From ae01ffdbbc74c5b43c2b644f8847d856cd2bf997 Mon Sep 17 00:00:00 2001 From: Lukas Slebodnik Date: Wed, 3 Aug 2016 18:48:04 +0200 Subject: [PATCH] SYSDB: Avoid optimisation with modifyTimestamp for users The usage of modifyTimestamp needn't be a reliable way for detecting of changes in user entry in LDAP. The authorisation need to rely current data from LDAP and therefore we will temporary disable optimisation with modifyTimestamp and we will rather rely on deep comparison of attributes. In he future, it might be changed and responders might control the optimization level. Resolves: https://fedorahosted.org/sssd/ticket/3110 --- src/db/sysdb_ops.c | 9 --------- 1 file changed, 9 deletions(-) diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index ed177d1730723a61e01167a75a0baca6d81252f8..e16b46bde7ac6e328a67552297c82bb25689fe46 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -2465,15 +2465,6 @@ int sysdb_store_user(struct sss_domain_info *domain, errno_t sret = EOK; bool in_transaction = false; - ret = sysdb_check_and_update_ts_usr(domain, name, attrs, - cache_timeout, now); - if (ret == EOK) { - DEBUG(SSSDBG_TRACE_LIBS, - "The user record of %s did not change, only updated " - "the timestamp cache\n", name); - return EOK; - } - tmp_ctx = talloc_new(NULL); if (!tmp_ctx) { return ENOMEM; -- 2.9.2