2 Unix SMB/CIFS implementation.
4 Trusted domain names cache on top of gencache.
6 Copyright (C) Rafal Szczesniak 2002
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #define DBGC_CLASS DBGC_ALL /* there's no proper class yet */
27 #define TDOMKEY_FMT "TDOM/%s"
28 #define TDOMTSKEY "TDOMCACHE/TIMESTAMP"
32 * @file trustdom_cache.c
34 * Implementation of trusted domain names cache useful when
35 * samba acts as domain member server. In such case, caching
36 * domain names currently trusted gives a performance gain
37 * because there's no need to query PDC each time we need
38 * list of trusted domains
43 * Initialise trustdom name caching system. Call gencache
44 * initialisation routine to perform necessary activities.
46 * @return true upon successful cache initialisation or
47 * false if cache init failed
50 bool trustdom_cache_enable(void)
52 /* Init trustdom cache by calling gencache initialisation */
53 if (!gencache_init()) {
54 DEBUG(2, ("trustdomcache_enable: Couldn't initialise trustdom cache on top of gencache.\n"));
63 * Shutdown trustdom name caching system. Calls gencache
66 * @return true upon successful cache close or
70 bool trustdom_cache_shutdown(void)
72 /* Close trustdom cache by calling gencache shutdown */
73 if (!gencache_shutdown()) {
74 DEBUG(2, ("trustdomcache_shutdown: Couldn't shutdown trustdom cache on top of gencache.\n"));
83 * Form up trustdom name key. It is based only
86 * @param name trusted domain name
87 * @return cache key for use in gencache mechanism
90 static char* trustdom_cache_key(const char* name
)
93 asprintf_strupper_m(&keystr
, TDOMKEY_FMT
, name
);
100 * Store trusted domain in gencache as the domain name (key)
101 * and trusted domain's SID (value)
103 * @param name trusted domain name
104 * @param alt_name alternative trusted domain name (used in ADS domains)
105 * @param sid trusted domain's SID
106 * @param timeout cache entry expiration time
107 * @return true upon successful value storing or
108 * false if store attempt failed
111 bool trustdom_cache_store(char* name
, char* alt_name
, const DOM_SID
*sid
,
119 * we use gecache call to avoid annoying debug messages
120 * about initialised trustdom
122 if (!gencache_init())
125 DEBUG(5, ("trustdom_store: storing SID %s of domain %s\n",
126 sid_string_static(sid
), name
));
128 key
= trustdom_cache_key(name
);
129 alt_key
= alt_name
? trustdom_cache_key(alt_name
) : NULL
;
131 /* Generate string representation domain SID */
132 sid_to_string(sid_string
, sid
);
135 * try to put the names in the cache
138 ret
= gencache_set(alt_key
, sid_string
, timeout
);
140 ret
= gencache_set(key
, sid_string
, timeout
);
147 ret
= gencache_set(key
, sid_string
, timeout
);
154 * Fetch trusted domain's SID from the gencache.
155 * This routine can also be used to check whether given
156 * domain is currently trusted one.
158 * @param name trusted domain name
159 * @param sid trusted domain's SID to be returned
160 * @return true if entry is found or
161 * false if has expired/doesn't exist
164 bool trustdom_cache_fetch(const char* name
, DOM_SID
* sid
)
166 char *key
= NULL
, *value
= NULL
;
170 if (!gencache_init())
173 /* exit now if null pointers were passed as they're required further */
177 /* prepare a key and get the value */
178 key
= trustdom_cache_key(name
);
182 if (!gencache_get(key
, &value
, &timeout
)) {
183 DEBUG(5, ("no entry for trusted domain %s found.\n", name
));
188 DEBUG(5, ("trusted domain %s found (%s)\n", name
, value
));
191 /* convert sid string representation into DOM_SID structure */
192 if(! string_to_sid(sid
, value
)) {
203 /*******************************************************************
204 fetch the timestamp from the last update
205 *******************************************************************/
207 uint32
trustdom_cache_fetch_timestamp( void )
214 if (!gencache_init())
217 if (!gencache_get(TDOMTSKEY
, &value
, &timeout
)) {
218 DEBUG(5, ("no timestamp for trusted domain cache located.\n"));
223 timestamp
= atoi(value
);
229 /*******************************************************************
230 store the timestamp from the last update
231 *******************************************************************/
233 bool trustdom_cache_store_timestamp( uint32 t
, time_t timeout
)
238 if (!gencache_init())
241 fstr_sprintf(value
, "%d", t
);
243 if (!gencache_set(TDOMTSKEY
, value
, timeout
)) {
244 DEBUG(5, ("failed to set timestamp for trustdom_cache\n"));
253 * Delete single trustdom entry. Look at the
254 * gencache_iterate definition.
258 static void flush_trustdom_name(const char* key
, const char *value
, time_t timeout
, void* dptr
)
261 DEBUG(5, ("Deleting entry %s\n", key
));
266 * Flush all the trusted domains entries from the cache.
269 void trustdom_cache_flush(void)
271 if (!gencache_init())
275 * iterate through each TDOM cache's entry and flush it
276 * by flush_trustdom_name function
278 gencache_iterate(flush_trustdom_name
, NULL
, trustdom_cache_key("*"));
279 DEBUG(5, ("Trusted domains cache flushed\n"));
282 /********************************************************************
283 update the trustdom_cache if needed
284 ********************************************************************/
285 #define TRUSTDOM_UPDATE_INTERVAL 600
287 void update_trustdom_cache( void )
294 TALLOC_CTX
*mem_ctx
= NULL
;
295 time_t now
= time(NULL
);
298 /* get the timestamp. We have to initialise it if the last timestamp == 0 */
299 if ( (last_check
= trustdom_cache_fetch_timestamp()) == 0 )
300 trustdom_cache_store_timestamp(0, now
+TRUSTDOM_UPDATE_INTERVAL
);
302 time_diff
= (int) (now
- last_check
);
304 if ( (time_diff
> 0) && (time_diff
< TRUSTDOM_UPDATE_INTERVAL
) ) {
305 DEBUG(10,("update_trustdom_cache: not time to update trustdom_cache yet\n"));
309 /* note that we don't lock the timestamp. This prevents this
310 smbd from blocking all other smbd daemons while we
311 enumerate the trusted domains */
312 trustdom_cache_store_timestamp(now
, now
+TRUSTDOM_UPDATE_INTERVAL
);
314 if ( !(mem_ctx
= talloc_init("update_trustdom_cache")) ) {
315 DEBUG(0,("update_trustdom_cache: talloc_init() failed!\n"));
319 /* get the domains and store them */
321 if ( enumerate_domain_trusts(mem_ctx
, lp_workgroup(), &domain_names
,
322 &num_domains
, &dom_sids
)) {
323 for ( i
=0; i
<num_domains
; i
++ ) {
324 trustdom_cache_store( domain_names
[i
], NULL
, &dom_sids
[i
],
325 now
+TRUSTDOM_UPDATE_INTERVAL
);
328 /* we failed to fetch the list of trusted domains - restore the old
330 trustdom_cache_store_timestamp(last_check
,
331 last_check
+TRUSTDOM_UPDATE_INTERVAL
);
335 talloc_destroy( mem_ctx
);