r17837: Split out the storing of memory cached credentials

from the krb5 ticket renewal code. This allows cached
credentials to be stored for single sign-on via ntlm_auth
for machines in a domain still using NTLM. Also (hopefully)
fixes the reference counting problem with pam_logon/logoff
so multiple logons/logoffs won't lose cached credentials.
This compiles, but I'm intending to test it over the weekend
so don't complain too much :-). I also want it in the tree
so Coverity can scan it for errors. Guenther, check this over
please - I ran through the architecture with Jerry and he's
ok with it, but this is modifying your code a lot.
Jeremy.
(This used to be commit 679eeeb91155dad3942efde6ae9f8d81faf18c5b)

1 files changed, 13 insertions, 4 deletions

diff --git a/source3/nsswitch/winbindd_nss.h b/source3/nsswitch/winbindd_nss.h
index c6b6be33ed..88fe671114 100644
--- a/source3/nsswitch/winbindd_nss.h
+++ b/source3/nsswitch/winbindd_nss.h
@@ -456,22 +456,31 @@ struct winbindd_response {
 	} extra_data;
 };
 
+struct WINBINDD_MEMORY_CREDS {
+	struct WINBINDD_MEMORY_CREDS *next, *prev;
+	const char *username; /* lookup key. */
+	int ref_count;
+	size_t len;
+	unsigned char *nt_hash; /* Base pointer for the following 2 */
+	unsigned char *lm_hash;
+	char *pass;
+};
+
 struct WINBINDD_CCACHE_ENTRY {
+	struct WINBINDD_CCACHE_ENTRY *next, *prev;
 	const char *principal_name;
 	const char *ccname;
 	const char *service;
 	const char *username;
 	const char *sid_string;
-	unsigned char *nt_hash; /* Base pointer for the following 2 */
-	unsigned char *lm_hash;
-	char *pass;
+	struct WINBINDD_MEMORY_CREDS *cred_ptr;
+	int ref_count;
 	uid_t uid;
 	time_t create_time;
 	time_t renew_until;
 	BOOL refresh_tgt;
 	time_t refresh_time;
 	struct timed_event *event;
-	struct WINBINDD_CCACHE_ENTRY *next, *prev;
 };
 
 #endif