root/source3/libsmb/trustdom_cache.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. trustdom_cache_enable
  2. trustdom_cache_shutdown
  3. trustdom_cache_key
  4. trustdom_cache_store
  5. trustdom_cache_fetch
  6. trustdom_cache_fetch_timestamp
  7. trustdom_cache_store_timestamp
  8. flush_trustdom_name
  9. trustdom_cache_flush
  10. update_trustdom_cache

   1 /* 
   2    Unix SMB/CIFS implementation.
   3 
   4    Trusted domain names cache on top of gencache.
   5 
   6    Copyright (C) Rafal Szczesniak       2002
   7    
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 3 of the License, or
  11    (at your option) any later version.
  12    
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17    
  18    You should have received a copy of the GNU General Public License
  19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 */
  21 
  22 #include "includes.h"
  23 
  24 #undef DBGC_CLASS
  25 #define DBGC_CLASS DBGC_ALL     /* there's no proper class yet */
  26 
  27 #define TDOMKEY_FMT  "TDOM/%s"
  28 #define TDOMTSKEY    "TDOMCACHE/TIMESTAMP"
  29 
  30 
  31 /**
  32  * @file trustdom_cache.c
  33  *
  34  * Implementation of trusted domain names cache useful when
  35  * samba acts as domain member server. In such case, caching
  36  * domain names currently trusted gives a performance gain
  37  * because there's no need to query PDC each time we need
  38  * list of trusted domains
  39  **/
  40 
  41  
  42 /**
  43  * Initialise trustdom name caching system. Call gencache
  44  * initialisation routine to perform necessary activities.
  45  *
  46  * @return true upon successful cache initialisation or
  47  *         false if cache init failed
  48  **/
  49  
  50 bool trustdom_cache_enable(void)
     /* [<][>][^][v][top][bottom][index][help] */
  51 {
  52         /* Init trustdom cache by calling gencache initialisation */
  53         if (!gencache_init()) {
  54                 DEBUG(2, ("trustdomcache_enable: Couldn't initialise trustdom cache on top of gencache.\n"));
  55                 return False;
  56         }
  57 
  58         return True;
  59 }
  60 
  61 
  62 /**
  63  * Shutdown trustdom name caching system. Calls gencache
  64  * shutdown function.
  65  *
  66  * @return true upon successful cache close or
  67  *         false if it failed
  68  **/
  69  
  70 bool trustdom_cache_shutdown(void)
     /* [<][>][^][v][top][bottom][index][help] */
  71 {
  72         /* Close trustdom cache by calling gencache shutdown */
  73         if (!gencache_shutdown()) {
  74                 DEBUG(2, ("trustdomcache_shutdown: Couldn't shutdown trustdom cache on top of gencache.\n"));
  75                 return False;
  76         }
  77         
  78         return True;
  79 }
  80 
  81 
  82 /**
  83  * Form up trustdom name key. It is based only
  84  * on domain name now.
