summaryrefslogtreecommitdiff
path: root/src/responder
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2013-01-14 20:30:04 -0500
committerJakub Hrozek <jhrozek@redhat.com>2013-02-10 22:08:47 +0100
commitbba1a5fd62cffcae076d1351df5a83fbc4a6ec17 (patch)
tree8dbc22a528ccda8cc889a5297df2edb1919d86e6 /src/responder
parent1f800ebb0f190854b8296146174f3d696a426333 (diff)
downloadsssd-bba1a5fd62cffcae076d1351df5a83fbc4a6ec17.tar.gz
sssd-bba1a5fd62cffcae076d1351df5a83fbc4a6ec17.tar.bz2
sssd-bba1a5fd62cffcae076d1351df5a83fbc4a6ec17.zip
Change the way domains are linked.
- Use a double-linked list for domains and subdomains. - Never remove a subdomain, simply mark it as disabled if it becomes unused. - Rework the way subdomains are refreshed. Now sysdb_update_subdomains() actually updates the current subdomains and marks as disabled the ones not found in the sysdb or add new ones found. It never removes them. Removal of missing domains from sysdb is deferred to the providers, which will perform it at refresh time, for the ipa provider that is done by ipa_subdomains_write_mappings() now. sysdb_update_subdomains() is then used to update the memory hierarchy of the subdomains. - Removes sysdb_get_subdomains() - Removes copy_subdomain() - Add sysdb_subdomain_delete()
Diffstat (limited to 'src/responder')
-rw-r--r--src/responder/common/responder_common.c31
-rw-r--r--src/responder/common/responder_get_domains.c68
-rw-r--r--src/responder/pac/pacsrv_utils.c11
3 files changed, 32 insertions, 78 deletions
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index 3a634e03..877181f8 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -886,41 +886,32 @@ int sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain,
struct sss_domain_info *
responder_get_domain(TALLOC_CTX *sd_mem_ctx, struct resp_ctx *rctx,
- const char *domain)
+ const char *name)
{
time_t now = time(NULL);
time_t time_diff;
struct sss_domain_info *dom;
struct sss_domain_info *ret_dom = NULL;
- int i;
- for (dom = rctx->domains; dom; dom = get_next_domain(dom, false)) {
- if (strcasecmp(dom->name, domain) == 0 ||
+ for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ if (!dom->parent) {
+ time_diff = now - dom->subdomains_last_checked.tv_sec;
+ }
+ if (strcasecmp(dom->name, name) == 0 ||
(dom->flat_name != NULL &&
- strcasecmp(dom->flat_name, domain) == 0)) {
+ strcasecmp(dom->flat_name, name) == 0)) {
ret_dom = dom;
- break;
- }
-
- for (i = 0; i < dom->subdomain_count; i++) {
- if (strcasecmp(dom->subdomains[i]->name, domain) == 0 ||
- (dom->subdomains[i]->flat_name != NULL &&
- strcasecmp(dom->subdomains[i]->flat_name, domain) == 0)) {
- /* Sub-domains may come and go, so we better copy the struct
- * for each request. */
- ret_dom = copy_subdomain(sd_mem_ctx, dom->subdomains[i]);
+ if (!dom->parent ||
+ (dom->parent && time_diff < rctx->domains_timeout)) {
break;
}
}
- time_diff = now - dom->subdomains_last_checked.tv_sec;
- if (i < dom->subdomain_count && time_diff < rctx->domains_timeout) break;
}
- /* FIXME: we might want to return a real error, e.g. if copy_subdomain
- * fails. */
+
if (!ret_dom) {
DEBUG(SSSDBG_OP_FAILURE, ("Unknown domain [%s], checking for"
- "possible subdomains!\n", domain));
+ "possible subdomains!\n", name));
}
return ret_dom;
diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c
index 77e2b146..b69875e1 100644
--- a/src/responder/common/responder_get_domains.c
+++ b/src/responder/common/responder_get_domains.c
@@ -280,32 +280,6 @@ static errno_t
process_subdomains(struct sss_domain_info *domain)
{
int ret;
- size_t c;
- size_t subdomain_count;
- struct sss_domain_info **subdomains;
-
