From: Todd C. Miller Date: Thu, 20 Jan 2011 21:13:09 +0000 (-0500) Subject: Stash pointer to user group vector in LDAP handle and only reuse X-Git-Tag: SUDO_1_7_5~63 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=09240e3a607af830f4d2be15a9674d0ce0c87b5f;p=sudo Stash pointer to user group vector in LDAP handle and only reuse the query if it has not changed. We always allocate a new buffer when we reset the group vector so a simple pointer check is sufficient. --HG-- branch : 1.7 --- diff --git a/ldap.c b/ldap.c index 58e8cabde..5719ab3fd 100644 --- a/ldap.c +++ b/ldap.c @@ -327,6 +327,7 @@ struct sudo_ldap_handle { LDAP *ld; struct ldap_result *result; char *username; + GETGROUPS_T *groups; }; struct sudo_nss sudo_nss_ldap = { @@ -1524,7 +1525,6 @@ sudo_ldap_display_entry_short(ld, entry, lbuf) "NOSETENV: " : "SETENV: "; if (tag != NULL) lbuf_append(lbuf, tag, NULL); - /* XXX - ignores other options */ } ldap_value_free_len(bv); } @@ -2064,6 +2064,7 @@ sudo_ldap_open(nss) handle->ld = ld; handle->result = NULL; handle->username = NULL; + handle->groups = NULL; nss->handle = handle; return(0); @@ -2327,6 +2328,7 @@ sudo_ldap_result_free_nss(nss) efree(handle->username); handle->username = NULL; } + handle->groups = NULL; handle->result = NULL; } } @@ -2354,7 +2356,8 @@ sudo_ldap_result_get(nss, pw) * have to contact the LDAP server again. */ if (handle->result) { - if (strcmp(pw->pw_name, handle->username) == 0) { + if (handle->groups == user_groups && + strcmp(pw->pw_name, handle->username) == 0) { DPRINTF(("reusing previous result (user %s) with %d entries", handle->username, handle->result->nentries), 1); return(handle->result); @@ -2427,6 +2430,7 @@ sudo_ldap_result_get(nss, pw) /* Store everything in the sudo_nss handle. */ handle->result = lres; handle->username = estrdup(pw->pw_name); + handle->groups = user_groups; return(lres); }