s3: Fix some nonempty blank lines
[nivanova/samba-autobuild/.git] / source3 / winbindd / winbindd_cred_cache.c
1 /*
2    Unix SMB/CIFS implementation.
3
4    Winbind daemon - krb5 credential cache functions
5    and in-memory cache functions.
6
7    Copyright (C) Guenther Deschner 2005-2006
8    Copyright (C) Jeremy Allison 2006
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "winbindd.h"
26 #include "../libcli/auth/libcli_auth.h"
27 #include "smb_krb5.h"
28
29 #undef DBGC_CLASS
30 #define DBGC_CLASS DBGC_WINBIND
31
32 /* uncomment this to do fast debugging on the krb5 ticket renewal event */
33 #ifdef DEBUG_KRB5_TKT_RENEWAL
34 #undef DEBUG_KRB5_TKT_RENEWAL
35 #endif
36
37 #define MAX_CCACHES 100
38
39 static struct WINBINDD_CCACHE_ENTRY *ccache_list;
40 static void krb5_ticket_gain_handler(struct event_context *,
41                                      struct timed_event *,
42                                      struct timeval,
43                                      void *);
44 static void add_krb5_ticket_gain_handler_event(struct WINBINDD_CCACHE_ENTRY *,
45                                      struct timeval);
46
47 /* The Krb5 ticket refresh handler should be scheduled
48    at one-half of the period from now till the tkt
49    expiration */
50 #define KRB5_EVENT_REFRESH_TIME(x) ((x) - (((x) - time(NULL))/2))
51
52 /****************************************************************
53  Find an entry by name.
54 ****************************************************************/
55
56 static struct WINBINDD_CCACHE_ENTRY *get_ccache_by_username(const char *username)
57 {
58         struct WINBINDD_CCACHE_ENTRY *entry;
59
60         for (entry = ccache_list; entry; entry = entry->next) {
61                 if (strequal(entry->username, username)) {
62                         return entry;
63                 }
64         }
65         return NULL;
66 }
67
68 /****************************************************************
69  How many do we have ?
70 ****************************************************************/
71
72 static int ccache_entry_count(void)
73 {
74         struct WINBINDD_CCACHE_ENTRY *entry;
75         int i = 0;
76
77         for (entry = ccache_list; entry; entry = entry->next) {
78                 i++;
79         }
80         return i;
81 }
82
83 void ccache_remove_all_after_fork(void)
84 {
85         struct WINBINDD_CCACHE_ENTRY *cur, *next;
86
87         for (cur = ccache_list; cur; cur = next) {
88                 next = cur->next;
89                 DLIST_REMOVE(ccache_list, cur);
90                 TALLOC_FREE(cur->event);
91                 TALLOC_FREE(cur);
92         }
93
94         return;
95 }
96
97 /****************************************************************
98  Do the work of refreshing the ticket.
99 ****************************************************************/
100
101 static void krb5_ticket_refresh_handler(struct event_context *event_ctx,
102                                         struct timed_event *te,
103                                         struct timeval now,
104                                         void *private_data)
105 {
106         struct WINBINDD_CCACHE_ENTRY *entry =
107                 talloc_get_type_abort(private_data, struct WINBINDD_CCACHE_ENTRY);
108 #ifdef HAVE_KRB5
109         int ret;
110         time_t new_start;
111         time_t expire_time = 0;
112         struct WINBINDD_MEMORY_CREDS *cred_ptr = entry->cred_ptr;
113 #endif
114
115         DEBUG(10,("krb5_ticket_refresh_handler called\n"));
116         DEBUGADD(10,("event called for: %s, %s\n",
117                 entry->ccname, entry->username));
118
119         TALLOC_FREE(entry->event);
120
121 #ifdef HAVE_KRB5
122
123         /* Kinit again if we have the user password and we can't renew the old
124          * tgt anymore 
125          * NB
126          * This happens when machine are put to sleep for a very long time. */
127
128         if (entry->renew_until < time(NULL)) {
129 rekinit:
130                 if (cred_ptr && cred_ptr->pass) {
131
132                         set_effective_uid(entry->uid);
133
134                         ret = kerberos_kinit_password_ext(entry->principal_name,
135                                                           cred_ptr->pass,
136                                                           0, /* hm, can we do time correction here ? */
137                                                           &entry->refresh_time,
138                                                           &entry->renew_until,
139                                                           entry->ccname,
140                                                           False, /* no PAC required anymore */
141                                                           True,
142                                                           WINBINDD_PAM_AUTH_KRB5_RENEW_TIME,
143                                                           NULL);
144                         gain_root_privilege();
145
146                         if (ret) {
147                                 DEBUG(3,("krb5_ticket_refresh_handler: "
148                                         "could not re-kinit: %s\n",
149                                         error_message(ret)));
150                                 /* destroy the ticket because we cannot rekinit
151                                  * it, ignore error here */
152                                 ads_kdestroy(entry->ccname);
153
154                                 /* Don't break the ticket refresh chain: retry 
155                                  * refreshing ticket sometime later when KDC is 
156                                  * unreachable -- BoYang. More error code handling
157                                  * here? 