- /* Retrieve all subdomains of this domain from sysdb
- * and create their struct sss_domain_info representations
- */
- ret = sysdb_get_subdomains(domain, domain,
- &subdomain_count, &subdomains);
- if (ret != EOK) {
- DEBUG(SSSDBG_FUNC_DATA, ("sysdb_get_subdomains failed.\n"));
- goto done;
- }
-
- if (subdomain_count == 0) {
- talloc_zfree(domain->subdomains);
- domain->subdomain_count = 0;
- goto done;
- }
-
- /* Link all subdomains into single-linked list
- * (the list is used when processing all domains)
- */
- for (c = 0; c < subdomain_count - 1; c++) {
- subdomains[c]->next = subdomains[c + 1];
- }
if (domain->realm == NULL ||
domain->flat_name == NULL ||
@@ -318,6 +292,15 @@ process_subdomains(struct sss_domain_info *domain)
}
}
+ /* Retrieve all subdomains of this domain from sysdb
+ * and create their struct sss_domain_info representations
+ */
+ ret = sysdb_update_subdomains(domain);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_FUNC_DATA, ("sysdb_update_subdomains failed.\n"));
+ goto done;
+ }
+
errno = 0;
ret = gettimeofday(&domain->subdomains_last_checked, NULL);
if (ret == -1) {
@@ -325,17 +308,12 @@ process_subdomains(struct sss_domain_info *domain)
goto done;
}
- talloc_zfree(domain->subdomains);
- domain->subdomain_count = subdomain_count;
- domain->subdomains = subdomains;
-
ret = EOK;
done:
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("Failed to update sub-domains "
"of domain [%s].\n", domain->name));
- talloc_free(subdomains);
}
return ret;
@@ -366,32 +344,26 @@ static errno_t check_last_request(struct resp_ctx *rctx, const char *hint)
struct sss_domain_info *dom;
time_t now = time(NULL);
time_t diff;
- int i;
- diff = now-rctx->get_domains_last_call.tv_sec;
+ diff = now - rctx->get_domains_last_call.tv_sec;
if (diff >= rctx->domains_timeout) {
/* Timeout, expired, fetch domains again */
return EAGAIN;
}
if (hint != NULL) {
- dom = rctx->domains;
- while (dom) {
- for (i = 0; i< dom->subdomain_count; i++) {
- if (strcasecmp(dom->subdomains[i]->name, hint) == 0) {
- diff = now-dom->subdomains_last_checked.tv_sec;
- if (diff >= rctx->domains_timeout) {
- /* Timeout, expired, fetch domains again */
- return EAGAIN;
- }
- /* Skip the rest of this domain, but check other domains
- * perhaps this subdomain will be also a part of another
- * domain where it will need refreshing
- */
- break;
+ for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
+ if (dom->parent == NULL) {
+ diff = now - dom->subdomains_last_checked.tv_sec;
+ /* not a subdomain */
+ continue;
+ }
+ if (strcasecmp(dom->name, hint) == 0) {
+ if (diff >= rctx->domains_timeout) {
+ /* Timeout, expired, fetch domains again */
+ return EAGAIN;
}
}
- dom = get_next_domain(dom, false);
}
}
diff --git a/src/responder/pac/pacsrv_utils.c b/src/responder/pac/pacsrv_utils.c
index cab58264..2708e5a2 100644
--- a/src/responder/pac/pacsrv_utils.c
+++ b/src/responder/pac/pacsrv_utils.c
@@ -76,14 +76,13 @@ struct sss_domain_info *find_domain_by_id(struct sss_domain_info *domains,
{
struct sss_domain_info *dom;
struct sss_domain_info *ret_dom = NULL;
- size_t c;
if (id_str == NULL) {
DEBUG(SSSDBG_OP_FAILURE, ("Missing domain id.\n"));
return NULL;
}
- for (dom = domains; dom; dom = get_next_domain(dom, false)) {
+ for (dom = domains; dom; dom = get_next_domain(dom, true)) {
if (dom->domain_id == NULL) {
continue;
}
@@ -92,14 +91,6 @@ struct sss_domain_info *find_domain_by_id(struct sss_domain_info *domains,
ret_dom = dom;
break;
}
-
- for (c = 0; c < dom->subdomain_count; c++) {
- if (strcasecmp(dom->subdomains[c]->domain_id, id_str) == 0) {
- ret_dom = dom->subdomains[c];
- break;
- }
- }
-
}
if (!ret_dom) {