diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2016-06-19 19:54:50 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-07-07 10:25:57 +0200 |
commit | 27bf39ed3e197497cf4aca58038d788ea5b5ddbc (patch) | |
tree | 004c1ff348b90ff519f60047bdd4a72cbcda16ba /src/responder/common/negcache.c | |
parent | e43929e2cebc3140b550fb6305ba42b8465efc59 (diff) | |
download | sssd-27bf39ed3e197497cf4aca58038d788ea5b5ddbc.tar.gz sssd-27bf39ed3e197497cf4aca58038d788ea5b5ddbc.tar.xz sssd-27bf39ed3e197497cf4aca58038d788ea5b5ddbc.zip |
NCACHE: Store FQDNs internaly, check for shortnames in files
When storing users and groups by their name in the negative cache, store
them fully qualfied so that the responder only has to track the name in
the internal format once the input is converted.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src/responder/common/negcache.c')
-rw-r--r-- | src/responder/common/negcache.c | 53 |
1 files changed, 47 insertions, 6 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index 025455238..dfeb0d483 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -679,6 +679,11 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, char *conf_path = NULL; TALLOC_CTX *tmpctx = talloc_new(NULL); int i; + char *fqname = NULL; + + if (tmpctx == NULL) { + return ENOMEM; + } /* Populate domain-specific negative cache entries */ for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { @@ -721,7 +726,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } - ret = sss_ncache_set_user(ncache, true, dom, name); + fqname = sss_create_internal_fqname(tmpctx, name, dom->name); + if (fqname == NULL) { + continue; + } + + ret = sss_ncache_set_user(ncache, true, dom, fqname); + talloc_zfree(fqname); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Failed to store permanent user filter for [%s]" @@ -773,7 +784,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } - ret = sss_ncache_set_user(ncache, true, dom, name); + fqname = sss_create_internal_fqname(tmpctx, name, dom->name); + if (fqname == NULL) { + continue; + } + + ret = sss_ncache_set_user(ncache, true, dom, fqname); + talloc_zfree(fqname); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Failed to store permanent user filter for [%s]" @@ -783,7 +800,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, } } else { for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { - ret = sss_ncache_set_user(ncache, true, dom, name); + fqname = sss_create_internal_fqname(tmpctx, name, dom->name); + if (fqname == NULL) { + continue; + } + + ret = sss_ncache_set_user(ncache, true, dom, fqname); + talloc_zfree(fqname); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Failed to store permanent user filter for" @@ -829,7 +852,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } - ret = sss_ncache_set_group(ncache, true, dom, name); + fqname = sss_create_internal_fqname(tmpctx, name, dom->name); + if (fqname == NULL) { + continue; + } + + ret = sss_ncache_set_group(ncache, true, dom, fqname); + talloc_zfree(fqname); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Failed to store permanent group filter for [%s]" @@ -881,7 +910,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, continue; } - ret = sss_ncache_set_group(ncache, true, dom, name); + fqname = sss_create_internal_fqname(tmpctx, name, dom->name); + if (fqname == NULL) { + continue; + } + + ret = sss_ncache_set_group(ncache, true, dom, fqname); + talloc_zfree(fqname); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Failed to store permanent group filter for" @@ -891,7 +926,13 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, } } else { for (dom = domain_list; dom; dom = get_next_domain(dom, 0)) { - ret = sss_ncache_set_group(ncache, true, dom, name); + fqname = sss_create_internal_fqname(tmpctx, name, dom->name); + if (fqname == NULL) { + continue; + } + + ret = sss_ncache_set_group(ncache, true, dom, fqname); + talloc_zfree(fqname); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Failed to store permanent group filter for" |