[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-3089-g01c8c7b
Volker Lendecke
vlendec at samba.org
Sat Jul 5 10:22:43 GMT 2008
The branch, v3-3-test has been updated
via 01c8c7bbf6163d5c7733db0d8ecbccfe7e4fec7d (commit)
via 81f334bd6da601a040f754c46705cfa2fd4f8c45 (commit)
via 0bf0434f22b0ea46fda3ccc4dd612adbc88dd4f2 (commit)
from 72b96b75a4a1b523540a24fb758b1965ad66009b (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit 01c8c7bbf6163d5c7733db0d8ecbccfe7e4fec7d
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jul 3 23:34:28 2008 +0200
Tiny logic simplification -- remove an else branch
commit 81f334bd6da601a040f754c46705cfa2fd4f8c45
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jul 3 23:29:49 2008 +0200
Make use of ADD_TO_ARRAY
commit 0bf0434f22b0ea46fda3ccc4dd612adbc88dd4f2
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jul 3 23:12:22 2008 +0200
Convert idmap_cache to gencache
-----------------------------------------------------------------------
Summary of changes:
source/include/proto.h | 17 +-
source/winbindd/idmap.c | 144 +++++--------
source/winbindd/idmap_cache.c | 463 ++++++++------------------------------
source/winbindd/idmap_util.c | 34 +--
source/winbindd/winbindd.h | 1 +
source/winbindd/winbindd_idmap.c | 46 ++--
6 files changed, 188 insertions(+), 517 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/proto.h b/source/include/proto.h
index 85efe24..2a954f4 100644
--- a/source/include/proto.h
+++ b/source/include/proto.h
@@ -10485,20 +10485,21 @@ NTSTATUS idmap_allocate_uid(struct unixid *id);
NTSTATUS idmap_allocate_gid(struct unixid *id);
NTSTATUS idmap_set_uid_hwm(struct unixid *id);
NTSTATUS idmap_set_gid_hwm(struct unixid *id);
-NTSTATUS idmap_unixids_to_sids(struct id_map **ids);
-NTSTATUS idmap_sids_to_unixids(struct id_map **ids);
+NTSTATUS idmap_unixids_to_sids(struct id_map **ids, int n_ids);
+NTSTATUS idmap_sids_to_unixids(struct id_map **ids, int n_ids);
NTSTATUS idmap_set_mapping(const struct id_map *id);
char *idmap_fetch_secret(const char *backend, bool alloc,
const char *domain, const char *identity);
/* The following definitions come from winbindd/idmap_cache.c */
-struct idmap_cache_ctx *idmap_cache_init(TALLOC_CTX *memctx);
-NTSTATUS idmap_cache_set(struct idmap_cache_ctx *cache, const struct id_map *id);
-NTSTATUS idmap_cache_set_negative_sid(struct idmap_cache_ctx *cache, const struct id_map *id);
-NTSTATUS idmap_cache_set_negative_id(struct idmap_cache_ctx *cache, const struct id_map *id);
-NTSTATUS idmap_cache_map_sid(struct idmap_cache_ctx *cache, struct id_map *id);
-NTSTATUS idmap_cache_map_id(struct idmap_cache_ctx *cache, struct id_map *id);
+NTSTATUS idmap_cache_set(const struct id_map *id);
+NTSTATUS idmap_cache_set_negative_sid(const struct id_map *id);
+NTSTATUS idmap_cache_set_negative_id(const struct id_map *id);
+bool idmap_cache_map_sid(const struct dom_sid *sid, struct unixid *xid,
+ bool *mapped, bool *expired);
+bool idmap_cache_map_id(const struct unixid *xid, struct dom_sid *psid,
+ bool *mapped, bool *expired);
