File 140417-NSS-sysdb_getnetgr-refactor.patch of Package sssd.5306
From e25867df505ef5cb2b3843c1a859337782f13383 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <preichl@redhat.com>
Date: Thu, 17 Apr 2014 16:14:11 +0000
Subject: [PATCH] NSS: sysdb_getnetgr refactor
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Move functionality for creating cache dummies into separate function.
Reviewed-by: Michal Židek <mzidek@redhat.com>
(cherry picked from commit 96d5ff54565f6aaccd09ed4c84b45a712345fcc9)
diff -rupN sssd-1.11.5.1-original/src/responder/nss/nsssrv_netgroup.c sssd-1.11.5.1-patched/src/responder/nss/nsssrv_netgroup.c
--- sssd-1.11.5.1-original/src/responder/nss/nsssrv_netgroup.c 2017-01-30 14:45:20.915416537 +0100
+++ sssd-1.11.5.1-patched/src/responder/nss/nsssrv_netgroup.c 2017-01-30 14:48:19.293282497 +0100
@@ -423,6 +423,44 @@ static void set_netgr_lifetime(uint32_t
}
}
+/* Create dummy netgroup to speed up repeated negative queries */
+static errno_t create_negcache_netgr(struct setent_step_ctx *step_ctx)
+{
+ errno_t ret;
+ struct getent_ctx *netgr;
+
+ netgr = talloc_zero(step_ctx->nctx, struct getent_ctx);
+ if (netgr == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_zero failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ } else {
+ netgr->ready = true;
+ netgr->found = false;
+ netgr->entries = NULL;
+ netgr->lookup_table = step_ctx->nctx->netgroups;
+ netgr->name = talloc_strdup(netgr, step_ctx->name);
+ if (netgr->name == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strdup failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ ret = set_netgroup_entry(step_ctx->nctx, netgr);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("set_netgroup_entry failed.\n"));
+ goto done;
+ }
+ set_netgr_lifetime(step_ctx->nctx->neg_timeout, step_ctx, netgr);
+ }
+
+done:
+ if (ret != EOK) {
+ talloc_free(netgr);
+ }
+ return ret;
+}
+
static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx)
{
errno_t ret;
@@ -571,26 +609,14 @@ static errno_t lookup_netgr_step(struct
DEBUG(SSSDBG_MINOR_FAILURE,
("No matching domain found for [%s], fail!\n", step_ctx->name));
- netgr = talloc_zero(step_ctx->nctx, struct getent_ctx);
- if (netgr == NULL) {
- DEBUG(1, ("talloc_zero failed, ignored.\n"));
- } else {
- netgr->ready = true;
- netgr->found = false;
- netgr->entries = NULL;
- netgr->lookup_table = step_ctx->nctx->netgroups;
- netgr->name = talloc_strdup(netgr, step_ctx->name);
- if (netgr->name == NULL) {
- DEBUG(1, ("talloc_strdup failed.\n"));
- talloc_free(netgr);
- return ENOMEM;
- }
-
- ret = set_netgroup_entry(step_ctx->nctx, netgr);
- if (ret != EOK) {
- DEBUG(1, ("set_netgroup_entry failed, ignored.\n"));
- }
- set_netgr_lifetime(step_ctx->nctx->neg_timeout, step_ctx, netgr);
+ ret = create_negcache_netgr(step_ctx);
+ if (ret != EOK) {
+ /* Failure can be ignored, because at worst, there will be a slowdown
+ * at the next lookup
+ */
+ DEBUG(SSSDBG_TRACE_ALL,
+ ("create_negcache_netgr failed with: %d:[%s], ignored.\n",
+ ret, sss_strerror(ret)));
}
ret = ENOENT;
Binary files sssd-1.11.5.1-original/src/responder/nss/.nsssrv_netgroup.c.rej.swp and sssd-1.11.5.1-patched/src/responder/nss/.nsssrv_netgroup.c.rej.swp differ
