diff options
Diffstat (limited to 'server/responder/nss')
-rw-r--r-- | server/responder/nss/nsssrv.c | 11 | ||||
-rw-r--r-- | server/responder/nss/nsssrv.h | 2 | ||||
-rw-r--r-- | server/responder/nss/nsssrv_cmd.c | 20 |
3 files changed, 24 insertions, 9 deletions
diff --git a/server/responder/nss/nsssrv.c b/server/responder/nss/nsssrv.c index 272cd38b..dad1c7c1 100644 --- a/server/responder/nss/nsssrv.c +++ b/server/responder/nss/nsssrv.c @@ -103,13 +103,14 @@ static int nss_get_config(struct nss_ctx *nctx, ret = confdb_get_int(cdb, nctx, CONFDB_NSS_CONF_ENTRY, - CONFDB_NSS_ENTRY_CACHE_NOWAIT_TIMEOUT, 0, - &nctx->cache_refresh_timeout); + CONFDB_NSS_ENTRY_CACHE_NOWAIT_PERCENTAGE, 0, + &nctx->cache_refresh_percent); if (ret != EOK) goto done; - if (nctx->cache_refresh_timeout < 0) { - DEBUG(0,("Configuration error: EntryCacheNoWaitRefreshTimeout is" + if (nctx->cache_refresh_percent < 0 || + nctx->cache_refresh_percent > 99) { + DEBUG(0,("Configuration error: entry_cache_nowait_percentage is" "invalid. Disabling feature.\n")); - nctx->cache_refresh_timeout = 0; + nctx->cache_refresh_percent = 0; } ret = confdb_get_string_as_list(cdb, tmpctx, CONFDB_NSS_CONF_ENTRY, diff --git a/server/responder/nss/nsssrv.h b/server/responder/nss/nsssrv.h index 0c2ea487..464481d7 100644 --- a/server/responder/nss/nsssrv.h +++ b/server/responder/nss/nsssrv.h @@ -47,7 +47,7 @@ struct nss_ctx { int neg_timeout; struct nss_nc_ctx *ncache; - int cache_refresh_timeout; + int cache_refresh_percent; int enum_cache_timeout; time_t last_user_enum; diff --git a/server/responder/nss/nsssrv_cmd.c b/server/responder/nss/nsssrv_cmd.c index 3d4226fb..8f4f5db8 100644 --- a/server/responder/nss/nsssrv_cmd.c +++ b/server/responder/nss/nsssrv_cmd.c @@ -278,10 +278,10 @@ static errno_t check_cache(struct nss_dom_ctx *dctx, { errno_t ret; int timeout; - int refresh_timeout; time_t now; uint64_t lastUpdate; uint64_t cacheExpire; + uint64_t midpoint_refresh; struct nss_cmd_ctx *cmdctx = dctx->cmdctx; struct cli_ctx *cctx = cmdctx->cctx; bool call_provider = false; @@ -298,13 +298,26 @@ static errno_t check_cache(struct nss_dom_ctx *dctx, } else if ((req_type == SSS_DP_GROUP) || ((req_type == SSS_DP_USER) && (res->count == 1))) { - refresh_timeout = nctx->cache_refresh_timeout; now = time(NULL); lastUpdate = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_LAST_UPDATE, 0); cacheExpire = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_CACHE_EXPIRE, 0); + + midpoint_refresh = 0; + if(nctx->cache_refresh_percent) { + midpoint_refresh = lastUpdate + + (cacheExpire - lastUpdate)*nctx->cache_refresh_percent/100; + if (midpoint_refresh - lastUpdate < 10) { + /* If the percentage results in an expiration + * less than ten seconds after the lastUpdate time, + * that's too often we will simply set it to 10s + */ + midpoint_refresh = lastUpdate+10; + } + } + if (cacheExpire < now) { /* This is a cache miss. We need to get the updated user * information before returning it. @@ -312,11 +325,12 @@ static errno_t check_cache(struct nss_dom_ctx *dctx, call_provider = true; cb = callback; } - else if (refresh_timeout && (lastUpdate + refresh_timeout < now)) { + else if (midpoint_refresh && midpoint_refresh < now) { /* We're past the the cache refresh timeout * We'll return the value from the cache, but we'll also * queue the cache entry for update out-of-band. */ + DEBUG(6, ("Performing midpoint cache update on [%s]\n", opt_name)); call_provider = true; cb = NULL; } |