From 29e16f4737c6e955a18bc1130d06dcf17b7cb0d1 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Fri, 22 Feb 2019 11:00:00 +0100 Subject: winbindd: track whether a result from xid2sid was coming from the cache This is needed in preparation of moving the step to update the idmap cache from the per-idmap-domain callback wb_xids2sids_dom_done() to the top-level callback wb_xids2sids_done(). Currently the sequence of action is: * check cache, if not found: * ask backends * cache result from backend * return results Iow, if we got something from the cache, we don't write the cache. The next commit defers updating the cache to the top-level callback, so the sequence becomes * check cache, if not found: * ask backends * cache results * return results This has two problems: * it needlessly writes to the cache what we just got from it * it possibly overwrites the ID_TYPE_BOTH for a SID-to-xid mapping in the following case: - existing ID_TYPE_BOTH mapping in the cache, eg: IDMAP/SID2XID/S-1-5-21-2180672342-2513613279-2566592647-512 -> Value: 3000000:B - someone calls wb_xids2sids_send() with xid.id=3000000,xid.type=ID_TYPE_GID - cache lookup with idmap_cache_find_gid2sid() succeeds - when caching results we'd call idmap_cache_set_sid2unixid() with the callers xid.type=ID_TYPE_GID, so idmap_cache_set_sid2unixid() will overwrite the SID-to-xid mapping with ID_TYPE_GID Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke (cherry picked from commit 62f54229fced20102e11ad1da02faef45c2a7c2e) --- source3/winbindd/wb_xids2sids.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/source3/winbindd/wb_xids2sids.c b/source3/winbindd/wb_xids2sids.c index d769328a15e..dcbbe8d510d 100644 --- a/source3/winbindd/wb_xids2sids.c +++ b/source3/winbindd/wb_xids2sids.c @@ -429,6 +429,7 @@ struct wb_xids2sids_state { struct unixid *xids; size_t num_xids; struct dom_sid *sids; + bool *cached; size_t dom_idx; }; @@ -463,6 +464,11 @@ struct tevent_req *wb_xids2sids_send(TALLOC_CTX *mem_ctx, return tevent_req_post(req, ev); } + state->cached = talloc_zero_array(state, bool, num_xids); + if (tevent_req_nomem(state->cached, req)) { + return tevent_req_post(req, ev); + } + if (winbindd_use_idmap_cache()) { uint32_t i; @@ -485,6 +491,7 @@ struct tevent_req *wb_xids2sids_send(TALLOC_CTX *mem_ctx, if (ok && !expired) { sid_copy(&state->sids[i], &sid); + state->cached[i] = true; } } } -- cgit v1.2.1