svn commit: samba r20172 - in
branches/SAMBA_3_0_24/source/nsswitch: .
gd at samba.org
gd at samba.org
Thu Dec 14 16:35:09 GMT 2006
Author: gd
Date: 2006-12-14 16:35:07 +0000 (Thu, 14 Dec 2006)
New Revision: 20172
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20172
Log:
Don't delete the krb5 credential if others still reference to it.
Guenther
Modified:
branches/SAMBA_3_0_24/source/nsswitch/winbindd_cred_cache.c
branches/SAMBA_3_0_24/source/nsswitch/winbindd_pam.c
Changeset:
Modified: branches/SAMBA_3_0_24/source/nsswitch/winbindd_cred_cache.c
===================================================================
--- branches/SAMBA_3_0_24/source/nsswitch/winbindd_cred_cache.c 2006-12-14 16:34:24 UTC (rev 20171)
+++ branches/SAMBA_3_0_24/source/nsswitch/winbindd_cred_cache.c 2006-12-14 16:35:07 UTC (rev 20172)
@@ -382,9 +382,17 @@
return NT_STATUS_NO_MEMORY;
}
+/*******************************************************************
+ Remove a WINBINDD_CCACHE_ENTRY entry and the krb5 ccache if no longer referenced.
+*******************************************************************/
+
NTSTATUS remove_ccache(const char *username)
{
struct WINBINDD_CCACHE_ENTRY *entry = get_ccache_by_username(username);
+ NTSTATUS status;
+#ifdef HAVE_KRB5
+ krb5_error_code ret;
+#endif
if (!entry) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
@@ -397,17 +405,34 @@
}
entry->ref_count--;
- if (entry->ref_count <= 0) {
- DLIST_REMOVE(ccache_list, entry);
- TALLOC_FREE(entry->event); /* unregisters events */
- TALLOC_FREE(entry);
- DEBUG(10,("remove_ccache: removed ccache for user %s\n", username));
- } else {
+
+ if (entry->ref_count > 0) {
DEBUG(10,("remove_ccache: entry %s ref count now %d\n",
username, entry->ref_count ));
+ return NT_STATUS_OK;
}
- return NT_STATUS_OK;
+ /* no references any more */
+
+ DLIST_REMOVE(ccache_list, entry);
+ TALLOC_FREE(entry->event); /* unregisters events */
+
+#ifdef HAVE_KRB5
+ ret = ads_kdestroy(entry->ccname);
+ if (ret) {
+ DEBUG(0,("remove_ccache: failed to destroy user krb5 ccache %s with: %s\n",
+ entry->ccname, error_message(ret)));
+ } else {
+ DEBUG(10,("remove_ccache: successfully destroyed krb5 ccache %s for user %s\n",
+ entry->ccname, username));
+ }
+ status = krb5_to_nt_status(ret);
+#endif
+
+ TALLOC_FREE(entry);
+ DEBUG(10,("remove_ccache: removed ccache for user %s\n", username));
+
+ return status;
}
/*******************************************************************
Modified: branches/SAMBA_3_0_24/source/nsswitch/winbindd_pam.c
===================================================================
--- branches/SAMBA_3_0_24/source/nsswitch/winbindd_pam.c 2006-12-14 16:34:24 UTC (rev 20171)
+++ branches/SAMBA_3_0_24/source/nsswitch/winbindd_pam.c 2006-12-14 16:35:07 UTC (rev 20172)
@@ -1976,9 +1976,6 @@
struct winbindd_cli_state *state)
{
NTSTATUS result = NT_STATUS_NOT_SUPPORTED;
-#ifdef HAVE_KRB5
- int ret;
-#endif
DEBUG(3, ("[%5lu]: pam dual logoff %s\n", (unsigned long)state->pid,
state->request.data.logoff.user));
@@ -2010,19 +2007,13 @@
goto process_result;
}
- ret = ads_kdestroy(state->request.data.logoff.krb5ccname);
-
- if (ret) {
- DEBUG(0,("winbindd_pam_logoff: failed to destroy user ccache %s with: %s\n",
- state->request.data.logoff.krb5ccname, error_message(ret)));
- } else {
- DEBUG(10,("winbindd_pam_logoff: successfully destroyed ccache %s for user %s\n",
- state->request.data.logoff.krb5ccname, state->request.data.logoff.user));
+ result = remove_ccache(state->request.data.logoff.user);
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(0,("winbindd_pam_logoff: failed to remove ccache: %s\n",
+ nt_errstr(result)));
+ goto process_result;
}
- remove_ccache(state->request.data.logoff.user);
-
- result = krb5_to_nt_status(ret);
#else
result = NT_STATUS_NOT_SUPPORTED;
#endif
More information about the samba-cvs
mailing list