  85  *
  86  * @param name trusted domain name
  87  * @return cache key for use in gencache mechanism
  88  **/
  89 
  90 static char* trustdom_cache_key(const char* name)
     /* [<][>][^][v][top][bottom][index][help] */
  91 {
  92         char* keystr = NULL;
  93         asprintf_strupper_m(&keystr, TDOMKEY_FMT, name);
  94         
  95         return keystr;
  96 }
  97 
  98 
  99 /**
 100  * Store trusted domain in gencache as the domain name (key)
 101  * and trusted domain's SID (value)
 102  *
 103  * @param name trusted domain name
 104  * @param alt_name alternative trusted domain name (used in ADS domains)
 105  * @param sid trusted domain's SID
 106  * @param timeout cache entry expiration time
 107  * @return true upon successful value storing or
 108  *         false if store attempt failed
 109  **/
 110  
 111 bool trustdom_cache_store(char* name, char* alt_name, const DOM_SID *sid,
     /* [<][>][^][v][top][bottom][index][help] */
 112                           time_t timeout)
 113 {
 114         char *key, *alt_key;
 115         fstring sid_string;
 116         bool ret;
 117 
 118         /*
 119          * we use gecache call to avoid annoying debug messages
 120          * about initialised trustdom 
 121          */
 122         if (!gencache_init())
 123                 return False;
 124 
 125         DEBUG(5, ("trustdom_store: storing SID %s of domain %s\n",
 126                   sid_string_dbg(sid), name));
 127 
 128         key = trustdom_cache_key(name);
 129         alt_key = alt_name ? trustdom_cache_key(alt_name) : NULL;
 130 
 131         /* Generate string representation domain SID */
 132         sid_to_fstring(sid_string, sid);
 133 
 134         /*
 135          * try to put the names in the cache
 136          */
 137         if (alt_key) {
 138                 ret = gencache_set(alt_key, sid_string, timeout);
 139                 if ( ret ) {
 140                         ret = gencache_set(key, sid_string, timeout);
 141                 }
 142                 SAFE_FREE(alt_key);
 143                 SAFE_FREE(key);
 144                 return ret;
 145         }
 146 
 147         ret = gencache_set(key, sid_string, timeout);
 148         SAFE_FREE(key);
 149         return ret;
 150 }
 151 
 152 
 153 /**
 154  * Fetch trusted domain's SID from the gencache.
 155  * This routine can also be used to check whether given
 156  * domain is currently trusted one.
 157  *
 158  * @param name trusted domain name
 159  * @param sid trusted domain's SID to be returned
 160  * @return true if entry is found or
 161  *         false if has expired/doesn't exist
 162  **/
 163  
 164 bool trustdom_cache_fetch(const char* name, DOM_SID* sid)
     /* [<][>][^][v][top][bottom][index][help] */
 165 {
 166         char *key = NULL, *value = NULL;
 167         time_t timeout;
 168 
 169         /* init the cache */
 170         if (!gencache_init())
 171                 return False;
 172         
 173         /* exit now if null pointers were passed as they're required further */
 174         if (!sid)
 175                 return False;
 176 
 177         /* prepare a key and get the value */
 178         key = trustdom_cache_key(name);
 179         if (!key)
 180                 return False;
 181         
 182         if (!gencache_get(key, &value, &timeout)) {
 183                 DEBUG(5, ("no entry for trusted domain %s found.\n", name));
 184                 SAFE_FREE(key);
 185                 return False;
 186         } else {
 187                 SAFE_FREE(key);
 188                 DEBUG(5, ("trusted domain %s found (%s)\n", name, value));
 189         }
 190 
 191         /* convert sid string representation into DOM_SID structure */
 192         if(! string_to_sid(sid, value)) {
 193                 sid = NULL;
 194                 SAFE_FREE(value);
 195                 return False;
 196         }
 197         
 198         SAFE_FREE(value);
 199         return True;
 200 }
 201 
 202 
 203 /*******************************************************************
 204  fetch the timestamp from the last update 
 205 *******************************************************************/
 206 
 207 uint32 trustdom_cache_fetch_timestamp( void )
     /* [<][>][^][v][top][bottom][index][help] */
 208 {
 209         char *value = NULL;
 210         time_t timeout;
 211         uint32 timestamp;
 212 
 213         /* init the cache */
 214         if (!gencache_init()) 
 215                 return False;
 216                 
 217         if (!gencache_get(TDOMTSKEY, &value, &timeout)) {
 218                 DEBUG(5, ("no timestamp for trusted domain cache located.\n"));
 219                 SAFE_FREE(value);
 220                 return 0;
 221         } 
 222 
 223         timestamp = atoi(value);
 224                 
 225         SAFE_FREE(value);
 226         return timestamp;
 227 }
 228 
 229 /*******************************************************************
 230  store the timestamp from the last update 
 231 *******************************************************************/
 232 
 233 bool trustdom_cache_store_timestamp( uint32 t, time_t timeout )
     /* [<][>][^][v][top][bottom][index][help] */
 234 {
 235         fstring value;
 236 
 237         /* init the cache */
 238         if (!gencache_init()) 
 239                 return False;
 240                 
 241         fstr_sprintf(value, "%d", t );
 242                 
 243         if (!gencache_set(TDOMTSKEY, value, timeout)) {
 244                 DEBUG(5, ("failed to set timestamp for trustdom_cache\n"));
 245                 return False;
 246         } 
 247 
 248         return True;
 249 }
 250 
 251 
 252 /**
 253  * Delete single trustdom entry. Look at the
 254  * gencache_iterate definition.
