summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristof Schmitt <christof.schmitt@us.ibm.com>2013-02-21 12:31:28 -0700
committerAndrew Bartlett <abartlet@samba.org>2013-03-09 06:30:22 +0100
commit0c4e467c1cc661552bfd6745825e2106ec8279d7 (patch)
treef2b475fa8aa54f01e3da0441efb21f813067c339
parentc07c167edb71568ab18f016346e60803d1195d42 (diff)
downloadsamba-0c4e467c1cc661552bfd6745825e2106ec8279d7.tar.gz
samba-0c4e467c1cc661552bfd6745825e2106ec8279d7.tar.bz2
samba-0c4e467c1cc661552bfd6745825e2106ec8279d7.zip
s3-winbindd: Move code for verifying ADS connection to common helper function
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r--source3/winbindd/idmap_ad.c26
-rw-r--r--source3/winbindd/winbindd_ads.c54
-rw-r--r--source3/winbindd/winbindd_proto.h6
3 files changed, 41 insertions, 45 deletions
diff --git a/source3/winbindd/idmap_ad.c b/source3/winbindd/idmap_ad.c
index d6f31ba6e9..0e00a340bf 100644
--- a/source3/winbindd/idmap_ad.c
+++ b/source3/winbindd/idmap_ad.c
@@ -39,8 +39,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_IDMAP
-#define WINBIND_CCACHE_NAME "MEMORY:winbind_ccache"
-
#define CHECK_ALLOC_DONE(mem) do { \
if (!mem) { \
DEBUG(0, ("Out of memory!\n")); \
@@ -74,29 +72,9 @@ static ADS_STATUS ad_idmap_cached_connection_internal(struct idmap_domain *dom)
ctx = talloc_get_type(dom->private_data, struct idmap_ad_context);
+ ads_cached_connection_reuse(&ctx->ads);
if (ctx->ads != NULL) {
-
- time_t expire;
- time_t now = time(NULL);
-
- ads = ctx->ads;
-
- expire = MIN(ads->auth.tgt_expire, ads->auth.tgs_expire);
-
- /* check for a valid structure */
- DEBUG(7, ("Current tickets expire in %d seconds (at %d, time is now %d)\n",
- (uint32)expire-(uint32)now, (uint32) expire, (uint32) now));
-
- if ( ads->config.realm && (expire > time(NULL))) {
- return ADS_SUCCESS;
- } else {
- /* we own this ADS_STRUCT so make sure it goes away */
- DEBUG(7,("Deleting expired krb5 credential cache\n"));
- ads->is_mine = True;
- ads_destroy( &ads );
- ads_kdestroy(WINBIND_CCACHE_NAME);
- ctx->ads = NULL;
- }
+ return ADS_SUCCESS;
}
/* we don't want this to affect the users ccache */
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 8abcfd6d0f..03cbcf23a3 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -40,43 +40,55 @@
extern struct winbindd_methods reconnect_methods;
-/*
- return our ads connections structure for a domain. We keep the connection
- open to make things faster
-*/
-static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
+/**
+ * Check if cached connection can be reused. If the connection cannot
+ * be reused the ADS_STRUCT is freed and the pointer is set to NULL.
+ */
+void ads_cached_connection_reuse(ADS_STRUCT **adsp)
{
- ADS_STRUCT *ads;
- ADS_STATUS status;
- fstring dc_name;
- struct sockaddr_storage dc_ss;
-
- DEBUG(10,("ads_cached_connection\n"));
- if (domain->private_data) {
+ ADS_STRUCT *ads = *adsp;
+ if (ads != NULL) {
time_t expire;
time_t now = time(NULL);
- /* check for a valid structure */
- ads = (ADS_STRUCT *)domain->private_data;
-
expire = MIN(ads->auth.tgt_expire, ads->auth.tgs_expire);
- DEBUG(7, ("Current tickets expire in %d seconds (at %d, time is now %d)\n",
- (uint32)expire-(uint32)now, (uint32) expire, (uint32) now));
+ DEBUG(7, ("Current tickets expire in %d seconds (at %d, time "
+ "is now %d)\n", (uint32)expire - (uint32)now,
+ (uint32) expire, (uint32) now));
if ( ads->config.realm && (expire > now)) {
- return ads;
+ return;
} else {
/* we own this ADS_STRUCT so make sure it goes away */
DEBUG(7,("Deleting expired krb5 credential cache\n"));
ads->is_mine = True;
ads_destroy( &ads );
- ads_kdestroy("MEMORY:winbind_ccache");
- domain->private_data = NULL;
+ ads_kdestroy(WINBIND_CCACHE_NAME);
+ *adsp = NULL;
}
}
+}
+
+/*
+ return our ads connections structure for a domain. We keep the connection
+ open to make things faster
+*/
+static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
+{
+ ADS_STRUCT *ads;
+ ADS_STATUS status;
+ fstring dc_name;
+ struct sockaddr_storage dc_ss;
+
+ DEBUG(10,("ads_cached_connection\n"));
+ ads_cached_connection_reuse((ADS_STRUCT **)&domain->private_data);
+
+ if (domain->private_data) {
+ return (ADS_STRUCT *)domain->private_data;
+ }
ads = ads_init(domain->alt_name, domain->name, NULL);
if (!ads) {
@@ -1282,7 +1294,7 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq)
ads = (ADS_STRUCT *)domain->private_data;
ads->is_mine = True;
ads_destroy(&ads);
- ads_kdestroy("MEMORY:winbind_ccache");
+ ads_kdestroy(WINBIND_CCACHE_NAME);
domain->private_data = NULL;
}
}
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 00b7c32194..0d75791020 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -23,6 +23,8 @@
#ifndef _WINBINDD_PROTO_H_
#define _WINBINDD_PROTO_H_
+#include "ads.h"
+
/* The following definitions come from winbindd/winbindd.c */
struct messaging_context *winbind_messaging_context(void);
void request_error(struct winbindd_cli_state *state);
@@ -890,4 +892,8 @@ NTSTATUS open_internal_samr_conn(TALLOC_CTX *mem_ctx,
struct rpc_pipe_client **samr_pipe,
struct policy_handle *samr_domain_hnd);
+/* The following definitions come from winbindd/winbindd_ads.c */
+#define WINBIND_CCACHE_NAME "MEMORY:winbind_ccache"
+void ads_cached_connection_reuse(ADS_STRUCT **ads);
+
#endif /* _WINBINDD_PROTO_H_ */