struct passwd *pw;
struct userspec_list userspecs;
struct defaults_list defaults;
+ bool cached_defaults;
};
#ifdef HAVE_LDAP_INITIALIZE
static struct defaults_list *
sudo_ldap_getdefs(struct sudo_nss *nss)
{
- struct ldap_config_str *base;
struct sudo_ldap_handle *handle = nss->handle;
+ struct defaults_list *ret = &handle->defaults;
struct timeval tv, *tvp = NULL;
- struct defaults_list *ret = NULL;
+ struct ldap_config_str *base;
LDAPMessage *entry, *result = NULL;
- char *filt;
+ char *filt = NULL;
int rc;
debug_decl(sudo_ldap_getdefs, SUDOERS_DEBUG_LDAP)
debug_return_ptr(NULL);
}
- /* Free old defaults, if any. */
- free_defaults(&handle->defaults);
+ /* Use cached result if present. */
+ if (handle->cached_defaults)
+ goto done;
filt = sudo_ldap_build_default_filter();
if (filt == NULL) {
filt, NULL, 0, NULL, NULL, tvp, 0, &result);
if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) {
DPRINTF1("found:%s", ldap_get_dn(ld, entry));
- if (!sudo_ldap_parse_options(ld, entry, &handle->defaults))
+ if (!sudo_ldap_parse_options(ld, entry, &handle->defaults)) {
+ ret = NULL;
goto done;
+ }
} else {
DPRINTF1("no default options found in %s", base->val);
}
}
- ret = &handle->defaults;
+ handle->cached_defaults = true;
done:
ldap_msgfree(result);
void *ssslib;
struct userspec_list userspecs;
struct defaults_list defaults;
+ bool cached_defaults;
sss_sudo_send_recv_t fn_send_recv;
sss_sudo_send_recv_defaults_t fn_send_recv_defaults;
sss_sudo_free_result_t fn_free_result;
{
struct sudo_sss_handle *handle = nss->handle;
struct sss_sudo_result *sss_result = NULL;
- struct sss_sudo_rule *sss_rule;
uint32_t sss_error;
unsigned int i;
int rc;
debug_return_ptr(NULL);
}
- /* Free old defaults, if any. */
- free_defaults(&handle->defaults);
+ /* Use cached result if present. */
+ if (handle->cached_defaults)
+ debug_return_ptr(&handle->defaults);
sudo_debug_printf(SUDO_DEBUG_DIAG, "Looking for cn=defaults");
"handle->fn_send_recv_defaults: rc=%d, sss_error=%u", rc, sss_error);
debug_return_ptr(NULL);
}
- if (sss_error != 0) {
- if (sss_error == ENOENT) {
- sudo_debug_printf(SUDO_DEBUG_INFO,
- "No global defaults entry found in SSSD.");
- goto done;
+
+ switch (sss_error) {
+ case 0:
+ /* Success */
+ for (i = 0; i < sss_result->num_rules; ++i) {
+ struct sss_sudo_rule *sss_rule = sss_result->rules + i;
+ sudo_debug_printf(SUDO_DEBUG_DIAG,
+ "Parsing cn=defaults, %d/%d", i, sss_result->num_rules);
+ if (!sudo_sss_parse_options(handle, sss_rule, &handle->defaults))
+ goto bad;
}
+ break;
+ case ENOENT:
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "No global defaults entry found in SSSD.");
+ break;
+ default:
sudo_debug_printf(SUDO_DEBUG_ERROR, "sss_error=%u\n", sss_error);
goto bad;
}
-
- for (i = 0; i < sss_result->num_rules; ++i) {
- sudo_debug_printf(SUDO_DEBUG_DIAG,
- "Parsing cn=defaults, %d/%d", i, sss_result->num_rules);
- sss_rule = sss_result->rules + i;
- if (!sudo_sss_parse_options(handle, sss_rule, &handle->defaults))
- goto bad;
- }
-
-done:
+ handle->cached_defaults = true;
handle->fn_free_result(sss_result);
debug_return_ptr(&handle->defaults);
+
bad:
handle->fn_free_result(sss_result);
debug_return_ptr(NULL);