/* The following definitions come from winbindd/idmap_nss.c */
diff --git a/source/winbindd/idmap.c b/source/winbindd/idmap.c
index 32fc3dc..504be22 100644
--- a/source/winbindd/idmap.c
+++ b/source/winbindd/idmap.c
@@ -40,8 +40,6 @@ struct idmap_alloc_backend {
struct idmap_alloc_backend *prev, *next;
};
-struct idmap_cache_ctx;
-
struct idmap_alloc_context {
const char *params;
struct idmap_alloc_methods *methods;
@@ -49,7 +47,6 @@ struct idmap_alloc_context {
};
static TALLOC_CTX *idmap_ctx = NULL;
-static struct idmap_cache_ctx *idmap_cache;
static struct idmap_backend *backends = NULL;
static struct idmap_domain **idmap_domains = NULL;
@@ -246,7 +243,6 @@ NTSTATUS idmap_close(void)
/* this talloc_free call will fire the talloc destructors
* that will free all active backends resources */
TALLOC_FREE(idmap_ctx);
- idmap_cache = NULL;
idmap_domains = NULL;
backends = NULL;
@@ -269,10 +265,6 @@ NTSTATUS idmap_init_cache(void)
return NT_STATUS_NO_MEMORY;
}
- if ( (idmap_cache = idmap_cache_init(idmap_ctx)) == NULL ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return NT_STATUS_OK;
}
@@ -1185,7 +1177,8 @@ done:
return ret;
}
-static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids)
+static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids, int
+ num_ids)
{
struct id_map ***dom_ids;
struct idmap_domain *dom;
@@ -1213,7 +1206,7 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids)
/* partition the requests by domain */
- for (i = 0; ids[i]; i++) {
+ for (i = 0; i < num_ids; i++) {
uint32 idx;
if ((dom = find_idmap_domain_from_sid(ids[i]->sid)) == NULL) {
@@ -1253,7 +1246,7 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids)
/* ok all the backends have been contacted at this point */
/* let's see if we have any unmapped SID left and act accordingly */
- for (i = 0; ids[i]; i++) {
+ for (i = 0; i < num_ids; i++) {
/* NOTE: this will NOT touch ID_EXPIRED entries that the backend
* was not able to confirm/deny (offline mode) */
if (ids[i]->status == ID_UNKNOWN ||
@@ -1286,7 +1279,7 @@ done:
idmap interface functions
**************************************************************************/
-NTSTATUS idmap_unixids_to_sids(struct id_map **ids)
+NTSTATUS idmap_unixids_to_sids(struct id_map **ids, int n_ids)
{
TALLOC_CTX *ctx;
NTSTATUS ret;
@@ -1314,7 +1307,9 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids)
bids = NULL;
bi = 0;
- for (i = 0; ids[i]; i++) {
+ for (i = 0; i < n_ids; i++) {
+
+ bool found, mapped, expired;
if ( ! ids[i]->sid) {
DEBUG(1, ("invalid null SID in id_map array"));
@@ -1322,42 +1317,27 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids)
return NT_STATUS_INVALID_PARAMETER;
}
- ret = idmap_cache_map_id(idmap_cache, ids[i]);
+ ids[i]->status = ID_UNKNOWN;
- if ( ! NT_STATUS_IS_OK(ret)) {
+ found = idmap_cache_map_id(&ids[i]->xid, ids[i]->sid,
+ &mapped, &expired);
- if ( ! bids) {
- /* alloc space for ids to be resolved by
- * backends (realloc ten by ten) */
- bids = TALLOC_ARRAY(ctx, struct id_map *, 10);
- if ( ! bids) {
- DEBUG(1, ("Out of memory!\n"));
- talloc_free(ctx);
