On 26.5.2014 03:41, William wrote:
I'm afraid there is no right thing to call ATM, as there is no support
for cache invalidation in SSH host code. I guess you'll have to
implement it yourself.
Off the top of my head, you need to properly set SYSDB_CACHE_EXPIRE in
sysdb_store_ssh_host, return only unexpired hosts in
sysdb_get_ssh_known_hosts, make sysdb_search_ssh_hosts public and create
sysdb_set_ssh_host_attr (sysdb_update_ssh_hosts does the same, so you
can modify and rename it instead of writing a completely new function).
Please find attached a patch that adds the functionality. Note that
ssh_hosts don't use the dataExpire attribute, they use a different
attribute, which is why I opted to call ssh_known_host_expire.
I'm sorry, but that's completely wrong. The ssh_known_host_expire
attribute does *not* denote cache entry expiration, it denotes
known_hosts entry expiration, hence my request to add support for
SYSDB_CACHE_EXPIRE. Unless you do that, I can't ACK.
--
Jan Cholasta
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
