2 Unix SMB/CIFS implementation.
5 Copyright (C) Volker Lendecke 2008
6 Copyright (C) Simo Sorce 2006
7 Copyright (C) Rafal Szczesniak 2002
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.*/
25 static char *idmap_cache_sidkey(TALLOC_CTX *ctx, const DOM_SID *sid)
29 return talloc_asprintf(ctx, "IDMAP/SID/%s",
30 sid_to_fstring(sidstr, sid));
33 static char *idmap_cache_idkey(TALLOC_CTX *ctx, const struct unixid *xid)
35 return talloc_asprintf(ctx, "IDMAP/%s/%lu",
36 (xid->type==ID_TYPE_UID)?"UID":"GID",
37 (unsigned long)xid->id);
40 NTSTATUS idmap_cache_set(const struct id_map *id)
43 time_t timeout = time(NULL) + lp_idmap_cache_time();
47 /* Don't cache lookups in the S-1-22-{1,2} domain */
49 if (sid_check_is_in_unix_users(id->sid)
50 || sid_check_is_in_unix_groups(id->sid)) {
54 sidkey = idmap_cache_sidkey(talloc_tos(), id->sid);
56 return NT_STATUS_NO_MEMORY;
59 /* use sidkey as the local memory ctx */
60 idkey = idmap_cache_idkey(sidkey, &id->xid);
62 ret = NT_STATUS_NO_MEMORY;
66 if (!gencache_set(idkey, sidkey, timeout)
67 || !gencache_set(sidkey, idkey, timeout)) {
68 DEBUG(3, ("Failed to store cache entry!\n"));
69 ret = NT_STATUS_ACCESS_DENIED;
80 NTSTATUS idmap_cache_set_negative_sid(const struct id_map *id)
82 NTSTATUS ret = NT_STATUS_OK;
85 sidkey = idmap_cache_sidkey(talloc_tos(), id->sid);
87 return NT_STATUS_NO_MEMORY;
90 if (!gencache_set(sidkey, "IDMAP/NEGATIVE",
91 time(NULL) + lp_idmap_negative_cache_time())) {
92 DEBUG(3, ("Failed to store cache entry!\n"));
93 ret = NT_STATUS_ACCESS_DENIED;
102 NTSTATUS idmap_cache_set_negative_id(const struct id_map *id)
104 NTSTATUS ret = NT_STATUS_OK;
107 idkey = idmap_cache_idkey(talloc_tos(), &id->xid);
109 return NT_STATUS_NO_MEMORY;
112 if (!gencache_set(idkey, "IDMAP/NEGATIVE",
113 time(NULL) + lp_idmap_negative_cache_time())) {
114 DEBUG(3, ("Failed to store cache entry!\n"));
115 ret = NT_STATUS_ACCESS_DENIED;
125 * search the cache for the SID an return a mapping if found
128 bool idmap_cache_map_sid(const struct dom_sid *sid, struct unixid *xid,
129 bool *mapped, bool *expired)
137 sidkey = idmap_cache_sidkey(talloc_tos(), sid);
138 if (sidkey == NULL) {
139 DEBUG(0, ("idmap_cache_sidkey failed\n"));
143 if (!gencache_get(sidkey, &value, &timeout)) {
148 if (strcmp(value, "IDMAP/NEGATIVE") == 0) {
151 else if (strncmp(value, "IDMAP/UID/", 10) == 0) {
153 xid->type = ID_TYPE_UID;
154 xid->id = strtol(&value[10], &rem, 10);
159 else if (strncmp(value, "IDMAP/GID/", 10) == 0) {
161 xid->type = ID_TYPE_GID;
162 xid->id = strtol(&value[10], &rem, 10);
171 *expired = (timeout <= time(NULL));
177 DEBUG(1, ("Invalid entry %s in cache\n", value));
185 * search the cache for the ID an return a mapping if found
188 bool idmap_cache_map_id(const struct unixid *xid, struct dom_sid *psid,
189 bool *mapped, bool *expired)
196 idkey = idmap_cache_idkey(talloc_tos(), xid);
201 if (!gencache_get(idkey, &value, &timeout)) {
206 if (strcmp(value, "IDMAP/NEGATIVE") == 0) {
209 else if (strncmp(value, "IDMAP/SID/", 10) == 0) {
211 if (!string_to_sid(psid, value+10)) {
223 DEBUG(1, ("Invalid entry %s in cache\n", value));