summaryrefslogtreecommitdiffstats
path: root/src/responder
diff options
context:
space:
mode:
authorPetr Cech <pcech@redhat.com>2016-04-22 08:05:06 -0400
committerJakub Hrozek <jhrozek@redhat.com>2016-05-11 12:50:25 +0200
commitbeb07d2f45856d4f3135f173cce551a2aa878f57 (patch)
tree7466016de523f9a6ea90f16a05eb59583d649d97 /src/responder
parentf77ba726e3f8bd1e3cabdee66f38c4ed7a771913 (diff)
downloadsssd-beb07d2f45856d4f3135f173cce551a2aa878f57.tar.gz
sssd-beb07d2f45856d4f3135f173cce551a2aa878f57.tar.xz
sssd-beb07d2f45856d4f3135f173cce551a2aa878f57.zip
RESPONDER: Removing neg_timeout from pam responder
It removes neg_timeout parameter from struct pam_ctx. Timeout is handled by context of negative cache internally. This patch additioanlly removes neg_timeout from struct cache_req_state. Resolves: https://fedorahosted.org/sssd/ticket/2317 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/responder')
-rw-r--r--src/responder/common/responder_cache_req.c41
-rw-r--r--src/responder/common/responder_cache_req.h20
-rw-r--r--src/responder/ifp/ifp_groups.c12
-rw-r--r--src/responder/ifp/ifp_users.c12
-rw-r--r--src/responder/ifp/ifpsrv_cmd.c3
-rw-r--r--src/responder/pac/pacsrv_cmd.c1
-rw-r--r--src/responder/pam/pamsrv.c6
-rw-r--r--src/responder/pam/pamsrv.h1
-rw-r--r--src/responder/pam/pamsrv_cmd.c3
-rw-r--r--src/responder/sudo/sudosrv_get_sudorules.c4
10 files changed, 28 insertions, 75 deletions
diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c
index a9af150f2..1ad141281 100644
--- a/src/responder/common/responder_cache_req.c
+++ b/src/responder/common/responder_cache_req.c
@@ -912,7 +912,6 @@ static struct tevent_req *cache_req_cache_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
struct cache_req *cr)
{
@@ -929,7 +928,6 @@ static struct tevent_req *cache_req_cache_send(TALLOC_CTX *mem_ctx,
state->ev = ev;
state->rctx = rctx;
state->ncache = ncache;
- state->neg_timeout = neg_timeout;
state->cache_refresh_percent = cache_refresh_percent;
state->cr = cr;
@@ -1126,7 +1124,6 @@ struct cache_req_state {
struct tevent_context *ev;
struct resp_ctx *rctx;
struct sss_nc_ctx *ncache;
- int neg_timeout;
int cache_refresh_percent;
struct cache_req *cr;
@@ -1150,7 +1147,6 @@ struct tevent_req *cache_req_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
struct cache_req_data *data)
@@ -1170,7 +1166,6 @@ struct tevent_req *cache_req_send(TALLOC_CTX *mem_ctx,
state->ev = ev;
state->rctx = rctx;
state->ncache = ncache;
- state->neg_timeout = neg_timeout;
state->cache_refresh_percent = cache_refresh_percent;
state->cr = cr = cache_req_create(state, rctx, data);
if (state->cr == NULL) {
@@ -1320,7 +1315,7 @@ static errno_t cache_req_next_domain(struct tevent_req *req)
}
subreq = cache_req_cache_send(state, state->ev, state->rctx,
- state->ncache, state->neg_timeout,
+ state->ncache,
state->cache_refresh_percent,
state->cr);
if (subreq == NULL) {
@@ -1432,14 +1427,13 @@ cache_req_steal_data_and_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
struct cache_req_data *data)
{
struct tevent_req *req;
- req = cache_req_send(mem_ctx, ev, rctx, ncache, neg_timeout,
+ req = cache_req_send(mem_ctx, ev, rctx, ncache,
cache_refresh_percent, domain, data);
if (req == NULL) {
talloc_zfree(data);
@@ -1456,7 +1450,6 @@ cache_req_user_by_name_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
const char *name)
