) {
+                continue;
+            }
+
+            ret = sss_ncache_set_group(ncache, true, dom, fqname);
+            talloc_zfree(fqname);
             if (ret != EOK) {
                 DEBUG(SSSDBG_CRIT_FAILURE,
                       "Failed to store permanent group filter for [%s]"
@@ -881,7 +910,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
                 continue;
             }
 
-            ret = sss_ncache_set_group(ncache, true, dom, name);
+            fqname = sss_create_internal_fqname(tmpctx, name, dom->name);
+            if (fqname == NULL) {
+                continue;
+            }
+
+            ret = sss_ncache_set_group(ncache, true, dom, fqname);
+            talloc_zfree(fqname);
             if (ret != EOK) {
                 DEBUG(SSSDBG_CRIT_FAILURE,
                       "Failed to store permanent group filter for"
@@ -891,7 +926,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache,
             }
         } else {
             for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) {
-                ret = sss_ncache_set_group(ncache, true, dom, name);
+                fqname = sss_create_internal_fqname(tmpctx, name, dom->name);
+                if (fqname == NULL) {
+                    continue;
+                }
+
+                ret = sss_ncache_set_group(ncache, true, dom, fqname);
+                talloc_zfree(fqname);
                 if (ret != EOK) {
                    DEBUG(SSSDBG_CRIT_FAILURE,
                          "Failed to store permanent group filter for"
author	Jakub Hrozek <jhrozek@redhat.com>	2016-06-19 19:54:50 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2016-07-07 10:25:57 +0200
commit	27bf39ed3e197497cf4aca58038d788ea5b5ddbc (patch)
tree	004c1ff348b90ff519f60047bdd4a72cbcda16ba /src/responder/common/negcache.c
parent	e43929e2cebc3140b550fb6305ba42b8465efc59 (diff)
download	sssd-27bf39ed3e197497cf4aca58038d788ea5b5ddbc.tar.gz sssd-27bf39ed3e197497cf4aca58038d788ea5b5ddbc.tar.xz sssd-27bf39ed3e197497cf4aca58038d788ea5b5ddbc.zip