summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2008-08-27 17:29:10 -0700
committerJeremy Allison <jra@samba.org>2008-08-27 17:29:10 -0700
commit29af730964e567a8391ee381aae3b9aaa7e5e7e1 (patch)
tree280a676846bb191c94885145704ce3b486a2d706
parent1d26beb7084efdfcadb4a1cebe5a0d7cdcd2b454 (diff)
downloadsamba-29af730964e567a8391ee381aae3b9aaa7e5e7e1.tar.gz
samba-29af730964e567a8391ee381aae3b9aaa7e5e7e1.tar.bz2
samba-29af730964e567a8391ee381aae3b9aaa7e5e7e1.zip
Fix the wcache_invalidate_samlogon calls.
Jeremy. (This used to be commit 7c820899ed1364fdaeb7b49e8ddd839e67397ec0)
-rw-r--r--source3/include/proto.h2
-rw-r--r--source3/winbindd/winbindd_cache.c23
-rw-r--r--source3/winbindd/winbindd_pam.c4
3 files changed, 25 insertions, 4 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 2145a892c6..d5e942a6d7 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -5002,7 +5002,7 @@ void pwd_get_cleartext(struct pwd_info *pwd, fstring clr);
bool netsamlogon_cache_init(void);
bool netsamlogon_cache_shutdown(void);
-void netsamlogon_clear_cached_user(TDB_CONTEXT *tdb, struct netr_SamInfo3 *info3);
+void netsamlogon_clear_cached_user(struct netr_SamInfo3 *info3);
bool netsamlogon_cache_store(const char *username, struct netr_SamInfo3 *info3);
struct netr_SamInfo3 *netsamlogon_cache_get(TALLOC_CTX *mem_ctx, const DOM_SID *user_sid);
bool netsamlogon_cache_have(const DOM_SID *user_sid);
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index c9d857c2ec..2fbb01b623 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -2259,6 +2259,8 @@ static int traverse_fn(TDB_CONTEXT *the_tdb, TDB_DATA kbuf, TDB_DATA dbuf,
void wcache_invalidate_samlogon(struct winbindd_domain *domain,
struct netr_SamInfo3 *info3)
{
+ DOM_SID sid;
+ fstring key_str, sid_string;
struct winbind_cache *cache;
/* dont clear cached U/SID and UG/SID entries when we want to logon
@@ -2272,7 +2274,26 @@ void wcache_invalidate_samlogon(struct winbindd_domain *domain,
return;
cache = get_cache(domain);
- netsamlogon_clear_cached_user(cache->tdb, info3);
+
+ if (!cache->tdb) {
+ return;
+ }
+
+ sid_copy(&sid, info3->base.domain_sid);
+ sid_append_rid(&sid, info3->base.rid);
+
+ /* Clear U/SID cache entry */
+ fstr_sprintf(key_str, "U/%s", sid_to_fstring(sid_string, &sid));
+ DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str));
+ tdb_delete(cache->tdb, string_tdb_data(key_str));
+
+ /* Clear UG/SID cache entry */
+ fstr_sprintf(key_str, "UG/%s", sid_to_fstring(sid_string, &sid));
+ DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str));
+ tdb_delete(cache->tdb, string_tdb_data(key_str));
+
+ /* Samba/winbindd never needs this. */
+ netsamlogon_clear_cached_user(info3);
}
bool wcache_invalidate_cache(void)
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index a7911f60aa..d4a2e3ed79 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1595,8 +1595,8 @@ process_result:
goto done;
}
- netsamlogon_cache_store(name_user, info3);
wcache_invalidate_samlogon(find_domain_from_name(name_domain), info3);
+ netsamlogon_cache_store(name_user, info3);
/* save name_to_sid info as early as possible (only if
this is our primary domain so we don't invalidate
@@ -1921,8 +1921,8 @@ enum winbindd_result winbindd_dual_pam_auth_crap(struct winbindd_domain *domain,
if (NT_STATUS_IS_OK(result)) {
- netsamlogon_cache_store(name_user, info3);
wcache_invalidate_samlogon(find_domain_from_name(name_domain), info3);
+ netsamlogon_cache_store(name_user, info3);
/* Check if the user is in the right group */