2
Unix SMB/CIFS implementation.
4
Trusted domain names cache on top of gencache.
6
Copyright (C) Rafal Szczesniak 2002
8
This program is free software; you can redistribute it and/or modify
9
it under the terms of the GNU General Public License as published by
10
the Free Software Foundation; either version 3 of the License, or
11
(at your option) any later version.
13
This program is distributed in the hope that it will be useful,
14
but WITHOUT ANY WARRANTY; without even the implied warranty of
15
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
GNU General Public License for more details.
18
You should have received a copy of the GNU General Public License
19
along with this program. If not, see <http://www.gnu.org/licenses/>.
25
#define DBGC_CLASS DBGC_ALL /* there's no proper class yet */
27
#define TDOMKEY_FMT "TDOM/%s"
28
#define TDOMTSKEY "TDOMCACHE/TIMESTAMP"
32
* @file trustdom_cache.c
34
* Implementation of trusted domain names cache useful when
35
* samba acts as domain member server. In such case, caching
36
* domain names currently trusted gives a performance gain
37
* because there's no need to query PDC each time we need
38
* list of trusted domains
43
* Initialise trustdom name caching system. Call gencache
44
* initialisation routine to perform necessary activities.
46
* @return true upon successful cache initialisation or
47
* false if cache init failed
50
bool trustdom_cache_enable(void)
52
/* Init trustdom cache by calling gencache initialisation */
53
if (!gencache_init()) {
54
DEBUG(2, ("trustdomcache_enable: Couldn't initialise trustdom cache on top of gencache.\n"));
63
* Shutdown trustdom name caching system. Calls gencache
66
* @return true upon successful cache close or
70
bool trustdom_cache_shutdown(void)
72
/* Close trustdom cache by calling gencache shutdown */
73
if (!gencache_shutdown()) {
74
DEBUG(2, ("trustdomcache_shutdown: Couldn't shutdown trustdom cache on top of gencache.\n"));
83
* Form up trustdom name key. It is based only
86
* @param name trusted domain name
87
* @return cache key for use in gencache mechanism
90
static char* trustdom_cache_key(const char* name)
93
asprintf_strupper_m(&keystr, TDOMKEY_FMT, name);
100
* Store trusted domain in gencache as the domain name (key)
101
* and trusted domain's SID (value)
103
* @param name trusted domain name
104
* @param alt_name alternative trusted domain name (used in ADS domains)
105
* @param sid trusted domain's SID
106
* @param timeout cache entry expiration time
107
* @return true upon successful value storing or
108
* false if store attempt failed
111
bool trustdom_cache_store(char* name, char* alt_name, const DOM_SID *sid,
119
* we use gecache call to avoid annoying debug messages
120
* about initialised trustdom
122
if (!gencache_init())
125
DEBUG(5, ("trustdom_store: storing SID %s of domain %s\n",
126
sid_string_dbg(sid), name));
128
key = trustdom_cache_key(name);
129
alt_key = alt_name ? trustdom_cache_key(alt_name) : NULL;
131
/* Generate string representation domain SID */
132
sid_to_fstring(sid_string, sid);
135
* try to put the names in the cache
138
ret = gencache_set(alt_key, sid_string, timeout);
140
ret = gencache_set(key, sid_string, timeout);
147
ret = gencache_set(key, sid_string, timeout);
154
* Fetch trusted domain's SID from the gencache.
155
* This routine can also be used to check whether given
156
* domain is currently trusted one.
158
* @param name trusted domain name
159
* @param sid trusted domain's SID to be returned
160
* @return true if entry is found or
161
* false if has expired/doesn't exist
164
bool trustdom_cache_fetch(const char* name, DOM_SID* sid)
166
char *key = NULL, *value = NULL;
170
if (!gencache_init())
173
/* exit now if null pointers were passed as they're required further */
177
/* prepare a key and get the value */
178
key = trustdom_cache_key(name);
182
if (!gencache_get(key, &value, &timeout)) {
183
DEBUG(5, ("no entry for trusted domain %s found.\n", name));
188
DEBUG(5, ("trusted domain %s found (%s)\n", name, value));
191
/* convert sid string representation into DOM_SID structure */
192
if(! string_to_sid(sid, value)) {
203
/*******************************************************************
204
fetch the timestamp from the last update
205
*******************************************************************/
207
uint32 trustdom_cache_fetch_timestamp( void )
214
if (!gencache_init())
217
if (!gencache_get(TDOMTSKEY, &value, &timeout)) {
218
DEBUG(5, ("no timestamp for trusted domain cache located.\n"));
223
timestamp = atoi(value);
229
/*******************************************************************
230
store the timestamp from the last update
231
*******************************************************************/
233
bool trustdom_cache_store_timestamp( uint32 t, time_t timeout )
238
if (!gencache_init())
241
fstr_sprintf(value, "%d", t );
243
if (!gencache_set(TDOMTSKEY, value, timeout)) {
244
DEBUG(5, ("failed to set timestamp for trustdom_cache\n"));
253
* Delete single trustdom entry. Look at the
254
* gencache_iterate definition.
258
static void flush_trustdom_name(const char* key, const char *value, time_t timeout, void* dptr)
261
DEBUG(5, ("Deleting entry %s\n", key));
266
* Flush all the trusted domains entries from the cache.
269
void trustdom_cache_flush(void)
271
if (!gencache_init())
275
* iterate through each TDOM cache's entry and flush it
276
* by flush_trustdom_name function
278
gencache_iterate(flush_trustdom_name, NULL, trustdom_cache_key("*"));
279
DEBUG(5, ("Trusted domains cache flushed\n"));
282
/********************************************************************
283
update the trustdom_cache if needed
284
********************************************************************/
285
#define TRUSTDOM_UPDATE_INTERVAL 600
287
void update_trustdom_cache( void )
294
TALLOC_CTX *mem_ctx = NULL;
295
time_t now = time(NULL);
298
/* get the timestamp. We have to initialise it if the last timestamp == 0 */
299
if ( (last_check = trustdom_cache_fetch_timestamp()) == 0 )
300
trustdom_cache_store_timestamp(0, now+TRUSTDOM_UPDATE_INTERVAL);
302
time_diff = (int) (now - last_check);
304
if ( (time_diff > 0) && (time_diff < TRUSTDOM_UPDATE_INTERVAL) ) {
305
DEBUG(10,("update_trustdom_cache: not time to update trustdom_cache yet\n"));
309
/* note that we don't lock the timestamp. This prevents this
310
smbd from blocking all other smbd daemons while we
311
enumerate the trusted domains */
312
trustdom_cache_store_timestamp(now, now+TRUSTDOM_UPDATE_INTERVAL);
314
if ( !(mem_ctx = talloc_init("update_trustdom_cache")) ) {
315
DEBUG(0,("update_trustdom_cache: talloc_init() failed!\n"));
319
/* get the domains and store them */
321
if ( enumerate_domain_trusts(mem_ctx, lp_workgroup(), &domain_names,
322
&num_domains, &dom_sids)) {
323
for ( i=0; i<num_domains; i++ ) {
324
trustdom_cache_store( domain_names[i], NULL, &dom_sids[i],
325
now+TRUSTDOM_UPDATE_INTERVAL);
328
/* we failed to fetch the list of trusted domains - restore the old
330
trustdom_cache_store_timestamp(last_check,
331
last_check+TRUSTDOM_UPDATE_INTERVAL);
335
talloc_destroy( mem_ctx );