SYSDB: Avoid optimisation with modifyTimestamp for users The usage of modifyTimestamp needn't be a reliable way for detecting of changes in user entry in LDAP. The authorisation need to rely current data from LDAP and therefore we will temporary disable optimisation with modifyTimestamp and we will rather rely on deep comparison of attributes. In he future, it might be changed and responders might control the optimization level. Resolves: https://fedorahosted.org/sssd/ticket/3110 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

SYSDB: Fix setting dataExpireTimestamp if sysdb is supposed to set the current time sysdb is already able to retrieve the current timestamp if the caller doesn't specify it. However, for the timestamp cache this came too late and the timestamp cache used zero as the 'now' time. Resolves: https://fedorahosted.org/sssd/ticket/3064 Reviewed-by: Pavel Březina <pbrezina@redhat.com>

sysdb: Use ldb_result as output in sysdb_search_ts_{users,groups} Passing address of unsigned to the output argument size_t causes access out of boundaries for type unsigned and and wrong data on big endian. It looks like functions sysdb_search_ts_{users,groups} need to store results in structure ldb_result anyway for further processing. Therefore it will be better to convert output arguments size_t* + ldb_message*** into structure ldb_result and avoid using additional helper variable with type size_t before each invocation of these functions. Reviewed-by: Sumit Bose <sbose@redhat.com>

test_sysdb_ts_cache: Do not use wrong pointer for output argument The function sysdb_search_groups expects pointer to size_t as an output argument msgs_count. However, struct ldb_result has type unsigned for element count. The size of unsigned is lower then size of size_t on some platforms. Therefore we should not cast to pointer to size_t if we want to write count of messages into struct ldb_result -> count. The valgrind did not detect write out of boundary for the element count because it is the 1st element in structure ldb_result. It didn't cause any problem on little endian because the most significant part of size_t was properly stored to type unsigned. We firstly store to output argument _msgs_count and then to output argument _msgs in the function sysdb_cache_search_entry therefore element msgs was not damaged and contained correct data. Reviewed-by: Sumit Bose <sbose@redhat.com>

TESTS: Add a unit test for timestamps caches Reviewed-by: Sumit Bose <sbose@redhat.com>