2 Unix SMB/CIFS implementation.
5 Copyright (C) Volker Lendecke 2008
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.*/
21 #include "idmap_cache.h"
22 #include "../libcli/security/security.h"
25 * Find a sid2uid mapping
26 * @param[in] sid the sid to map
27 * @param[out] puid where to put the result
28 * @param[out] expired is the cache entry expired?
29 * @retval Was anything in the cache at all?
31 * If *puid == -1 this was a negative mapping.
34 bool idmap_cache_find_sid2uid(const struct dom_sid *sid, uid_t *puid,
45 key = talloc_asprintf(talloc_tos(), "IDMAP/SID2UID/%s",
46 sid_to_fstring(sidstr, sid));
50 ret = gencache_get(key, &value, &timeout);
55 uid = strtol(value, &endptr, 10);
56 ret = (*endptr == '\0');
60 *expired = (timeout <= time(NULL));
66 * Find a uid2sid mapping
67 * @param[in] uid the uid to map
68 * @param[out] sid where to put the result
69 * @param[out] expired is the cache entry expired?
70 * @retval Was anything in the cache at all?
72 * If "is_null_sid(sid)", this was a negative mapping.
75 bool idmap_cache_find_uid2sid(uid_t uid, struct dom_sid *sid, bool *expired)
82 key = talloc_asprintf(talloc_tos(), "IDMAP/UID2SID/%d", (int)uid);
86 ret = gencache_get(key, &value, &timeout);
92 if (value[0] != '-') {
93 ret = string_to_sid(sid, value);
97 *expired = (timeout <= time(NULL));
103 * Store a mapping in the idmap cache
104 * @param[in] sid the sid to map
105 * @param[in] uid the uid to map
107 * If both parameters are valid values, then a positive mapping in both
108 * directions is stored. If "is_null_sid(sid)" is true, then this will be a
109 * negative mapping of uid, we want to cache that for this uid we could not
110 * find anything. Likewise if "uid==-1", then we want to cache that we did not
111 * find a mapping for the sid passed here.
114 void idmap_cache_set_sid2uid(const struct dom_sid *sid, uid_t uid)
116 time_t now = time(NULL);
118 fstring sidstr, key, value;
120 if (!is_null_sid(sid)) {
121 fstr_sprintf(key, "IDMAP/SID2UID/%s",
122 sid_to_fstring(sidstr, sid));
123 fstr_sprintf(value, "%d", (int)uid);
124 timeout = (uid == -1)
125 ? lp_idmap_negative_cache_time()
126 : lp_idmap_cache_time();
127 gencache_set(key, value, now + timeout);
130 fstr_sprintf(key, "IDMAP/UID2SID/%d", (int)uid);
131 if (is_null_sid(sid)) {
132 /* negative uid mapping */
134 timeout = lp_idmap_negative_cache_time();
137 sid_to_fstring(value, sid);
138 timeout = lp_idmap_cache_time();
140 gencache_set(key, value, now + timeout);
145 * Find a sid2gid mapping
146 * @param[in] sid the sid to map
147 * @param[out] pgid where to put the result
148 * @param[out] expired is the cache entry expired?
149 * @retval Was anything in the cache at all?
151 * If *pgid == -1 this was a negative mapping.
154 bool idmap_cache_find_sid2gid(const struct dom_sid *sid, gid_t *pgid,
165 key = talloc_asprintf(talloc_tos(), "IDMAP/SID2GID/%s",
166 sid_to_fstring(sidstr, sid));
170 ret = gencache_get(key, &value, &timeout);
175 gid = strtol(value, &endptr, 10);
176 ret = (*endptr == '\0');
180 *expired = (timeout <= time(NULL));
186 * Find a gid2sid mapping
187 * @param[in] gid the gid to map
188 * @param[out] sid where to put the result
189 * @param[out] expired is the cache entry expired?
190 * @retval Was anything in the cache at all?
192 * If "is_null_sid(sid)", this was a negative mapping.
195 bool idmap_cache_find_gid2sid(gid_t gid, struct dom_sid *sid, bool *expired)
202 key = talloc_asprintf(talloc_tos(), "IDMAP/GID2SID/%d", (int)gid);
206 ret = gencache_get(key, &value, &timeout);
212 if (value[0] != '-') {
213 ret = string_to_sid(sid, value);
217 *expired = (timeout <= time(NULL));
223 * Store a mapping in the idmap cache
224 * @param[in] sid the sid to map
225 * @param[in] gid the gid to map
227 * If both parameters are valid values, then a positive mapping in both
228 * directions is stored. If "is_null_sid(sid)" is true, then this will be a
229 * negative mapping of gid, we want to cache that for this gid we could not
230 * find anything. Likewise if "gid==-1", then we want to cache that we did not
231 * find a mapping for the sid passed here.
234 void idmap_cache_set_sid2gid(const struct dom_sid *sid, gid_t gid)
236 time_t now = time(NULL);
238 fstring sidstr, key, value;
240 if (!is_null_sid(sid)) {
241 fstr_sprintf(key, "IDMAP/SID2GID/%s",
242 sid_to_fstring(sidstr, sid));
243 fstr_sprintf(value, "%d", (int)gid);
244 timeout = (gid == -1)
245 ? lp_idmap_negative_cache_time()
246 : lp_idmap_cache_time();
247 gencache_set(key, value, now + timeout);
250 fstr_sprintf(key, "IDMAP/GID2SID/%d", (int)gid);
251 if (is_null_sid(sid)) {
252 /* negative gid mapping */
254 timeout = lp_idmap_negative_cache_time();
257 sid_to_fstring(value, sid);
258 timeout = lp_idmap_cache_time();
260 gencache_set(key, value, now + timeout);