 255  *
 256  **/
 257 
 258 static void flush_trustdom_name(const char* key, const char *value, time_t timeout, void* dptr)
     /* [<][>][^][v][top][bottom][index][help] */
 259 {
 260         gencache_del(key);
 261         DEBUG(5, ("Deleting entry %s\n", key));
 262 }
 263 
 264 
 265 /**
 266  * Flush all the trusted domains entries from the cache.
 267  **/
 268 
 269 void trustdom_cache_flush(void)
     /* [<][>][^][v][top][bottom][index][help] */
 270 {
 271         if (!gencache_init())
 272                 return;
 273 
 274         /* 
 275          * iterate through each TDOM cache's entry and flush it
 276          * by flush_trustdom_name function
 277          */
 278         gencache_iterate(flush_trustdom_name, NULL, trustdom_cache_key("*"));
 279         DEBUG(5, ("Trusted domains cache flushed\n"));
 280 }
 281 
 282 /********************************************************************
 283  update the trustdom_cache if needed 
 284 ********************************************************************/
 285 #define TRUSTDOM_UPDATE_INTERVAL        600
 286 
 287 void update_trustdom_cache( void )
     /* [<][>][^][v][top][bottom][index][help] */
 288 {
 289         char **domain_names;
 290         DOM_SID *dom_sids;
 291         uint32 num_domains;
 292         uint32 last_check;
 293         int time_diff;
 294         TALLOC_CTX *mem_ctx = NULL;
 295         time_t now = time(NULL);
 296         int i;
 297         
 298         /* get the timestamp.  We have to initialise it if the last timestamp == 0 */   
 299         if ( (last_check = trustdom_cache_fetch_timestamp()) == 0 ) 
 300                 trustdom_cache_store_timestamp(0, now+TRUSTDOM_UPDATE_INTERVAL);
 301 
 302         time_diff = (int) (now - last_check);
 303         
 304         if ( (time_diff > 0) && (time_diff < TRUSTDOM_UPDATE_INTERVAL) ) {
 305                 DEBUG(10,("update_trustdom_cache: not time to update trustdom_cache yet\n"));
 306                 return;
 307         }
 308 
 309         /* note that we don't lock the timestamp. This prevents this
 310            smbd from blocking all other smbd daemons while we
 311            enumerate the trusted domains */
 312         trustdom_cache_store_timestamp(now, now+TRUSTDOM_UPDATE_INTERVAL);
 313                 
 314         if ( !(mem_ctx = talloc_init("update_trustdom_cache")) ) {
 315                 DEBUG(0,("update_trustdom_cache: talloc_init() failed!\n"));
 316                 goto done;
 317         }
 318 
 319         /* get the domains and store them */
 320         
 321         if ( enumerate_domain_trusts(mem_ctx, lp_workgroup(), &domain_names, 
 322                 &num_domains, &dom_sids)) {
 323                 for ( i=0; i<num_domains; i++ ) {
 324                         trustdom_cache_store( domain_names[i], NULL, &dom_sids[i], 
 325                                 now+TRUSTDOM_UPDATE_INTERVAL);
 326                 }               
 327         } else {
 328                 /* we failed to fetch the list of trusted domains - restore the old
 329                    timestamp */
 330                 trustdom_cache_store_timestamp(last_check, 
 331                                                last_check+TRUSTDOM_UPDATE_INTERVAL);
 332         }
 333 
 334 done:   
 335         talloc_destroy( mem_ctx );
 336         
 337         return;
 338 }

/* [<][>][^][v][top][bottom][index][help] */