- return NT_STATUS_NO_MEMORY;
- }
- bn = 10;
- }
+ if (found) {
+ ids[i]->status = mapped ? ID_MAPPED : ID_UNMAPPED;
+ }
- /* add this id to the ones to be retrieved
- * from the backends */
- bids[bi] = ids[i];
- bi++;
-
- /* check if we need to allocate new space
- * on the rids array */
- if (bi == bn) {
- bn += 10;
- bids = talloc_realloc(ctx, bids,
- struct id_map *, bn);
- if ( ! bids) {
- DEBUG(1, ("Out of memory!\n"));
- talloc_free(ctx);
- return NT_STATUS_NO_MEMORY;
- }
- }
+ if (!found || (expired && IS_DOMAIN_ONLINE(our_domain))) {
- /* make sure the last element is NULL */
- bids[bi] = NULL;
+ /*
+ * Need to ask the backend
+ */
+
+ ADD_TO_ARRAY(ctx, struct id_map *, ids[i], &bids, &bn);
+ if (bids == NULL) {
+ DEBUG(1, ("Out of memory!\n"));
+ talloc_free(ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
}
}
@@ -1376,7 +1356,7 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids)
/* update the cache */
for (i = 0; i < bi; i++) {
if (bids[i]->status == ID_MAPPED) {
- ret = idmap_cache_set(idmap_cache, bids[i]);
+ ret = idmap_cache_set(bids[i]);
} else if (bids[i]->status == ID_EXPIRED) {
/* the cache returned an expired entry and the
* backend was not able to clear the situation
@@ -1391,8 +1371,7 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids)
* settle down. */
bids[i]->status = ID_UNMAPPED;
} else { /* unmapped */
- ret = idmap_cache_set_negative_id(idmap_cache,
- bids[i]);
+ ret = idmap_cache_set_negative_id(bids[i]);
}
IDMAP_CHECK_RET(ret);
}
@@ -1404,12 +1383,12 @@ done:
return ret;
}
-NTSTATUS idmap_sids_to_unixids(struct id_map **ids)
+NTSTATUS idmap_sids_to_unixids(struct id_map **ids, int n_ids)
{
TALLOC_CTX *ctx;
NTSTATUS ret;
struct id_map **bids;
- int i, bi;
+ int i;
int bn = 0;
struct winbindd_domain *our_domain = find_our_domain();
@@ -1430,9 +1409,10 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids)
/* no ids to be asked to the backends by default */
bids = NULL;
- bi = 0;
- for (i = 0; ids[i]; i++) {
+ for (i = 0; i < n_ids; i++) {
+
+ bool found, mapped, expired;
if ( ! ids[i]->sid) {
DEBUG(1, ("invalid null SID in id_map array\n"));
@@ -1440,42 +1420,27 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids)
return NT_STATUS_INVALID_PARAMETER;
}
- ret = idmap_cache_map_sid(idmap_cache, ids[i]);
+ ids[i]->status = ID_UNKNOWN;
- if ( ! NT_STATUS_IS_OK(ret)) {
+ found = idmap_cache_map_sid(ids[i]->sid, &ids[i]->xid,
+ &mapped, &expired);
- if ( ! bids) {
- /* alloc space for ids to be resolved
- by backends (realloc ten by ten) */
- bids = TALLOC_ARRAY(ctx, struct id_map *, 10);
- if ( ! bids) {
- DEBUG(1, ("Out of memory!\n"));
- talloc_free(ctx);
- return NT_STATUS_NO_MEMORY;
- }
- bn = 10;
- }
+ if (found) {
+ ids[i]->status = mapped ? ID_MAPPED : ID_UNMAPPED;
+ }
- /* add this id to the ones to be retrieved
- * from the backends */
- bids[bi] = ids[i];
- bi++;
-
- /* check if we need to allocate new space
- * on the ids array */
- if (bi == bn) {
- bn += 10;
- bids = talloc_realloc(ctx, bids,
- struct id_map *, bn);
- if ( ! bids) {
- DEBUG(1, ("Out of memory!\n"));
