The branch, master has been updated
via 9b9565c3e69 winbindd: set idmap cache entries as the last step in
async wb_xids2sids
via 62f54229fce winbindd: track whether a result from xid2sid was
coming from the cache
via 8e9c2a1f6ce winbindd: switch send-next/done order
via 7f23ef7b2cf winbindd: update xid in wb_xids2sids_state->xids with
what we got
via f8bf4fc6086 winbindd: convert id to a pointer in
wb_xids2sids_dom_done()
via 5d277ea7ea2 winbindd: make xids a const argument to
wb_xids2sids_send()
via f5a8bc2f945 winbindd: make a copy of xid's in wb_xids2sids_send()
from 0a1d1a57092 s3:winbindd: Remove unused arcfour.h from PAM handling
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 9b9565c3e69b92c298c7168e516387bb249c9e36
Author: Ralph Boehme <s...@samba.org>
Date: Thu Feb 21 16:55:09 2019 +0100
winbindd: set idmap cache entries as the last step in async wb_xids2sids
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Autobuild-User(master): Volker Lendecke <v...@samba.org>
Autobuild-Date(master): Sat Feb 23 09:23:22 CET 2019 on sn-devel-144
commit 62f54229fced20102e11ad1da02faef45c2a7c2e
Author: Ralph Boehme <s...@samba.org>
Date: Fri Feb 22 11:00:00 2019 +0100
winbindd: track whether a result from xid2sid was coming from the cache
This is needed in preparation of moving the step to update the idmap
cache from the per-idmap-domain callback wb_xids2sids_dom_done() to the
top-level callback wb_xids2sids_done().
Currently the sequence of action is:
* check cache, if not found:
* ask backends
* cache result from backend
* return results
Iow, if we got something from the cache, we don't write the cache.
The next commit defers updating the cache to the top-level callback, so
the sequence becomes
* check cache, if not found:
* ask backends
* cache results
* return results
This has two problems:
* it needlessly writes to the cache what we just got from it
* it possibly overwrites the ID_TYPE_BOTH for a SID-to-xid mapping in
the following case:
- existing ID_TYPE_BOTH mapping in the cache, eg:
IDMAP/SID2XID/S-1-5-21-2180672342-2513613279-2566592647-512 -> Value:
3000000:B
- someone calls wb_xids2sids_send() with
xid.id=3000000,xid.type=ID_TYPE_GID
- cache lookup with idmap_cache_find_gid2sid() succeeds
- when caching results we'd call idmap_cache_set_sid2unixid() with the
callers xid.type=ID_TYPE_GID, so idmap_cache_set_sid2unixid() will
overwrite the SID-to-xid mapping with ID_TYPE_GID
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 8e9c2a1f6ceb06d695a6572701b96a3e3821ac42
Author: Ralph Boehme <s...@samba.org>
Date: Thu Feb 21 16:52:21 2019 +0100
winbindd: switch send-next/done order
In preparation of adding more logic to the done step. No change in
behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 7f23ef7b2cf7bd6e8dc087aa15137292b421a689
Author: Ralph Boehme <s...@samba.org>
Date: Thu Feb 21 18:40:20 2019 +0100
winbindd: update xid in wb_xids2sids_state->xids with what we got
In preparation of priming the idmap cache in the top-level
wb_xids2sids_done(), not in the per-idmap-domain callback
wb_xids2sids_dom_done().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit f8bf4fc608639695651f75c52b31f95e796a5a26
Author: Ralph Boehme <s...@samba.org>
Date: Thu Feb 21 18:39:46 2019 +0100
winbindd: convert id to a pointer in wb_xids2sids_dom_done()
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 5d277ea7ea258676b9ea5081a451a5874af115f6
Author: Ralph Boehme <s...@samba.org>
Date: Fri Feb 22 16:29:07 2019 +0100
winbindd: make xids a const argument to wb_xids2sids_send()
The previous commit made an internal copy of xids, this commit makes it
more obvious that we must not mess with the xids argument but treat it as
an in-parameter and don't write to it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit f5a8bc2f945be45cdade5f70d4f975bae8337f67
Author: Ralph Boehme <s...@samba.org>
Date: Thu Feb 21 18:34:51 2019 +0100
winbindd: make a copy of xid's in wb_xids2sids_send()
This is in preparation of setting the result of the mapping in the top-
level callback wb_xids2sids_done(), not in the per-idmap-domain callback
wb_xids2sids_dom_done().
When caching the mapping we need the id-type from the backend, so we
need a way to pass up that information from wb_xids2sids_dom_done() up
to wb_xids2sids_done()
The xids array copy gets passed from wb_xids2sids_send() to
wb_xids2sids_dom_send(), so wb_xids2sids_dom_done() can then directly
update the top-level copy.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/winbindd/wb_xids2sids.c | 74 +++++++++++++++++++++++++++------------
source3/winbindd/winbindd_proto.h | 2 +-
2 files changed, 52 insertions(+), 24 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/wb_xids2sids.c b/source3/winbindd/wb_xids2sids.c
index 310a645cdff..95dda89e40f 100644
--- a/source3/winbindd/wb_xids2sids.c
+++ b/source3/winbindd/wb_xids2sids.c
@@ -357,9 +357,9 @@ static void wb_xids2sids_dom_done(struct tevent_req *subreq)
dom_sid_idx = 0;
for (i=0; i<state->num_all_xids; i++) {
- struct unixid id = state->all_xids[i];
+ struct unixid *id = &state->all_xids[i];
- if ((id.id < dom_map->low_id) || (id.id > dom_map->high_id)) {
+ if ((id->id < dom_map->low_id) || (id->id > dom_map->high_id)) {
/* out of range */
continue;
}
@@ -369,17 +369,7 @@ static void wb_xids2sids_dom_done(struct tevent_req
*subreq)
}
sid_copy(&state->all_sids[i], &state->dom_sids[dom_sid_idx]);
-
- /*
- * Prime the cache after an xid2sid call. It's
- * important that we use state->dom_xids for the xid
- * value, not state->all_xids: state->all_xids carries
- * what we asked for, e.g. a
- * ID_TYPE_UID. state->dom_xids holds something the
- * idmap child possibly changed to ID_TYPE_BOTH.