@@ -1469,8 +1462,7 @@ cache_req_user_by_name_send(TALLOC_CTX *mem_ctx,
}
return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- neg_timeout, cache_refresh_percent,
- domain, data);
+ cache_refresh_percent, domain, data);
}
struct tevent_req *
@@ -1478,7 +1470,6 @@ cache_req_user_by_id_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
uid_t uid)
@@ -1491,8 +1482,7 @@ cache_req_user_by_id_send(TALLOC_CTX *mem_ctx,
}
return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- neg_timeout, cache_refresh_percent,
- domain, data);
+ cache_refresh_percent, domain, data);
}
struct tevent_req *
@@ -1500,7 +1490,6 @@ cache_req_user_by_cert_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
const char *pem_cert)
@@ -1513,7 +1502,7 @@ cache_req_user_by_cert_send(TALLOC_CTX *mem_ctx,
}
return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- neg_timeout, cache_refresh_percent,
+ cache_refresh_percent,
domain, data);
}
@@ -1522,7 +1511,6 @@ cache_req_group_by_name_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
const char *name)
@@ -1535,8 +1523,7 @@ cache_req_group_by_name_send(TALLOC_CTX *mem_ctx,
}
return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- neg_timeout, cache_refresh_percent,
- domain, data);
+ cache_refresh_percent, domain, data);
}
struct tevent_req *
@@ -1544,7 +1531,6 @@ cache_req_group_by_id_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
gid_t gid)
@@ -1557,8 +1543,7 @@ cache_req_group_by_id_send(TALLOC_CTX *mem_ctx,
}
return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- neg_timeout, cache_refresh_percent,
- domain, data);
+ cache_refresh_percent, domain, data);
}
struct tevent_req *
@@ -1566,7 +1551,6 @@ cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
const char *name)
@@ -1579,8 +1563,7 @@ cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx,
}
return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- neg_timeout, cache_refresh_percent,
- domain, data);
+ cache_refresh_percent, domain, data);
}
struct tevent_req *
@@ -1598,7 +1581,7 @@ cache_req_user_by_filter_send(TALLOC_CTX *mem_ctx,
}
return cache_req_steal_data_and_send(mem_ctx, ev, rctx, NULL,
- 0, 0, domain, data);
+ 0, domain, data);
}
struct tevent_req *
@@ -1616,7 +1599,7 @@ cache_req_group_by_filter_send(TALLOC_CTX *mem_ctx,
}
return cache_req_steal_data_and_send(mem_ctx, ev, rctx, NULL,
- 0, 0, domain, data);
+ 0, domain, data);
}
struct tevent_req *
@@ -1624,7 +1607,6 @@ cache_req_object_by_sid_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
const char *sid,
@@ -1638,6 +1620,5 @@ cache_req_object_by_sid_send(TALLOC_CTX *mem_ctx,
}
return cache_req_steal_data_and_send(mem_ctx, ev, rctx, ncache,
- neg_timeout, cache_refresh_percent,
- domain, data);
+ cache_refresh_percent, domain, data);
}
diff --git a/src/responder/common/responder_cache_req.h b/src/responder/common/responder_cache_req.h
index fbbc1e530..69fbaf416 100644
--- a/src/responder/common/responder_cache_req.h
+++ b/src/responder/common/responder_cache_req.h
@@ -68,7 +68,6 @@ struct tevent_req *cache_req_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
struct cache_req_data *data);
@@ -84,7 +83,6 @@ cache_req_user_by_name_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
const char *name);
@@ -97,7 +95,6 @@ cache_req_user_by_id_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
uid_t uid);
@@ -107,13 +104,12 @@ cache_req_user_by_id_send(TALLOC_CTX *mem_ctx,