158                                  * */
159
160                                 if ((ret == KRB5_KDC_UNREACH)
161                                     || (ret == KRB5_REALM_CANT_RESOLVE)) {
162 #if defined(DEBUG_KRB5_TKT_RENEWAL)
163                                         new_start = time(NULL) + 30;
164 #else
165                                         new_start = time(NULL) +
166                                                     MAX(30, lp_winbind_cache_time());
167 #endif
168                                         add_krb5_ticket_gain_handler_event(entry,
169                                                         timeval_set(new_start, 0));
170                                         return;
171                                 }
172                                 TALLOC_FREE(entry->event);
173                                 return;
174                         }
175
176                         DEBUG(10,("krb5_ticket_refresh_handler: successful re-kinit "
177                                 "for: %s in ccache: %s\n",
178                                 entry->principal_name, entry->ccname));
179
180 #if defined(DEBUG_KRB5_TKT_RENEWAL)
181                         new_start = time(NULL) + 30;
182 #else
183                         /* The tkt should be refreshed at one-half the period
184                            from now to the expiration time */
185                         expire_time = entry->refresh_time;
186                         new_start = KRB5_EVENT_REFRESH_TIME(entry->refresh_time);
187 #endif
188                         goto done;
189                 } else {
190                                 /* can this happen? 
191                                  * No cached credentials
192                                  * destroy ticket and refresh chain 
193                                  * */
194                                 ads_kdestroy(entry->ccname);
195                                 TALLOC_FREE(entry->event);
196                                 return;
197                 }
198         }
199
200         set_effective_uid(entry->uid);
201
202         ret = smb_krb5_renew_ticket(entry->ccname,
203                                     entry->principal_name,
204                                     entry->service,
205                                     &new_start);
206 #if defined(DEBUG_KRB5_TKT_RENEWAL)
207         new_start = time(NULL) + 30;
208 #else
209         expire_time = new_start;
210         new_start = KRB5_EVENT_REFRESH_TIME(new_start);
211 #endif
212
213         gain_root_privilege();
214
215         if (ret) {
216                 DEBUG(3,("krb5_ticket_refresh_handler: "
217                         "could not renew tickets: %s\n",
218                         error_message(ret)));
219                 /* maybe we are beyond the renewing window */
220
221                 /* evil rises here, we refresh ticket failed,
222                  * but the ticket might be expired. Therefore,
223                  * When we refresh ticket failed, destory the 
224                  * ticket */
225
226                 ads_kdestroy(entry->ccname);
227
228                 /* avoid breaking the renewal chain: retry in
229                  * lp_winbind_cache_time() seconds when the KDC was not
230                  * available right now. 
231                  * the return code can be KRB5_REALM_CANT_RESOLVE. 
232                  * More error code handling here? */
233
234                 if ((ret == KRB5_KDC_UNREACH) 
235                     || (ret == KRB5_REALM_CANT_RESOLVE)) {
236 #if defined(DEBUG_KRB5_TKT_RENEWAL)
237                         new_start = time(NULL) + 30;
238 #else
239                         new_start = time(NULL) +
240                                     MAX(30, lp_winbind_cache_time());
241 #endif
242                         /* ticket is destroyed here, we have to regain it
243                          * if it is possible */
244                         add_krb5_ticket_gain_handler_event(entry,
245                                                 timeval_set(new_start, 0));
246                         return;
247                 }
248
249                 /* This is evil, if the ticket was already expired.