- talloc_free(ctx);
- return NT_STATUS_NO_MEMORY;
- }
- }
+ if (!found || (expired && IS_DOMAIN_ONLINE(our_domain))) {
- /* make sure the last element is NULL */
- bids[bi] = NULL;
+ /*
+ * Need to ask the backends
+ */
+
+ ADD_TO_ARRAY(ctx, struct id_map *, ids[i], &bids, &bn);
+ if (bids == NULL) {
+ DEBUG(1, ("Out of memory!\n"));
+ talloc_free(ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
}
}
@@ -1488,13 +1453,13 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids)
goto done;
}
- ret = idmap_backends_sids_to_unixids(bids);
+ ret = idmap_backends_sids_to_unixids(bids, bn);
IDMAP_CHECK_RET(ret);
/* update the cache */
- for (i = 0; bids[i]; i++) {
+ for (i = 0; i < bn; i++) {
if (bids[i]->status == ID_MAPPED) {
- ret = idmap_cache_set(idmap_cache, bids[i]);
+ ret = idmap_cache_set(bids[i]);
} else if (bids[i]->status == ID_EXPIRED) {
/* the cache returned an expired entry and the
* backend was not able to clear the situation
@@ -1509,8 +1474,7 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids)
* settle down. */
bids[i]->status = ID_UNMAPPED;
} else { /* unmapped */
- ret = idmap_cache_set_negative_sid(idmap_cache,
- bids[i]);
+ ret = idmap_cache_set_negative_sid(bids[i]);
}
IDMAP_CHECK_RET(ret);
}
@@ -1550,7 +1514,7 @@ NTSTATUS idmap_set_mapping(const struct id_map *id)
IDMAP_CHECK_RET(ret);
/* set the mapping in the cache */
- ret = idmap_cache_set(idmap_cache, id);
+ ret = idmap_cache_set(id);
IDMAP_CHECK_RET(ret);
done:
diff --git a/source/winbindd/idmap_cache.c b/source/winbindd/idmap_cache.c
index 8bf797f..191cadb 100644
--- a/source/winbindd/idmap_cache.c
+++ b/source/winbindd/idmap_cache.c
@@ -1,9 +1,8 @@
-/*
+/*
Unix SMB/CIFS implementation.
ID Mapping Cache
- based on gencache
-
+ Copyright (C) Volker Lendecke 2008
Copyright (C) Simo Sorce 2006
Copyright (C) Rafal Szczesniak 2002
@@ -23,52 +22,6 @@
#include "includes.h"
#include "winbindd.h"
-#define TIMEOUT_LEN 12
-#define IDMAP_CACHE_DATA_FMT "%12u/%s"
-
-struct idmap_cache_ctx {
- TDB_CONTEXT *tdb;
-};
-
-static int idmap_cache_destructor(struct idmap_cache_ctx *cache)
-{
- int ret = 0;
-
- if (cache && cache->tdb) {
- ret = tdb_close(cache->tdb);
- cache->tdb = NULL;
- }
-
- return ret;
-}
-
-struct idmap_cache_ctx *idmap_cache_init(TALLOC_CTX *memctx)
-{
- struct idmap_cache_ctx *cache;
- char* cache_fname = NULL;
-
- cache = talloc(memctx, struct idmap_cache_ctx);
- if ( ! cache) {
- DEBUG(0, ("Out of memory!\n"));
- return NULL;
- }
-
- cache_fname = lock_path("idmap_cache.tdb");
-
- DEBUG(10, ("Opening cache file at %s\n", cache_fname));
-
- cache->tdb = tdb_open_log(cache_fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
-
- if (!cache->tdb) {
- DEBUG(5, ("Attempt to open %s has failed.\n", cache_fname));
- return NULL;
- }
-
- talloc_set_destructor(cache, idmap_cache_destructor);
-
- return cache;
-}
-
static char *idmap_cache_sidkey(TALLOC_CTX *ctx, const DOM_SID *sid)
{
fstring sidstr;
@@ -77,21 +30,19 @@ static char *idmap_cache_sidkey(TALLOC_CTX *ctx, const DOM_SID *sid)
sid_to_fstring(sidstr, sid));
}
