2 Unix SMB/CIFS implementation.
4 Trusted domain names cache on top of gencache.
6 Copyright (C) Rafal Szczesniak 2002
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 #define DBGC_CLASS DBGC_ALL /* there's no proper class yet */
28 #define TDOMKEY_FMT "TDOM/%s"
29 #define TDOMTSKEY "TDOMCACHE/TIMESTAMP"
33 * @file trustdom_cache.c
35 * Implementation of trusted domain names cache useful when
36 * samba acts as domain member server. In such case, caching
37 * domain names currently trusted gives a performance gain
38 * because there's no need to query PDC each time we need
39 * list of trusted domains
44 * Initialise trustdom name caching system. Call gencache
45 * initialisation routine to perform necessary activities.
47 * @return true upon successful cache initialisation or
48 * false if cache init failed
51 BOOL trustdom_cache_enable(void)
53 /* Init trustdom cache by calling gencache initialisation */
54 if (!gencache_init()) {
55 DEBUG(2, ("trustdomcache_enable: Couldn't initialise trustdom cache on top of gencache.\n"));
64 * Shutdown trustdom name caching system. Calls gencache
67 * @return true upon successful cache close or
71 BOOL trustdom_cache_shutdown(void)
73 /* Close trustdom cache by calling gencache shutdown */
74 if (!gencache_shutdown()) {
75 DEBUG(2, ("trustdomcache_shutdown: Couldn't shutdown trustdom cache on top of gencache.\n"));
84 * Form up trustdom name key. It is based only
87 * @param name trusted domain name
88 * @return cache key for use in gencache mechanism
91 static char* trustdom_cache_key(const char* name)
94 asprintf(&keystr, TDOMKEY_FMT, strupper_static(name));
101 * Store trusted domain in gencache as the domain name (key)
102 * and ip address of domain controller (value)
104 * @param name trusted domain name
105 * @param alt_name alternative trusted domain name (used in ADS domains)
106 * @param sid trusted domain's SID
107 * @param timeout cache entry expiration time
108 * @return true upon successful value storing or
109 * false if store attempt failed
112 BOOL trustdom_cache_store(char* name, char* alt_name, const DOM_SID *sid,
120 * we use gecache call to avoid annoying debug messages
121 * about initialised trustdom
123 if (!gencache_init())
126 DEBUG(5, ("trustdom_store: storing SID %s of domain %s\n",
127 sid_string_static(sid), name));
129 key = trustdom_cache_key(name);
130 alt_key = alt_name ? trustdom_cache_key(alt_name) : NULL;
132 /* Generate string representation domain SID */
133 sid_to_string(sid_string, sid);
136 * try to put the names in the cache
139 ret = gencache_set(alt_key, sid_string, timeout);
141 ret = gencache_set(key, sid_string, timeout);
148 ret = gencache_set(key, sid_string, timeout);
155 * Fetch trusted domain's dc from the gencache.
156 * This routine can also be used to check whether given
157 * domain is currently trusted one.
159 * @param name trusted domain name
160 * @param sid trusted domain's SID to be returned
161 * @return true if entry is found or
162 * false if has expired/doesn't exist
165 BOOL trustdom_cache_fetch(const char* name, DOM_SID* sid)
167 char *key = NULL, *value = NULL;
171 if (!gencache_init())
174 /* exit now if null pointers were passed as they're required further */
178 /* prepare a key and get the value */
179 key = trustdom_cache_key(name);
183 if (!gencache_get(key, &value, &timeout)) {
184 DEBUG(5, ("no entry for trusted domain %s found.\n", name));
189 DEBUG(5, ("trusted domain %s found (%s)\n", name, value));
192 /* convert ip string representation into in_addr structure */
193 if(! string_to_sid(sid, value)) {
204 /*******************************************************************
205 fetch the timestamp from the last update
206 *******************************************************************/
208 uint32 trustdom_cache_fetch_timestamp( void )
215 if (!gencache_init())
218 if (!gencache_get(TDOMTSKEY, &value, &timeout)) {
219 DEBUG(5, ("no timestamp for trusted domain cache located.\n"));
224 timestamp = atoi(value);
230 /*******************************************************************
231 store the timestamp from the last update
232 *******************************************************************/
234 BOOL trustdom_cache_store_timestamp( uint32 t, time_t timeout )
239 if (!gencache_init())
242 fstr_sprintf(value, "%d", t );
244 if (!gencache_set(TDOMTSKEY, value, timeout)) {
245 DEBUG(5, ("failed to set timestamp for trustdom_cache\n"));
253 /*******************************************************************
254 lock the timestamp entry in the trustdom_cache
255 *******************************************************************/
257 BOOL trustdom_cache_lock_timestamp( void )
259 return gencache_lock_entry( TDOMTSKEY ) != -1;
262 /*******************************************************************
263 unlock the timestamp entry in the trustdom_cache
264 *******************************************************************/
266 void trustdom_cache_unlock_timestamp( void )
268 gencache_unlock_entry( TDOMTSKEY );
272 * Delete single trustdom entry. Look at the
273 * gencache_iterate definition.
277 static void flush_trustdom_name(const char* key, const char *value, time_t timeout, void* dptr)
280 DEBUG(5, ("Deleting entry %s\n", key));
285 * Flush all the trusted domains entries from the cache.
288 void trustdom_cache_flush(void)
290 if (!gencache_init())
294 * iterate through each TDOM cache's entry and flush it
295 * by flush_trustdom_name function
297 gencache_iterate(flush_trustdom_name, NULL, trustdom_cache_key("*"));
298 DEBUG(5, ("Trusted domains cache flushed\n"));
301 /********************************************************************
302 update the trustdom_cache if needed
303 ********************************************************************/
304 #define TRUSTDOM_UPDATE_INTERVAL 600
306 void update_trustdom_cache( void )
313 TALLOC_CTX *mem_ctx = NULL;
314 time_t now = time(NULL);
317 /* get the timestamp. We have to initialise it if the last timestamp == 0 */
319 if ( (last_check = trustdom_cache_fetch_timestamp()) == 0 )
320 trustdom_cache_store_timestamp(0, now+TRUSTDOM_UPDATE_INTERVAL);
322 time_diff = (int) (now - last_check);
324 if ( (time_diff > 0) && (time_diff < TRUSTDOM_UPDATE_INTERVAL) ) {
325 DEBUG(10,("update_trustdom_cache: not time to update trustdom_cache yet\n"));
329 /* lock the timestamp */
330 if ( !trustdom_cache_lock_timestamp() )
333 if ( !(mem_ctx = talloc_init("update_trustdom_cache")) ) {
334 DEBUG(0,("update_trustdom_cache: talloc_init() failed!\n"));
338 /* get the domains and store them */
340 if ( enumerate_domain_trusts(mem_ctx, lp_workgroup(), &domain_names,
341 &num_domains, &dom_sids) )
343 for ( i=0; i<num_domains; i++ ) {
344 trustdom_cache_store( domain_names[i], NULL, &dom_sids[i],
345 now+TRUSTDOM_UPDATE_INTERVAL);
348 trustdom_cache_store_timestamp( now, now+TRUSTDOM_UPDATE_INTERVAL );
352 /* unlock and we're done */
353 trustdom_cache_unlock_timestamp();
355 talloc_destroy( mem_ctx );