URL: https://github.com/SSSD/sssd/pull/779 Author: alexey-tikhonov Title: #779: negcache: avoid "is_*_local" calls in some cases Action: opened
PR body: """ "use_local_negative" argument of `sss_ncache_set_str()` function only makes sense in case of non permanent record. So it is possible to avoid blocking (and thus dangerous) "is_local*()" calls in case "permanent == true" Resolves: https://pagure.io/SSSD/sssd/issue/3963 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/779/head:pr779 git checkout pr779
From a146319caca490c8c0baab7153ac6d0d403ea4cf Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov <atikh...@redhat.com> Date: Thu, 14 Mar 2019 12:22:40 +0100 Subject: [PATCH] negcache: avoid "is_*_local" calls in some cases "use_local_negative" argument of `sss_ncache_set_str()` function only makes sense in case of non permanent record. So it is possible to avoid blocking (and thus dangerous) "is_local*()" calls in case "permanent == true" Resolves: https://pagure.io/SSSD/sssd/issue/3963 --- src/responder/common/negcache.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index c5c43178f0..479d527434 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -487,7 +487,7 @@ static int sss_ncache_set_user_int(struct sss_nc_ctx *ctx, bool permanent, str = talloc_asprintf(ctx, "%s/%s/%s", NC_USER_PREFIX, domain, name); if (!str) return ENOMEM; - if (ctx->local_timeout > 0) { + if ((!permanent) && (ctx->local_timeout > 0)) { use_local_negative = is_user_local_by_name(name); } ret = sss_ncache_set_str(ctx, str, permanent, use_local_negative); @@ -508,7 +508,7 @@ static int sss_ncache_set_group_int(struct sss_nc_ctx *ctx, bool permanent, str = talloc_asprintf(ctx, "%s/%s/%s", NC_GROUP_PREFIX, domain, name); if (!str) return ENOMEM; - if (ctx->local_timeout > 0) { + if ((!permanent) && (ctx->local_timeout > 0)) { use_local_negative = is_group_local_by_name(name); } ret = sss_ncache_set_str(ctx, str, permanent, use_local_negative); @@ -605,7 +605,7 @@ int sss_ncache_set_uid(struct sss_nc_ctx *ctx, bool permanent, } if (!str) return ENOMEM; - if (ctx->local_timeout > 0) { + if ((!permanent) && (ctx->local_timeout > 0)) { use_local_negative = is_user_local_by_uid(uid); } ret = sss_ncache_set_str(ctx, str, permanent, use_local_negative); @@ -629,7 +629,7 @@ int sss_ncache_set_gid(struct sss_nc_ctx *ctx, bool permanent, } if (!str) return ENOMEM; - if (ctx->local_timeout > 0) { + if ((!permanent) && (ctx->local_timeout > 0)) { use_local_negative = is_group_local_by_gid(gid); } ret = sss_ncache_set_str(ctx, str, permanent, use_local_negative);
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org