- */
- idmap_cache_set_sid2unixid(
- &state->all_sids[i], &state->dom_xids[dom_sid_idx]);
+ *id = state->dom_xids[dom_sid_idx];
dom_sid_idx += 1;
}
@@ -431,6 +421,7 @@ struct wb_xids2sids_state {
struct unixid *xids;
size_t num_xids;
struct dom_sid *sids;
+ bool *cached;
size_t dom_idx;
};
@@ -440,7 +431,7 @@ static void wb_xids2sids_init_dom_maps_done(struct
tevent_req *subreq);
struct tevent_req *wb_xids2sids_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
- struct unixid *xids,
+ const struct unixid *xids,
uint32_t num_xids)
{
struct tevent_req *req, *subreq;
@@ -452,14 +443,24 @@ struct tevent_req *wb_xids2sids_send(TALLOC_CTX *mem_ctx,
return NULL;
}
state->ev = ev;
- state->xids = xids;
state->num_xids = num_xids;
+ state->xids = talloc_array(state, struct unixid, num_xids);
+ if (tevent_req_nomem(state->xids, req)) {
+ return tevent_req_post(req, ev);
+ }
+ memcpy(state->xids, xids, num_xids * sizeof(struct unixid));
+
state->sids = talloc_zero_array(state, struct dom_sid, num_xids);
if (tevent_req_nomem(state->sids, req)) {
return tevent_req_post(req, ev);
}
+ state->cached = talloc_zero_array(state, bool, num_xids);
+ if (tevent_req_nomem(state->cached, req)) {
+ return tevent_req_post(req, ev);
+ }
+
if (winbindd_use_idmap_cache()) {
uint32_t i;
@@ -487,6 +488,7 @@ struct tevent_req *wb_xids2sids_send(TALLOC_CTX *mem_ctx,
dom_sid_str_buf(&sid, &buf));
sid_copy(&state->sids[i], &sid);
+ state->cached[i] = true;
}
}
}
@@ -538,6 +540,7 @@ static void wb_xids2sids_done(struct tevent_req *subreq)
struct wb_xids2sids_state *state = tevent_req_data(
req, struct wb_xids2sids_state);
size_t num_domains = talloc_array_length(dom_maps);
+ size_t i;
NTSTATUS status;
status = wb_xids2sids_dom_recv(subreq);
@@ -548,18 +551,43 @@ static void wb_xids2sids_done(struct tevent_req *subreq)
state->dom_idx += 1;
- if (state->dom_idx >= num_domains) {
- tevent_req_done(req);
+ if (state->dom_idx < num_domains) {
+ subreq = wb_xids2sids_dom_send(state,
+ state->ev,
+ &dom_maps[state->dom_idx],
+ state->xids,
+ state->num_xids,
+ state->sids);
+ if (tevent_req_nomem(subreq, req)) {
+ return;
+ }
+ tevent_req_set_callback(subreq, wb_xids2sids_done, req);
return;
}
- subreq = wb_xids2sids_dom_send(
- state, state->ev, &dom_maps[state->dom_idx],
- state->xids, state->num_xids, state->sids);
- if (tevent_req_nomem(subreq, req)) {
- return;
+
+ for (i = 0; i < state->num_xids; i++) {
+ /*
+ * Prime the cache after an xid2sid call. It's important that we
+ * use the xid value returned from the backend for the xid value
+ * passed to idmap_cache_set_sid2unixid(), not the input to
+ * wb_xids2sids_send: the input carries what was asked for,
+ * e.g. a ID_TYPE_UID. The result from the backend something the
+ * idmap child possibly changed to ID_TYPE_BOTH.
+ *
+ * And of course If the value was from the cache don't update
+ * the cache.
+ */
+
+ if (state->cached[i]) {
+ continue;
+ }
+
+ idmap_cache_set_sid2unixid(&state->sids[i], &state->xids[i]);
}
- tevent_req_set_callback(subreq, wb_xids2sids_done, req);
+
+ tevent_req_done(req);
+ return;
}
NTSTATUS wb_xids2sids_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
diff --git a/source3/winbindd/winbindd_proto.h
b/source3/winbindd/winbindd_proto.h
index c524d2050df..2a829b0171a 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -919,7 +919,7 @@ NTSTATUS winbindd_sids_to_xids_recv(struct tevent_req *req,
struct winbindd_response *response);
struct tevent_req *wb_xids2sids_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
- struct unixid *xids,
+ const struct unixid *xids,
uint32_t num_xids);
NTSTATUS wb_xids2sids_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
struct dom_sid **sids);
--
Samba Shared Repository
