/*
SSSD
NSS Responder
Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _NSS_NEG_CACHE_H_
#define _NSS_NEG_CACHE_H_
struct sss_nc_ctx;
/* init the in memory negative cache */
/* check if the user is expired according to the passed in time to live */
const char *name);
const char *name);
const char *name);
const char *name);
struct sss_domain_info *dom,
const char *name,
const char *proto);
struct sss_domain_info *dom,
const char *proto);
/* add a new neg-cache entry setting the timestamp to "now" unless
* "permanent" is set to true, in which case the timestamps is set to 0
* and the negative cache never expires (used to permanently filter out
* users and groups) */
const char *cert);
struct sss_domain_info *dom,
struct sss_domain_info *dom,
/*
* Mark the lookup_type as not supporting the negative cache. This
* would be used by the corresponding checker to avoid needless
* subsequent calls to the locator for configurations that do not
* support the locator plugin.
*
* @param ctx The negative cache.
* @param dom The top-level domain. It is expected that the caller
* would use the top-level domain head here, because
* this negative cache is "per-request-type" which is the
* same for all subdomains of a domain.
* @param lookup_type Lookup type, e.g. getpwuid, getgrnam.
*
* @return EOK on success, errno on failure.
*/
struct sss_domain_info *dom,
const char *lookup_type);
/*
* Check if the lookup_type supports the domain locator request.
*
* @param ctx The negative cache.
* @param dom The top-level domain. It is expected that the caller
* would use the top-level domain head here, because
* this negative cache is "per-request-type" which is the
* same for all subdomains of a domain.
* @param lookup_type Lookup type, e.g. getpwuid, getgrnam.
*
* @return ENOENT if the request supports the locator (or we
* haven't checked yet), EEXIST if the request does
* not support the domain locator request.
*/
struct sss_domain_info *dom,
const char *key);
/*
* Call these two functions to mark a GID as checked until the negative
* cache expires. This function is used to avoid a situation where
* GID would be found in a subsequent domain, so any request that
* searches for this GID again (even if it was cached) would first
* run the locator again.
*
* While this negative cache entry is valid, it is expected that
* the negatively cached entries in the domain's GID negative
* cache (if any) are valid.
*
* The sss_ncache_set_locate_gid() is called by the locator request
* when it finishes, the sss_ncache_check_locate_gid() is called
* by the caller of the locator request to find if the locator
* should be called at all.
*/
struct sss_domain_info *dom,
struct sss_domain_info *dom,
struct sss_domain_info *dom,
struct sss_domain_info *dom,
struct resp_ctx;
/* Set up the negative cache with values from filter_users and
* filter_groups in the sssd.conf
*/
struct confdb_ctx *cdb,
/* Flush the negcache and then repopulate */
struct sss_nc_ctx *ncache);
#endif /* _NSS_NEG_CACHE_H_ */