2 Unix SMB/CIFS implementation.
5 Copyright (C) Volker Lendecke 2008
6 Copyright (C) Simo Sorce 2006
7 Copyright (C) Rafal Szczesniak 2002
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.*/
25 static char *idmap_cache_sidkey(TALLOC_CTX
*ctx
, const DOM_SID
*sid
)
29 return talloc_asprintf(ctx
, "IDMAP/SID/%s",
30 sid_to_fstring(sidstr
, sid
));
33 static char *idmap_cache_idkey(TALLOC_CTX
*ctx
, const struct unixid
*xid
)
35 return talloc_asprintf(ctx
, "IDMAP/%s/%lu",
36 (xid
->type
==ID_TYPE_UID
)?"UID":"GID",
37 (unsigned long)xid
->id
);
40 NTSTATUS
idmap_cache_set(const struct id_map
*id
)
43 time_t timeout
= time(NULL
) + lp_idmap_cache_time();
47 /* Don't cache lookups in the S-1-22-{1,2} domain */
49 if (sid_check_is_in_unix_users(id
->sid
)
50 || sid_check_is_in_unix_groups(id
->sid
)) {
54 sidkey
= idmap_cache_sidkey(talloc_tos(), id
->sid
);
56 return NT_STATUS_NO_MEMORY
;
59 /* use sidkey as the local memory ctx */
60 idkey
= idmap_cache_idkey(sidkey
, &id
->xid
);
62 ret
= NT_STATUS_NO_MEMORY
;
66 if (!gencache_set(idkey
, sidkey
, timeout
)
67 || !gencache_set(sidkey
, idkey
, timeout
)) {
68 DEBUG(3, ("Failed to store cache entry!\n"));
69 ret
= NT_STATUS_ACCESS_DENIED
;
80 NTSTATUS
idmap_cache_set_negative_sid(const struct id_map
*id
)
82 NTSTATUS ret
= NT_STATUS_OK
;
85 sidkey
= idmap_cache_sidkey(talloc_tos(), id
->sid
);
87 return NT_STATUS_NO_MEMORY
;
90 if (!gencache_set(sidkey
, "IDMAP/NEGATIVE",
91 time(NULL
) + lp_idmap_negative_cache_time())) {
92 DEBUG(3, ("Failed to store cache entry!\n"));
93 ret
= NT_STATUS_ACCESS_DENIED
;
102 NTSTATUS
idmap_cache_set_negative_id(const struct id_map
*id
)
104 NTSTATUS ret
= NT_STATUS_OK
;
107 idkey
= idmap_cache_idkey(talloc_tos(), &id
->xid
);
109 return NT_STATUS_NO_MEMORY
;
112 if (!gencache_set(idkey
, "IDMAP/NEGATIVE",
113 time(NULL
) + lp_idmap_negative_cache_time())) {
114 DEBUG(3, ("Failed to store cache entry!\n"));
115 ret
= NT_STATUS_ACCESS_DENIED
;
125 * search the cache for the SID an return a mapping if found
128 bool idmap_cache_map_sid(const struct dom_sid
*sid
, struct unixid
*xid
,
129 bool *mapped
, bool *expired
)
137 sidkey
= idmap_cache_sidkey(talloc_tos(), sid
);
138 if (sidkey
== NULL
) {
139 DEBUG(0, ("idmap_cache_sidkey failed\n"));
143 if (!gencache_get(sidkey
, &value
, &timeout
)) {
148 if (strcmp(value
, "IDMAP/NEGATIVE") == 0) {
151 else if (strncmp(value
, "IDMAP/UID/", 10) == 0) {
153 xid
->type
= ID_TYPE_UID
;
154 xid
->id
= strtol(&value
[10], &rem
, 10);
159 else if (strncmp(value
, "IDMAP/GID/", 10) == 0) {
161 xid
->type
= ID_TYPE_GID
;
162 xid
->id
= strtol(&value
[10], &rem
, 10);
171 *expired
= (timeout
<= time(NULL
));
177 DEBUG(1, ("Invalid entry %s in cache\n", value
));
185 * search the cache for the ID an return a mapping if found
188 bool idmap_cache_map_id(const struct unixid
*xid
, struct dom_sid
*psid
,
189 bool *mapped
, bool *expired
)
196 idkey
= idmap_cache_idkey(talloc_tos(), xid
);
201 if (!gencache_get(idkey
, &value
, &timeout
)) {
206 if (strcmp(value
, "IDMAP/NEGATIVE") == 0) {
209 else if (strncmp(value
, "IDMAP/SID/", 10) == 0) {
211 if (!string_to_sid(psid
, value
+10)) {
223 DEBUG(1, ("Invalid entry %s in cache\n", value
));