From 6af7f33bbb2f6860f11bb8632ad973f91a40aded Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 26 Feb 2007 09:53:35 +0000 Subject: r21537: Avoid to trigger the confusing "cached entry differs." warning when there is just no cache around for a user. Guenther (This used to be commit a6c249b59228c6891cde624f72fff23879dbd19f) --- source3/nsswitch/winbindd_cred_cache.c | 12 ++++++++++++ source3/nsswitch/winbindd_pam.c | 10 ++++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) (limited to 'source3/nsswitch') diff --git a/source3/nsswitch/winbindd_cred_cache.c b/source3/nsswitch/winbindd_cred_cache.c index 84c844a9da..0847ac9e27 100644 --- a/source3/nsswitch/winbindd_cred_cache.c +++ b/source3/nsswitch/winbindd_cred_cache.c @@ -248,6 +248,16 @@ static void krb5_ticket_gain_handler(struct event_context *event_ctx, #endif } +/**************************************************************** + Check if an ccache entry exists. +****************************************************************/ + +BOOL ccache_entry_exists(const char *username) +{ + struct WINBINDD_CCACHE_ENTRY *entry = get_ccache_by_username(username); + return (entry != NULL); +} + /**************************************************************** Ensure we're changing the correct entry. ****************************************************************/ @@ -305,6 +315,8 @@ NTSTATUS add_ccache_to_list(const char *princ_name, entry->ref_count++; DEBUG(10,("add_ccache_to_list: ref count on entry %s is now %d\n", username, entry->ref_count)); + /* FIXME: in this case we still might want to have a krb5 cred + * event handler created - gd*/ return NT_STATUS_OK; } diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index 69e004ec71..2e679c37dc 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -2147,8 +2147,14 @@ enum winbindd_result winbindd_dual_pam_logoff(struct winbindd_domain *domain, } /* what we need here is to find the corresponding krb5 ccache name *we* - * created for a given username and destroy it (as the user who created it) */ - + * created for a given username and destroy it */ + + if (!ccache_entry_exists(state->request.data.logoff.user)) { + result = NT_STATUS_OK; + DEBUG(10,("winbindd_pam_logoff: no entry found.\n")); + goto process_result; + } + if (!ccache_entry_identical(state->request.data.logoff.user, state->request.data.logoff.uid, state->request.data.logoff.krb5ccname)) { -- cgit