diff options
author | Petr Cech <pcech@redhat.com> | 2016-04-22 06:39:11 -0400 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-05-11 12:49:51 +0200 |
commit | 0393f0d44ac92035de29a8bc8b2005db6d90b640 (patch) | |
tree | 8d9865b75d63e2c9bec3d3a42a02bfc4bb40927e /src/responder | |
parent | 39d36216a1692eee6cc5359f6c7ccaa7789be76d (diff) | |
download | sssd-0393f0d44ac92035de29a8bc8b2005db6d90b640.tar.gz sssd-0393f0d44ac92035de29a8bc8b2005db6d90b640.tar.xz sssd-0393f0d44ac92035de29a8bc8b2005db6d90b640.zip |
NEGCACHE: Removing timeout from sss_ncache_check_*
It removes timeout parameter from check functions of negative cache.
Timeout is set ny init function and it is handled internally.
API change:
* int sss_ncache_check_...(struct sss_nc_ctx *ctx,
int ttl, <----- timeout vanished
struct sss_domain_info *dom,
...);
Resolves:
https://fedorahosted.org/sssd/ticket/2317
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/responder')
-rw-r--r-- | src/responder/common/negcache.c | 89 | ||||
-rw-r--r-- | src/responder/common/negcache.h | 30 | ||||
-rw-r--r-- | src/responder/common/responder_cache_req.c | 20 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 46 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_services.c | 13 | ||||
-rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 6 |
6 files changed, 86 insertions, 118 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index 57d196902..d48402f8e 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -78,7 +78,7 @@ int sss_ncache_init(TALLOC_CTX *memctx, uint32_t timeout, return EOK; }; -static int sss_ncache_check_str(struct sss_nc_ctx *ctx, char *str, int ttl) +static int sss_ncache_check_str(struct sss_nc_ctx *ctx, char *str) { TDB_DATA key; TDB_DATA data; @@ -115,7 +115,7 @@ static int sss_ncache_check_str(struct sss_nc_ctx *ctx, char *str, int ttl) goto done; } - if (timestamp + ttl >= time(NULL)) { + if (timestamp >= time(NULL)) { /* still valid */ ret = EEXIST; goto done; @@ -140,6 +140,7 @@ static int sss_ncache_set_str(struct sss_nc_ctx *ctx, TDB_DATA key; TDB_DATA data; char *timest; + unsigned long long int timell; int ret; ret = string_to_tdb_data(str, &key); @@ -148,8 +149,8 @@ static int sss_ncache_set_str(struct sss_nc_ctx *ctx, if (permanent) { timest = talloc_strdup(ctx, "0"); } else { - timest = talloc_asprintf(ctx, "%llu", - (unsigned long long int)time(NULL)); + timell = (unsigned long long int)time(NULL) + ctx->timeout; + timest = talloc_asprintf(ctx, "%llu", timell); } if (!timest) return ENOMEM; @@ -171,8 +172,8 @@ done: return ret; } -static int sss_ncache_check_user_int(struct sss_nc_ctx *ctx, int ttl, - const char *domain, const char *name) +static int sss_ncache_check_user_int(struct sss_nc_ctx *ctx, const char *domain, + const char *name) { char *str; int ret; @@ -182,13 +183,13 @@ static int sss_ncache_check_user_int(struct sss_nc_ctx *ctx, int ttl, str = talloc_asprintf(ctx, "%s/%s/%s", NC_USER_PREFIX, domain, name); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -static int sss_ncache_check_group_int(struct sss_nc_ctx *ctx, int ttl, +static int sss_ncache_check_group_int(struct sss_nc_ctx *ctx, const char *domain, const char *name) { char *str; @@ -199,13 +200,13 @@ static int sss_ncache_check_group_int(struct sss_nc_ctx *ctx, int ttl, str = talloc_asprintf(ctx, "%s/%s/%s", NC_GROUP_PREFIX, domain, name); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -static int sss_ncache_check_netgr_int(struct sss_nc_ctx *ctx, int ttl, +static int sss_ncache_check_netgr_int(struct sss_nc_ctx *ctx, const char *domain, const char *name) { char *str; @@ -216,14 +217,13 @@ static int sss_ncache_check_netgr_int(struct sss_nc_ctx *ctx, int ttl, str = talloc_asprintf(ctx, "%s/%s/%s", NC_NETGROUP_PREFIX, domain, name); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } static int sss_ncache_check_service_int(struct sss_nc_ctx *ctx, - int ttl, const char *domain, const char *name) { @@ -238,16 +238,16 @@ static int sss_ncache_check_service_int(struct sss_nc_ctx *ctx, name); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -typedef int (*ncache_check_byname_fn_t)(struct sss_nc_ctx *, int, - const char *, const char *); +typedef int (*ncache_check_byname_fn_t)(struct sss_nc_ctx *, const char *, + const char *); -static int sss_cache_check_ent(struct sss_nc_ctx *ctx, int ttl, +static int sss_cache_check_ent(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, const char *name, ncache_check_byname_fn_t checker) { @@ -257,34 +257,31 @@ static int sss_cache_check_ent(struct sss_nc_ctx *ctx, int ttl, if (dom->case_sensitive == false) { lower = sss_tc_utf8_str_tolower(ctx, name); if (!lower) return ENOMEM; - ret = checker(ctx, ttl, dom->name, lower); + ret = checker(ctx, dom->name, lower); talloc_free(lower); } else { - ret = checker(ctx, ttl, dom->name, name); + ret = checker(ctx, dom->name, name); } return ret; } -int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name) +int sss_ncache_check_user(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name) { - return sss_cache_check_ent(ctx, ttl, dom, name, - sss_ncache_check_user_int); + return sss_cache_check_ent(ctx, dom, name, sss_ncache_check_user_int); } -int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name) +int sss_ncache_check_group(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name) { - return sss_cache_check_ent(ctx, ttl, dom, name, - sss_ncache_check_group_int); + return sss_cache_check_ent(ctx, dom, name, sss_ncache_check_group_int); } -int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name) +int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name) { - return sss_cache_check_ent(ctx, ttl, dom, name, - sss_ncache_check_netgr_int); + return sss_cache_check_ent(ctx, dom, name, sss_ncache_check_netgr_int); } static int sss_ncache_set_service_int(struct sss_nc_ctx *ctx, bool permanent, @@ -321,10 +318,8 @@ int sss_ncache_set_service_name(struct sss_nc_ctx *ctx, bool permanent, return ret; } -int sss_ncache_check_service(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, - const char *name, - const char *proto) +int sss_ncache_check_service(struct sss_nc_ctx *ctx,struct sss_domain_info *dom, + const char *name, const char *proto) { int ret; char *service_and_protocol = talloc_asprintf(ctx, "%s:%s", @@ -332,7 +327,7 @@ int sss_ncache_check_service(struct sss_nc_ctx *ctx, int ttl, proto ? proto : "<ANY>"); if (!service_and_protocol) return ENOMEM; - ret = sss_cache_check_ent(ctx, ttl, dom, service_and_protocol, + ret = sss_cache_check_ent(ctx, dom, service_and_protocol, sss_ncache_check_service_int); talloc_free(service_and_protocol); return ret; @@ -355,7 +350,7 @@ int sss_ncache_set_service_port(struct sss_nc_ctx *ctx, bool permanent, return ret; } -int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl, +int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, uint16_t port, const char *proto) @@ -366,7 +361,7 @@ int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl, proto ? proto : "<ANY>"); if (!service_and_protocol) return ENOMEM; - ret = sss_cache_check_ent(ctx, ttl, dom, service_and_protocol, + ret = sss_cache_check_ent(ctx, dom, service_and_protocol, sss_ncache_check_service_int); talloc_free(service_and_protocol); return ret; @@ -374,8 +369,8 @@ int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl, -int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, uid_t uid) +int sss_ncache_check_uid(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + uid_t uid) { char *str; int ret; @@ -388,14 +383,14 @@ int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, } if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, gid_t gid) +int sss_ncache_check_gid(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + gid_t gid) { char *str; int ret; @@ -408,13 +403,13 @@ int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, } if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -int