summaryrefslogtreecommitdiff
path: root/source3/winbindd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/winbindd')
-rw-r--r--source3/winbindd/winbindd_ads.c9
-rw-r--r--source3/winbindd/winbindd_cache.c23
-rw-r--r--source3/winbindd/winbindd_dual.c4
-rw-r--r--source3/winbindd/winbindd_pam.c4
4 files changed, 34 insertions, 6 deletions
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 097fa3907d..94e3bad7b2 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -1239,8 +1239,11 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain,
continue;
}
- (*names)[ret_count] = CONST_DISCARD(char *, trusts.array[i].netbios_name);
- (*alt_names)[ret_count] = CONST_DISCARD(char *, trusts.array[i].dns_name);
+ (*names)[ret_count] = talloc_strdup(mem_ctx, trusts.array[i].netbios_name);
+ (*alt_names)[ret_count] = talloc_strdup(mem_ctx, trusts.array[i].dns_name);
+ if ((*names)[ret_count] == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
if (trusts.array[i].sid) {
sid_copy(&(*dom_sids)[ret_count], trusts.array[i].sid);
} else {
@@ -1254,7 +1257,7 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain,
if (trusts.array[i].sid) {
sid_copy( &d.sid, trusts.array[i].sid);
} else {
- sid_copy(&(*dom_sids)[ret_count], &global_sid_NULL);
+ sid_copy(&d.sid, &global_sid_NULL);
}
if ( domain->primary ) {
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index c9d857c2ec..2fbb01b623 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -2259,6 +2259,8 @@ static int traverse_fn(TDB_CONTEXT *the_tdb, TDB_DATA kbuf, TDB_DATA dbuf,
void wcache_invalidate_samlogon(struct winbindd_domain *domain,
struct netr_SamInfo3 *info3)
{
+ DOM_SID sid;
+ fstring key_str, sid_string;
struct winbind_cache *cache;
/* dont clear cached U/SID and UG/SID entries when we want to logon
@@ -2272,7 +2274,26 @@ void wcache_invalidate_samlogon(struct winbindd_domain *domain,
return;
cache = get_cache(domain);
- netsamlogon_clear_cached_user(cache->tdb, info3);
+
+ if (!cache->tdb) {
+ return;
+ }
+
+ sid_copy(&sid, info3->base.domain_sid);
+ sid_append_rid(&sid, info3->base.rid);
+
+ /* Clear U/SID cache entry */
+ fstr_sprintf(key_str, "U/%s", sid_to_fstring(sid_string, &sid));
+ DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str));
+ tdb_delete(cache->tdb, string_tdb_data(key_str));
+
+ /* Clear UG/SID cache entry */
+ fstr_sprintf(key_str, "UG/%s", sid_to_fstring(sid_string, &sid));
+ DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str));
+ tdb_delete(cache->tdb, string_tdb_data(key_str));
+
+ /* Samba/winbindd never needs this. */
+ netsamlogon_clear_cached_user(info3);
}
bool wcache_invalidate_cache(void)
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c
index 916e8c07c7..63ce0e8d7f 100644
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -1212,6 +1212,10 @@ static bool fork_domain_child(struct winbindd_child *child)
}
}
+ if (primary_domain == NULL) {
+ smb_panic("no primary domain found");
+ }
+
/* Ensure we're not handling an event inherited from
our parent. */
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index a7911f60aa..d4a2e3ed79 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1595,8 +1595,8 @@ process_result:
goto done;
}
- netsamlogon_cache_store(name_user, info3);
wcache_invalidate_samlogon(find_domain_from_name(name_domain), info3);
+ netsamlogon_cache_store(name_user, info3);
/* save name_to_sid info as early as possible (only if
this is our primary domain so we don't invalidate
@@ -1921,8 +1921,8 @@ enum winbindd_result winbindd_dual_pam_auth_crap(struct winbindd_domain *domain,
if (NT_STATUS_IS_OK(result)) {
- netsamlogon_cache_store(name_user, info3);
wcache_invalidate_samlogon(find_domain_from_name(name_domain), info3);
+ netsamlogon_cache_store(name_user, info3);
/* Check if the user is in the right group */