diff options
Diffstat (limited to 'source3/passdb/lookup_sid.c')
-rw-r--r-- | source3/passdb/lookup_sid.c | 96 |
1 files changed, 63 insertions, 33 deletions
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 57152c34b5..706df48923 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -1301,20 +1301,28 @@ static bool legacy_sid_to_gid(const DOM_SID *psid, gid_t *pgid) void uid_to_sid(DOM_SID *psid, uid_t uid) { + bool expired = true; + bool ret; ZERO_STRUCTP(psid); if (fetch_sid_from_uid_cache(psid, uid)) return; - if (!winbind_uid_to_sid(psid, uid)) { - if (!winbind_ping()) { - legacy_uid_to_sid(psid, uid); + /* Check the winbindd cache directly. */ + ret = idmap_cache_find_uid2sid(uid, psid, &expired); + + if (!ret || expired || (ret && is_null_sid(psid))) { + /* Not in cache. Ask winbindd. */ + if (!winbind_uid_to_sid(psid, uid)) { + if (!winbind_ping()) { + legacy_uid_to_sid(psid, uid); + return; + } + + DEBUG(5, ("uid_to_sid: winbind failed to find a sid for uid %u\n", + uid)); return; } - - DEBUG(5, ("uid_to_sid: winbind failed to find a sid for uid %u\n", - uid)); - return; } DEBUG(10,("uid %u -> sid %s\n", (unsigned int)uid, @@ -1330,25 +1338,33 @@ void uid_to_sid(DOM_SID *psid, uid_t uid) void gid_to_sid(DOM_SID *psid, gid_t gid) { + bool expired = true; + bool ret; ZERO_STRUCTP(psid); if (fetch_sid_from_gid_cache(psid, gid)) return; - if (!winbind_gid_to_sid(psid, gid)) { - if (!winbind_ping()) { - legacy_gid_to_sid(psid, gid); + /* Check the winbindd cache directly. */ + ret = idmap_cache_find_gid2sid(gid, psid, &expired); + + if (!ret || expired || (ret && is_null_sid(psid))) { + /* Not in cache. Ask winbindd. */ + if (!winbind_gid_to_sid(psid, gid)) { + if (!winbind_ping()) { + legacy_gid_to_sid(psid, gid); + return; + } + + DEBUG(5, ("gid_to_sid: winbind failed to find a sid for gid %u\n", + gid)); return; } - - DEBUG(5, ("gid_to_sid: winbind failed to find a sid for gid %u\n", - gid)); - return; } DEBUG(10,("gid %u -> sid %s\n", (unsigned int)gid, sid_string_dbg(psid))); - + store_gid_sid_cache(psid, gid); return; } @@ -1359,6 +1375,8 @@ void gid_to_sid(DOM_SID *psid, gid_t gid) bool sid_to_uid(const DOM_SID *psid, uid_t *puid) { + bool expired = true; + bool ret; uint32 rid; gid_t gid; @@ -1381,14 +1399,20 @@ bool sid_to_uid(const DOM_SID *psid, uid_t *puid) return true; } - if (!winbind_sid_to_uid(puid, psid)) { - if (!winbind_ping()) { - return legacy_sid_to_uid(psid, puid); - } + /* Check the winbindd cache directly. */ + ret = idmap_cache_find_sid2uid(psid, puid, &expired); - DEBUG(5, ("winbind failed to find a uid for sid %s\n", - sid_string_dbg(psid))); - return false; + if (!ret || expired || (ret && (*puid == (uid_t)-1))) { + /* Not in cache. Ask winbindd. */ + if (!winbind_sid_to_uid(puid, psid)) { + if (!winbind_ping()) { + return legacy_sid_to_uid(psid, puid); + } + + DEBUG(5, ("winbind failed to find a uid for sid %s\n", + sid_string_dbg(psid))); + return false; + } } /* TODO: Here would be the place to allocate both a gid and a uid for @@ -1408,6 +1432,8 @@ bool sid_to_uid(const DOM_SID *psid, uid_t *puid) bool sid_to_gid(const DOM_SID *psid, gid_t *pgid) { + bool expired = true; + bool ret; uint32 rid; uid_t uid; @@ -1429,24 +1455,28 @@ bool sid_to_gid(const DOM_SID *psid, gid_t *pgid) return true; } - /* Ask winbindd if it can map this sid to a gid. - * (Idmap will check it is a valid SID and of the right type) */ + /* Check the winbindd cache directly. */ + ret = idmap_cache_find_sid2gid(psid, pgid, &expired); - if ( !winbind_sid_to_gid(pgid, psid) ) { - if (!winbind_ping()) { - return legacy_sid_to_gid(psid, pgid); - } + if (!ret || expired || (ret && (*pgid == (gid_t)-1))) { + /* Not in cache or negative. Ask winbindd. */ + /* Ask winbindd if it can map this sid to a gid. + * (Idmap will check it is a valid SID and of the right type) */ - DEBUG(10,("winbind failed to find a gid for sid %s\n", - sid_string_dbg(psid))); - return false; + if ( !winbind_sid_to_gid(pgid, psid) ) { + if (!winbind_ping()) { + return legacy_sid_to_gid(psid, pgid); + } + + DEBUG(10,("winbind failed to find a gid for sid %s\n", + sid_string_dbg(psid))); + return false; + } } DEBUG(10,("sid %s -> gid %u\n", sid_string_dbg(psid), (unsigned int)*pgid )); store_gid_sid_cache(psid, *pgid); - return true; } - |