File 140417-NSS-sysdb_getnetgr-refactor.patch of Package sssd.openSUSE_Leap_42.1_Update

From e25867df505ef5cb2b3843c1a859337782f13383 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <preichl@redhat.com>
Date: Thu, 17 Apr 2014 16:14:11 +0000
Subject: [PATCH] NSS: sysdb_getnetgr refactor
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Move functionality for creating cache dummies into separate function.

Reviewed-by: Michal Židek <mzidek@redhat.com>
(cherry picked from commit 96d5ff54565f6aaccd09ed4c84b45a712345fcc9)

diff -rupN sssd-1.11.5.1-original/src/responder/nss/nsssrv_netgroup.c sssd-1.11.5.1-patched/src/responder/nss/nsssrv_netgroup.c
--- sssd-1.11.5.1-original/src/responder/nss/nsssrv_netgroup.c	2017-01-30 14:45:20.915416537 +0100
+++ sssd-1.11.5.1-patched/src/responder/nss/nsssrv_netgroup.c	2017-01-30 14:48:19.293282497 +0100
@@ -423,6 +423,44 @@ static void set_netgr_lifetime(uint32_t
     }
 }
 
+/* Create dummy netgroup to speed up repeated negative queries */
+static errno_t create_negcache_netgr(struct setent_step_ctx *step_ctx)
+{
+    errno_t ret;
+    struct getent_ctx *netgr;
+
+    netgr = talloc_zero(step_ctx->nctx, struct getent_ctx);
+    if (netgr == NULL) {
+        DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_zero failed.\n"));
+        ret = ENOMEM;
+        goto done;
+    } else {
+        netgr->ready = true;
+        netgr->found = false;
+        netgr->entries = NULL;
+        netgr->lookup_table = step_ctx->nctx->netgroups;
+        netgr->name = talloc_strdup(netgr, step_ctx->name);
+        if (netgr->name == NULL) {
+            DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strdup failed.\n"));
+            ret = ENOMEM;
+            goto done;
+        }
+
+        ret = set_netgroup_entry(step_ctx->nctx, netgr);
+        if (ret != EOK) {
+            DEBUG(SSSDBG_CRIT_FAILURE, ("set_netgroup_entry failed.\n"));
+            goto done;
+        }
+        set_netgr_lifetime(step_ctx->nctx->neg_timeout, step_ctx, netgr);
+    }
+
+done:
+    if (ret != EOK) {
+        talloc_free(netgr);
+    }
+    return ret;
+}
+
 static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx)
 {
     errno_t ret;
@@ -571,26 +609,14 @@ static errno_t lookup_netgr_step(struct
     DEBUG(SSSDBG_MINOR_FAILURE,
           ("No matching domain found for [%s], fail!\n", step_ctx->name));
 
-    netgr = talloc_zero(step_ctx->nctx, struct getent_ctx);
-    if (netgr == NULL) {
-        DEBUG(1, ("talloc_zero failed, ignored.\n"));
-    } else {
-        netgr->ready = true;
-        netgr->found = false;
-        netgr->entries = NULL;
-        netgr->lookup_table = step_ctx->nctx->netgroups;
-        netgr->name = talloc_strdup(netgr, step_ctx->name);
-        if (netgr->name == NULL) {
-            DEBUG(1, ("talloc_strdup failed.\n"));
-            talloc_free(netgr);
-            return ENOMEM;
-        }
-
-        ret = set_netgroup_entry(step_ctx->nctx, netgr);
-        if (ret != EOK) {
-            DEBUG(1, ("set_netgroup_entry failed, ignored.\n"));
-        }
-        set_netgr_lifetime(step_ctx->nctx->neg_timeout, step_ctx, netgr);
+    ret = create_negcache_netgr(step_ctx);
+    if (ret != EOK) {
+        /* Failure can be ignored, because at worst, there will be a slowdown
+         * at the next lookup
+         */
+        DEBUG(SSSDBG_TRACE_ALL,
+            ("create_negcache_netgr failed with: %d:[%s], ignored.\n",
+            ret, sss_strerror(ret)));
     }
     ret = ENOENT;
 
Binary files sssd-1.11.5.1-original/src/responder/nss/.nsssrv_netgroup.c.rej.swp and sssd-1.11.5.1-patched/src/responder/nss/.nsssrv_netgroup.c.rej.swp differ