struct tevent_req *
cache_req_user_by_cert_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct resp_ctx *rctx,
- struct sss_nc_ctx *ncache,
- int neg_timeout,
- int cache_refresh_percent,
- const char *domain,
- const char *pem_cert);
+ struct tevent_context *ev,
+ struct resp_ctx *rctx,
+ struct sss_nc_ctx *ncache,
+ int cache_refresh_percent,
+ const char *domain,
+ const char *pem_cert);
#define cache_req_user_by_cert_recv(mem_ctx, req, _result, _domain, _name) \
cache_req_recv(mem_ctx, req, _result, _domain, _name)
@@ -123,7 +119,6 @@ cache_req_group_by_name_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
const char *name);
@@ -136,7 +131,6 @@ cache_req_group_by_id_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
gid_t gid);
@@ -149,7 +143,6 @@ cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
const char *name);
@@ -182,7 +175,6 @@ cache_req_object_by_sid_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct resp_ctx *rctx,
struct sss_nc_ctx *ncache,
- int neg_timeout,
int cache_refresh_percent,
const char *domain,
const char *sid,
diff --git a/src/responder/ifp/ifp_groups.c b/src/responder/ifp/ifp_groups.c
index 08f34b7a3..411cebc12 100644
--- a/src/responder/ifp/ifp_groups.c
+++ b/src/responder/ifp/ifp_groups.c
@@ -118,8 +118,7 @@ int ifp_groups_find_by_name(struct sbus_request *sbus_req,
}
req = cache_req_group_by_name_send(sbus_req, ctx->rctx->ev, ctx->rctx,
- ctx->ncache, ctx->neg_timeout, 0,
- NULL, name);
+ ctx->ncache, 0, NULL, name);
if (req == NULL) {
return ENOMEM;
}
@@ -189,8 +188,7 @@ int ifp_groups_find_by_id(struct sbus_request *sbus_req,
}
req = cache_req_group_by_id_send(sbus_req, ctx->rctx->ev, ctx->rctx,
- ctx->ncache, ctx->neg_timeout, 0,
- NULL, id);
+ ctx->ncache, 0, NULL, id);
if (req == NULL) {
return ENOMEM;
}
@@ -528,8 +526,7 @@ static struct tevent_req *resolv_ghosts_send(TALLOC_CTX *mem_ctx,
}
subreq = cache_req_group_by_name_send(state, ev, ctx->rctx,
- ctx->ncache, ctx->neg_timeout, 0,
- domain->name, name);
+ ctx->ncache, 0, domain->name, name);
if (subreq == NULL) {
ret = ENOMEM;
goto immediately;
@@ -607,8 +604,7 @@ errno_t resolv_ghosts_step(struct tevent_req *req)
}
subreq = cache_req_user_by_name_send(state, state->ev, state->ctx->rctx,
- state->ctx->ncache, state->ctx->neg_timeout,
- 0, state->domain->name,
+ state->ctx->ncache, 0, state->domain->name,
state->ghosts[state->index]);
if (subreq == NULL) {
return ENOMEM;
diff --git a/src/responder/ifp/ifp_users.c b/src/responder/ifp/ifp_users.c
index e542e811c..f362ea289 100644
--- a/src/responder/ifp/ifp_users.c
+++ b/src/responder/ifp/ifp_users.c
@@ -99,8 +99,7 @@ int ifp_users_find_by_name(struct sbus_request *sbus_req,
}
req = cache_req_user_by_name_send(sbus_req, ctx->rctx->ev, ctx->rctx,
- ctx->ncache, ctx->neg_timeout, 0,
- NULL, name);
+ ctx->ncache, 0, NULL, name);
if (req == NULL) {
return ENOMEM;
}
@@ -170,8 +169,7 @@ int ifp_users_find_by_id(struct sbus_request *sbus_req,
}
req = cache_req_user_by_id_send(sbus_req, ctx->rctx->ev, ctx->rctx,
- ctx->ncache, ctx->neg_timeout, 0,
- NULL, id);
+ ctx->ncache, 0, NULL, id);
if (req == NULL) {
return ENOMEM;
}
@@ -257,8 +255,7 @@ int ifp_users_find_by_cert(struct sbus_request *sbus_req, void *data,
}
req = cache_req_user_by_cert_send(sbus_req, ctx->rctx->ev, ctx->rctx,
- ctx->ncache, ctx->neg_timeout, 0,
- NULL, derb64);