sss_ncache_check_sid(struct sss_nc_ctx *ctx, int ttl, const char *sid) +int sss_ncache_check_sid(struct sss_nc_ctx *ctx, const char *sid) { char *str; int ret; @@ -422,13 +417,13 @@ int sss_ncache_check_sid(struct sss_nc_ctx *ctx, int ttl, const char *sid) str = talloc_asprintf(ctx, "%s/%s", NC_SID_PREFIX, sid); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; } -int sss_ncache_check_cert(struct sss_nc_ctx *ctx, int ttl, const char *cert) +int sss_ncache_check_cert(struct sss_nc_ctx *ctx, const char *cert) { char *str; int ret; @@ -436,7 +431,7 @@ int sss_ncache_check_cert(struct sss_nc_ctx *ctx, int ttl, const char *cert) str = talloc_asprintf(ctx, "%s/%s", NC_CERT_PREFIX, cert); if (!str) return ENOMEM; - ret = sss_ncache_check_str(ctx, str, ttl); + ret = sss_ncache_check_str(ctx, str); talloc_free(str); return ret; diff --git a/src/responder/common/negcache.h b/src/responder/common/negcache.h index bad8e5109..8c805b24b 100644 --- a/src/responder/common/negcache.h +++ b/src/responder/common/negcache.h @@ -29,24 +29,24 @@ int sss_ncache_init(TALLOC_CTX *memctx, uint32_t timeout, struct sss_nc_ctx **_ctx); /* check if the user is expired according to the passed in time to live */ -int sss_ncache_check_user(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name); -int sss_ncache_check_group(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name); -int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, const char *name); -int sss_ncache_check_uid(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, uid_t uid); -int sss_ncache_check_gid(struct sss_nc_ctx *ctx, int ttl, - struct sss_domain_info *dom, gid_t gid); -int sss_ncache_check_sid(struct sss_nc_ctx *ctx, int ttl, const char *sid); -int sss_ncache_check_cert(struct sss_nc_ctx *ctx, int ttl, const char *cert); - -int sss_ncache_check_service(struct sss_nc_ctx *ctx, int ttl, +int sss_ncache_check_user(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name); +int sss_ncache_check_group(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name); +int sss_ncache_check_netgr(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + const char *name); +int sss_ncache_check_uid(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + uid_t uid); +int sss_ncache_check_gid(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, + gid_t gid); +int sss_ncache_check_sid(struct sss_nc_ctx *ctx, const char *sid); +int sss_ncache_check_cert(struct sss_nc_ctx *ctx, const char *cert); + +int sss_ncache_check_service(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, const char *name, const char *proto); -int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, int ttl, +int sss_ncache_check_service_port(struct sss_nc_ctx *ctx, struct sss_domain_info *dom, uint16_t port, const char *proto); diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c index dcb41d363..a9af150f2 100644 --- a/src/responder/common/responder_cache_req.c +++ b/src/responder/common/responder_cache_req.c @@ -529,8 +529,7 @@ cache_req_assume_upn(struct cache_req *cr) } static errno_t cache_req_check_ncache(struct cache_req *cr, - struct sss_nc_ctx *ncache, - int neg_timeout) + struct sss_nc_ctx *ncache) { errno_t ret = ERR_INTERNAL; @@ -542,28 +541,26 @@ static errno_t cache_req_check_ncache(struct cache_req *cr, case CACHE_REQ_USER_BY_UPN: case CACHE_REQ_INITGROUPS: case CACHE_REQ_INITGROUPS_BY_UPN: - ret = sss_ncache_check_user(ncache, neg_timeout, - cr->domain, cr->data->name.lookup); + ret = sss_ncache_check_user(ncache, cr->domain, cr->data->name.lookup); break; case CACHE_REQ_GROUP_BY_NAME: - ret = sss_ncache_check_group(ncache, neg_timeout, - cr->domain, cr->data->name.lookup); + ret = sss_ncache_check_group(ncache, cr->domain, cr->data->name.lookup); break; case CACHE_REQ_USER_BY_ID: - ret = sss_ncache_check_uid(ncache, neg_timeout, NULL, cr->data->id); + ret = sss_ncache_check_uid(ncache, NULL, cr->data->id); break; case CACHE_REQ_GROUP_BY_ID: - ret = sss_ncache_check_gid(ncache, neg_timeout, NULL, cr->data->id); + ret = sss_ncache_check_gid(ncache, NULL, cr->data->id); break; case CACHE_REQ_USER_BY_CERT: - ret = sss_ncache_check_cert(ncache, neg_timeout, cr->data->cert); + ret = sss_ncache_check_cert(ncache, cr->data->cert); break; case CACHE_REQ_USER_BY_FILTER: case CACHE_REQ_GROUP_BY_FILTER: ret = EOK; break; case CACHE_REQ_OBJECT_BY_SID: - ret = sss_ncache_check_sid(ncache, neg_timeout, cr->data->sid); + ret = sss_ncache_check_sid(ncache, cr->data->sid); break; } @@ -937,8 +934,7 @@ static struct tevent_req *cache_req_cache_send(TALLOC_CTX *mem_ctx, state->cr = cr; /* Check negative cache first. */ - ret = cache_req_check_ncache(state->cr, state->ncache, - state->neg_timeout); + ret = cache_req_check_ncache(state->cr, state->ncache); if (ret == EEXIST) { ret = ENOENT; goto immediately; diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index e8c4d0e1c..30daf4bc5 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -408,9 +408,7 @@ static int fill_pwent(struct sss_packet *packet, } if (filter_users) { - ncret = sss_ncache_check_user(nctx->ncache, - nctx->neg_timeout, - dom, orig_name); + ncret = sss_ncache_check_user(nctx->ncache, dom, orig_name); if (ncret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "User [%s@%s] filtered out! (negative cache)\n", @@ -1009,8 +1007,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) /* verify this user has not yet been negatively cached, * or has been permanently filtered */ - ret = sss_ncache_check_user(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_user(nctx->ncache, dom, name); /* if neg cached, return we didn't find it */ if (ret == EEXIST) { @@ -1950,8 +1947,7 @@ static int nss_cmd_getbyid(enum sss_cli_command cmd, struct cli_ctx *cctx) switch(dctx->cmdctx->cmd) { case SSS_NSS_GETPWUID: - ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, NULL, - cmdctx->id); + ret = sss_ncache_check_uid(nctx->ncache, NULL, cmdctx->id); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "Uid [%"PRIu32"] does not exist! (negative cache)\n", @@ -1961,8 +1957,7 @@ static int nss_cmd_getbyid(enum sss_cli_command cmd, struct cli_ctx *cctx) } break; case SSS_NSS_GETGRGID: - ret = sss_ncache_check_gid(nctx->ncache, nctx->neg_timeout, NULL, - cmdctx->id); + ret = sss_ncache_check_gid(nctx->ncache, NULL, cmdctx->id); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "Gid [%"PRIu32"] does not exist! (negative cache)\n", @@ -1972,11 +1967,9 @@ static int nss_cmd_getbyid(enum sss_cli_command cmd, struct cli_ctx *cctx) } break; case SSS_NSS_GETSIDBYID: - ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, NULL, - cmdctx->id); + ret = sss_ncache_check_uid(nctx->ncache, NULL, cmdctx->id); if (ret != EEXIST) { - ret = sss_ncache_check_gid(nctx->ncache, nctx->neg_timeout, - NULL, cmdctx->id); + ret = sss_ncache_check_gid(nctx->ncache, NULL, cmdctx->id); } if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, @@ -2830,9 +2823,7 @@ static int fill_members(struct sss_packet *packet, } if (nctx->filter_users_in_groups) { - ret = sss_ncache_check_user(nctx->ncache, - nctx->neg_timeout, - dom, tmpstr); + ret = sss_ncache_check_user(nctx->ncache, dom, tmpstr); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "Group [%s] member [%s@%s] filtered out!" @@ -2988,8 +2979,7 @@ static int fill_grent(struct sss_packet *packet, } if (filter_groups) { - ret = sss_ncache_check_group(nctx->ncache, - nctx->neg_timeout, dom, orig_name); + ret = sss_ncache_check_group(nctx->ncache, dom, orig_name); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "Group [%s@%s] filtered out! (negative cache)\n", @@ -3226,8 +3216,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) /* verify this group has not yet been negatively cached, * or has been permanently filtered */ - ret = sss_ncache_check_group(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_group(nctx->ncache, dom, name); /* if neg cached, return we didn't find it */ if (ret == EEXIST) { @@ -4344,8 +4333,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) /* verify this user has not yet been negatively cached, * or has been permanently filtered */ - ret = sss_ncache_check_user(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_user(nctx->ncache, dom, name); /* if neg cached, return we didn't find it */ if (ret == EEXIST) { @@ -4554,11 +4542,9 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) DEBUG(SSSDBG_TRACE_FUNC, "Requesting info for [%"PRIu32"@%s]\n", cmdctx->id, dom->name); - ret = sss_ncache_check_uid(nctx->ncache, nctx->neg_timeout, dom, - cmdctx->id); + ret = sss_ncache_check_uid(nctx->ncache, dom, cmdctx->id); if (ret == EEXIST) { - ret = sss_ncache_check_gid(nctx->ncache, nctx->neg_timeout, dom, - cmdctx->id); + ret = sss_ncache_check_gid(nctx->ncache, dom, cmdctx->id); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "ID [%"PRIu32"] does not exist in [%s]! (negative cache)\n", @@ -4609,12 +4595,10 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) /* verify this name has not yet been negatively cached, as user * and groupm, or has been permanently filtered */ - ret = sss_ncache_check_user(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_user(nctx->ncache, dom, name); if (ret == EEXIST) { - ret = sss_ncache_check_group(nctx->ncache, nctx->neg_timeout, - dom, name); + ret = sss_ncache_check_group(nctx->ncache, dom, name); if (ret == EEXIST) { /* if neg cached, return we didn't find it */ DEBUG(SSSDBG_TRACE_FUNC, @@ -4854,7 +4838,7 @@ static errno_t nss_cmd_getbysid_search(struct nss_dom_ctx *dctx) /* verify this user has not yet been negatively cached, * or has been permanently filtered */ - ret = sss_ncache_check_sid(nctx->ncache, nctx->neg_timeout, cmdctx->secid); + ret = sss_ncache_check_sid(nctx->ncache, cmdctx->secid); if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, "SID [%s] does not exist! (negative cache)\n", cmdctx->secid); diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c index a9fdeb6c9..213d2926b 100644 --- a/src/responder/nss/nsssrv_services.c +++ b/src/responder/nss/nsssrv_services.c @@ -174,11 +174,8 @@ getserv_send(TALLOC_CTX *mem_ctx, /* If we're looking up by name */ if (service_name) { /* Check the negative cache */ - ret = sss_ncache_check_service(nctx->ncache, - nctx->neg_timeout, - dom, - SVC_NAME_CASED, - SVC_PROTO_CASED); + ret = sss_ncache_check_service(nctx->ncache, dom, + SVC_NAME_CASED, SVC_PROTO_CASED); /* If negatively cached, return we didn't find it */ if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, @@ -216,10 +213,8 @@ getserv_send(TALLOC_CTX *mem_ctx, &state->res); } else { /* Looking up by port */ /* Check the negative cache */ - ret = sss_ncache_check_service_port(nctx->ncache, - nctx->neg_timeout, - dom, port, - SVC_PROTO_CASED); + ret = sss_ncache_check_service_port(nctx->ncache, dom, port, + SVC_PROTO_CASED); /* If negatively cached, return we didn't find it */ if (ret == EEXIST) { DEBUG(SSSDBG_TRACE_FUNC, diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index d86807e79..fb0cbbbea 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -1142,8 +1142,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) goto done; } - ncret = sss_ncache_check_user(pctx->ncache, pctx->neg_timeout, - preq->domain, pd->user); + ncret = sss_ncache_check_user(pctx->ncache, preq->domain, pd->user); if (ncret == EEXIST) { /* User found in the negative cache */ ret = ENOENT; @@ -1155,8 +1154,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) dom = get_next_domain(dom, 0)) { if (dom->fqnames) continue; - ncret = sss_ncache_check_user(pctx->ncache, pctx->neg_timeout, - dom, pd->user); + ncret = sss_ncache_check_user(pctx->ncache, dom, pd->user); if (ncret == ENOENT) { /* User not found in the negative cache * Proceed with PAM actions |