This is needed in preparation of moving the step to update the idmap
cache from the per-idmap-domain callback wb_xids2sids_dom_done() to the
top-level callback wb_xids2sids_done().
Currently the sequence of action is:
* check cache, if not found:
* ask backends
* cache result from backend
* return results
Iow, if we got something from the cache, we don't write the cache.
The next commit defers updating the cache to the top-level callback, so
the sequence becomes
* check cache, if not found:
* ask backends
* cache results
* return results
This has two problems:
* it needlessly writes to the cache what we just got from it
* it possibly overwrites the ID_TYPE_BOTH for a SID-to-xid mapping in
the following case:
- existing ID_TYPE_BOTH mapping in the cache, eg:
IDMAP/SID2XID/S-1-5-21-
2180672342-
2513613279-
2566592647-512 -> Value:
3000000:B
- someone calls wb_xids2sids_send() with xid.id=
3000000,xid.type=ID_TYPE_GID
- cache lookup with idmap_cache_find_gid2sid() succeeds
- when caching results we'd call idmap_cache_set_sid2unixid() with the
callers xid.type=ID_TYPE_GID, so idmap_cache_set_sid2unixid() will
overwrite the SID-to-xid mapping with ID_TYPE_GID
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
62f54229fced20102e11ad1da02faef45c2a7c2e)
struct unixid *xids;
size_t num_xids;
struct dom_sid *sids;
+ bool *cached;
size_t dom_idx;
};
return tevent_req_post(req, ev);
}
+ state->cached = talloc_zero_array(state, bool, num_xids);
+ if (tevent_req_nomem(state->cached, req)) {
+ return tevent_req_post(req, ev);
+ }
+
if (winbindd_use_idmap_cache()) {
uint32_t i;
if (ok && !expired) {
sid_copy(&state->sids[i], &sid);
+ state->cached[i] = true;
}
}
}