+ ctx->ncache, 0, NULL, derb64);
if (req == NULL) {
return ENOMEM;
}
@@ -654,8 +651,7 @@ int ifp_users_user_update_groups_list(struct sbus_request *sbus_req,
}
req = cache_req_initgr_by_name_send(sbus_req, ctx->rctx->ev, ctx->rctx,
- ctx->ncache, ctx->neg_timeout, 0,
- domain->name, username);
+ ctx->ncache, 0, domain->name, username);
if (req == NULL) {
return ENOMEM;
}
diff --git a/src/responder/ifp/ifpsrv_cmd.c b/src/responder/ifp/ifpsrv_cmd.c
index 2c0ceb817..d1855eb87 100644
--- a/src/responder/ifp/ifpsrv_cmd.c
+++ b/src/responder/ifp/ifpsrv_cmd.c
@@ -514,8 +514,7 @@ ifp_user_get_attr_lookup(struct tevent_req *subreq)
}
subreq = cache_req_send(state, state->rctx->ev, state->rctx,
- state->ncache, state->neg_timeout, 0,
- state->domname, data);
+ state->ncache, 0, state->domname, data);
if (subreq == NULL) {
tevent_req_error(req, ENOMEM);
return;
diff --git a/src/responder/pac/pacsrv_cmd.c b/src/responder/pac/pacsrv_cmd.c
index bebd6ba19..8f5404150 100644
--- a/src/responder/pac/pacsrv_cmd.c
+++ b/src/responder/pac/pacsrv_cmd.c
@@ -198,7 +198,6 @@ static errno_t pac_resolve_user_sid_next(struct pac_req_ctx *pr_ctx)
req = cache_req_object_by_sid_send(pr_ctx, pr_ctx->cctx->ev,
pr_ctx->cctx->rctx,
pr_ctx->pac_ctx->ncache,
- pr_ctx->pac_ctx->neg_timeout,
0, pr_ctx->dom->name,
pr_ctx->user_sid_str,
pw_attrs);
diff --git a/src/responder/pam/pamsrv.c b/src/responder/pam/pamsrv.c
index 4c41517f9..78521e895 100644
--- a/src/responder/pam/pamsrv.c
+++ b/src/responder/pam/pamsrv.c
@@ -251,12 +251,6 @@ static int pam_process_init(TALLOC_CTX *mem_ctx,
pam_dp_reconnect_init, iter);
}
- /* Set up the negative cache */
- ret = confdb_get_int(cdb, CONFDB_NSS_CONF_ENTRY,
- CONFDB_NSS_ENTRY_NEG_TIMEOUT, 15,
- &pctx->neg_timeout);
- if (ret != EOK) goto done;
-
/* Set up the PAM identity timeout */
ret = confdb_get_int(cdb, CONFDB_PAM_CONF_ENTRY,
CONFDB_PAM_ID_TIMEOUT, 5,
diff --git a/src/responder/pam/pamsrv.h b/src/responder/pam/pamsrv.h
index b44e1c337..a4d2ae69e 100644
--- a/src/responder/pam/pamsrv.h
+++ b/src/responder/pam/pamsrv.h
@@ -34,7 +34,6 @@ typedef void (pam_dp_callback_t)(struct pam_auth_req *preq);
struct pam_ctx {
struct resp_ctx *rctx;
struct sss_nc_ctx *ncache;
- int neg_timeout;
time_t id_timeout;
hash_table_t *id_table;
size_t trusted_uids_count;
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index fb0cbbbea..6fd934509 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -1247,8 +1247,7 @@ static void pam_forwarder_cert_cb(struct tevent_req *req)
req = cache_req_user_by_cert_send(preq, cctx->ev, cctx->rctx,
- pctx->ncache, pctx->neg_timeout,
- 0, NULL, cert);
+ pctx->ncache, 0, NULL, cert);
if (req == NULL) {
DEBUG(SSSDBG_OP_FAILURE, "cache_req_user_by_cert_send failed.\n");
ret = ENOMEM;
diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c
index 61f042670..b981a3252 100644
--- a/src/responder/sudo/sudosrv_get_sudorules.c
+++ b/src/responder/sudo/sudosrv_get_sudorules.c
@@ -457,9 +457,7 @@ struct tevent_req *sudosrv_get_rules_send(TALLOC_CTX *mem_ctx,
DEBUG(SSSDBG_TRACE_FUNC, "Running initgroups for [%s]\n", username);
subreq = cache_req_initgr_by_name_send(state, ev, sudo_ctx->rctx,
- sudo_ctx->ncache,
- sudo_ctx->neg_timeout,
- 0, NULL, username);
+ sudo_ctx->ncache, 0, NULL, username);
if (subreq == NULL) {
ret = ENOMEM;
goto immediately;
generated by cgit (git 2.34.1) at 2024-05-28 14:07:12 +0000