-static char *idmap_cache_idkey(TALLOC_CTX *ctx, const struct id_map *id)
+static char *idmap_cache_idkey(TALLOC_CTX *ctx, const struct unixid *xid)
{
return talloc_asprintf(ctx, "IDMAP/%s/%lu",
- (id->xid.type==ID_TYPE_UID)?"UID":"GID",
- (unsigned long)id->xid.id);
+ (xid->type==ID_TYPE_UID)?"UID":"GID",
+ (unsigned long)xid->id);
}
-NTSTATUS idmap_cache_set(struct idmap_cache_ctx *cache, const struct id_map *id)
+NTSTATUS idmap_cache_set(const struct id_map *id)
{
NTSTATUS ret;
time_t timeout = time(NULL) + lp_idmap_cache_time();
- TDB_DATA databuf;
char *sidkey;
char *idkey;
- char *valstr;
/* Don't cache lookups in the S-1-22-{1,2} domain */
@@ -100,415 +51,179 @@ NTSTATUS idmap_cache_set(struct idmap_cache_ctx *cache, const struct id_map *id)
return NT_STATUS_OK;
}
- sidkey = idmap_cache_sidkey(cache, id->sid);
+ sidkey = idmap_cache_sidkey(talloc_tos(), id->sid);
if (sidkey == NULL) {
return NT_STATUS_NO_MEMORY;
}
/* use sidkey as the local memory ctx */
- idkey = idmap_cache_idkey(sidkey, id);
+ idkey = idmap_cache_idkey(sidkey, &id->xid);
if (idkey == NULL) {
ret = NT_STATUS_NO_MEMORY;
goto done;
}
- /* save SID -> ID */
-
- /* use sidkey as the local memory ctx */
- valstr = talloc_asprintf(sidkey, IDMAP_CACHE_DATA_FMT, (int)timeout, idkey);
- if (!valstr) {
- DEBUG(0, ("Out of memory!\n"));
- ret = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- databuf = string_term_tdb_data(valstr);
- DEBUG(10, ("Adding cache entry with key = %s; value = %s and timeout ="
- " %s (%d seconds %s)\n", sidkey, valstr , ctime(&timeout),
- (int)(timeout - time(NULL)),
- timeout > time(NULL) ? "ahead" : "in the past"));
-
- if (tdb_store_bystring(cache->tdb, sidkey, databuf, TDB_REPLACE) != 0) {
- DEBUG(3, ("Failed to store cache entry!\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- /* save ID -> SID */
-
- /* use sidkey as the local memory ctx */
- valstr = talloc_asprintf(sidkey, IDMAP_CACHE_DATA_FMT, (int)timeout, sidkey);
- if (!valstr) {
- DEBUG(0, ("Out of memory!\n"));
- ret = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- databuf = string_term_tdb_data(valstr);
- DEBUG(10, ("Adding cache entry with key = %s; value = %s and timeout ="
- " %s (%d seconds %s)\n", idkey, valstr, ctime(&timeout),
- (int)(timeout - time(NULL)),
- timeout > time(NULL) ? "ahead" : "in the past"));
-
- if (tdb_store_bystring(cache->tdb, idkey, databuf, TDB_REPLACE) != 0) {
+ if (!gencache_set(idkey, sidkey, timeout)
+ || !gencache_set(sidkey, idkey, timeout)) {
DEBUG(3, ("Failed to store cache entry!\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
+ ret = NT_STATUS_ACCESS_DENIED;
goto done;
}
ret = NT_STATUS_OK;
done:
- talloc_free(sidkey);
+ TALLOC_FREE(sidkey);
return ret;
}
-NTSTATUS idmap_cache_set_negative_sid(struct idmap_cache_ctx *cache, const struct id_map *id)
+NTSTATUS idmap_cache_set_negative_sid(const struct id_map *id)
{
NTSTATUS ret = NT_STATUS_OK;
- time_t timeout = time(NULL) + lp_idmap_negative_cache_time();
- TDB_DATA databuf;
char *sidkey;
--
Samba Shared Repository
More information about the samba-cvs
mailing list