summaryrefslogtreecommitdiff
path: root/source3/passdb/lookup_sid.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/passdb/lookup_sid.c')
-rw-r--r--source3/passdb/lookup_sid.c96
1 files changed, 63 insertions, 33 deletions
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index 57152c34b5..706df48923 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -1301,20 +1301,28 @@ static bool legacy_sid_to_gid(const DOM_SID *psid, gid_t *pgid)
void uid_to_sid(DOM_SID *psid, uid_t uid)
{
+ bool expired = true;
+ bool ret;
ZERO_STRUCTP(psid);
if (fetch_sid_from_uid_cache(psid, uid))
return;
- if (!winbind_uid_to_sid(psid, uid)) {
- if (!winbind_ping()) {
- legacy_uid_to_sid(psid, uid);
+ /* Check the winbindd cache directly. */
+ ret = idmap_cache_find_uid2sid(uid, psid, &expired);
+
+ if (!ret || expired || (ret && is_null_sid(psid))) {
+ /* Not in cache. Ask winbindd. */
+ if (!winbind_uid_to_sid(psid, uid)) {
+ if (!winbind_ping()) {
+ legacy_uid_to_sid(psid, uid);
+ return;
+ }
+
+ DEBUG(5, ("uid_to_sid: winbind failed to find a sid for uid %u\n",
+ uid));
return;
}
-
- DEBUG(5, ("uid_to_sid: winbind failed to find a sid for uid %u\n",
- uid));
- return;
}
DEBUG(10,("uid %u -> sid %s\n", (unsigned int)uid,
@@ -1330,25 +1338,33 @@ void uid_to_sid(DOM_SID *psid, uid_t uid)
void gid_to_sid(DOM_SID *psid, gid_t gid)
{
+ bool expired = true;
+ bool ret;
ZERO_STRUCTP(psid);
if (fetch_sid_from_gid_cache(psid, gid))
return;
- if (!winbind_gid_to_sid(psid, gid)) {
- if (!winbind_ping()) {
- legacy_gid_to_sid(psid, gid);
+ /* Check the winbindd cache directly. */
+ ret = idmap_cache_find_gid2sid(gid, psid, &expired);
+
+ if (!ret || expired || (ret && is_null_sid(psid))) {
+ /* Not in cache. Ask winbindd. */
+ if (!winbind_gid_to_sid(psid, gid)) {
+ if (!winbind_ping()) {
+ legacy_gid_to_sid(psid, gid);
+ return;
+ }
+
+ DEBUG(5, ("gid_to_sid: winbind failed to find a sid for gid %u\n",
+ gid));
return;
}
-
- DEBUG(5, ("gid_to_sid: winbind failed to find a sid for gid %u\n",
- gid));
- return;
}
DEBUG(10,("gid %u -> sid %s\n", (unsigned int)gid,
sid_string_dbg(psid)));
-
+
store_gid_sid_cache(psid, gid);
return;
}
@@ -1359,6 +1375,8 @@ void gid_to_sid(DOM_SID *psid, gid_t gid)
bool sid_to_uid(const DOM_SID *psid, uid_t *puid)
{
+ bool expired = true;
+ bool ret;
uint32 rid;
gid_t gid;
@@ -1381,14 +1399,20 @@ bool sid_to_uid(const DOM_SID *psid, uid_t *puid)
return true;
}
- if (!winbind_sid_to_uid(puid, psid)) {
- if (!winbind_ping()) {
- return legacy_sid_to_uid(psid, puid);
- }
+ /* Check the winbindd cache directly. */
+ ret = idmap_cache_find_sid2uid(psid, puid, &expired);
- DEBUG(5, ("winbind failed to find a uid for sid %s\n",
- sid_string_dbg(psid)));
- return false;
+ if (!ret || expired || (ret && (*puid == (uid_t)-1))) {
+ /* Not in cache. Ask winbindd. */
+ if (!winbind_sid_to_uid(puid, psid)) {
+ if (!winbind_ping()) {
+ return legacy_sid_to_uid(psid, puid);
+ }
+
+ DEBUG(5, ("winbind failed to find a uid for sid %s\n",
+ sid_string_dbg(psid)));
+ return false;
+ }
}
/* TODO: Here would be the place to allocate both a gid and a uid for
@@ -1408,6 +1432,8 @@ bool sid_to_uid(const DOM_SID *psid, uid_t *puid)
bool sid_to_gid(const DOM_SID *psid, gid_t *pgid)
{
+ bool expired = true;
+ bool ret;
uint32 rid;
uid_t uid;
@@ -1429,24 +1455,28 @@ bool sid_to_gid(const DOM_SID *psid, gid_t *pgid)
return true;
}
- /* Ask winbindd if it can map this sid to a gid.
- * (Idmap will check it is a valid SID and of the right type) */
+ /* Check the winbindd cache directly. */
+ ret = idmap_cache_find_sid2gid(psid, pgid, &expired);
- if ( !winbind_sid_to_gid(pgid, psid) ) {
- if (!winbind_ping()) {
- return legacy_sid_to_gid(psid, pgid);
- }
+ if (!ret || expired || (ret && (*pgid == (gid_t)-1))) {
+ /* Not in cache or negative. Ask winbindd. */
+ /* Ask winbindd if it can map this sid to a gid.
+ * (Idmap will check it is a valid SID and of the right type) */
- DEBUG(10,("winbind failed to find a gid for sid %s\n",
- sid_string_dbg(psid)));
- return false;
+ if ( !winbind_sid_to_gid(pgid, psid) ) {
+ if (!winbind_ping()) {
+ return legacy_sid_to_gid(psid, pgid);
+ }
+
+ DEBUG(10,("winbind failed to find a gid for sid %s\n",
+ sid_string_dbg(psid)));
+ return false;
+ }
}
DEBUG(10,("sid %s -> gid %u\n", sid_string_dbg(psid),
(unsigned int)*pgid ));
store_gid_sid_cache(psid, *pgid);
-
return true;
}
-