250                  * renew ticket function returns KRB5KRB_AP_ERR_TKT_EXPIRED.
251                  * But there is still a chance that we can rekinit it. 
252                  *
253                  * This happens when user login in online mode, and then network
254                  * down or something cause winbind goes offline for a very long time,
255                  * and then goes online again. ticket expired, renew failed.
256                  * This happens when machine are put to sleep for a long time,
257                  * but shorter than entry->renew_util.
258                  * NB
259                  * Looks like the KDC is reachable, we want to rekinit as soon as
260                  * possible instead of waiting some time later. */
261                 if ((ret == KRB5KRB_AP_ERR_TKT_EXPIRED)
262                     || (ret == KRB5_FCC_NOFILE)) goto rekinit;
263
264                 return;
265         }
266
267 done:
268         /* in cases that ticket will be unrenewable soon, we don't try to renew ticket 
269          * but try to regain ticket if it is possible */
270         if (entry->renew_until && expire_time
271              && (entry->renew_until <= expire_time)) {
272                 /* try to regain ticket 10 seconds beforre expiration */
273                 expire_time -= 10;
274                 add_krb5_ticket_gain_handler_event(entry,
275                                         timeval_set(expire_time, 0));
276                 return;
277         }
278
279         if (entry->refresh_time == 0) {
280                 entry->refresh_time = new_start;
281         }
282         entry->event = event_add_timed(winbind_event_context(), entry,
283                                        timeval_set(new_start, 0),
284                                        krb5_ticket_refresh_handler,
285                                        entry);
286
287 #endif
288 }
289
290 /****************************************************************
291  Do the work of regaining a ticket when coming from offline auth.
292 ****************************************************************/
293
294 static void krb5_ticket_gain_handler(struct event_context *event_ctx,
295                                      struct timed_event *te,
296                                      struct timeval now,
297                                      void *private_data)
298 {
299         struct WINBINDD_CCACHE_ENTRY *entry =
300                 talloc_get_type_abort(private_data, struct WINBINDD_CCACHE_ENTRY);
301 #ifdef HAVE_KRB5
302         int ret;
303         struct timeval t;
304         struct WINBINDD_MEMORY_CREDS *cred_ptr = entry->cred_ptr;
305         struct winbindd_domain *domain = NULL;
306 #endif
307
308         DEBUG(10,("krb5_ticket_gain_handler called\n"));
309         DEBUGADD(10,("event called for: %s, %s\n",
310                 entry->ccname, entry->username));
311
312         TALLOC_FREE(entry->event);
313
314 #ifdef HAVE_KRB5
315
316         if (!cred_ptr || !cred_ptr->pass) {
317                 DEBUG(10,("krb5_ticket_gain_handler: no memory creds\n"));
318                 return;
319         }
320
321         if ((domain = find_domain_from_name(entry->realm)) == NULL) {
322                 DEBUG(0,("krb5_ticket_gain_handler: unknown domain\n"));
323                 return;
324         }
325
326         if (!domain->online) {
327                 goto retry_later;
328         }
329
330         set_effective_uid(entry->uid);
331
332         ret = kerberos_kinit_password_ext(entry->principal_name,
333                                           cred_ptr->pass,
334                                           0, /* hm, can we do time correction here ? */
335                                           &entry->refresh_time,
336                                           &entry->renew_until,
337                                           entry->ccname,
338                                           False, /* no PAC required anymore */
339                                           True,
340                                           WINBINDD_PAM_AUTH_KRB5_RENEW_TIME,
341                                           NULL);
342         gain_root_privilege();
343
344         if (ret) {
345                 DEBUG(3,("krb5_ticket_gain_handler: "
346                         "could not kinit: %s\n",
347                         error_message(ret)));
348                 /* evil. If we cannot do it, destroy any the __maybe__ 
349                  * __existing__ ticket */
350                 ads_kdestroy(entry->ccname);
351                 goto retry_later;
352         }
353
354         DEBUG(10,("krb5_ticket_gain_handler: "
355                 "successful kinit for: %s in ccache: %s\n",
356                 entry->principal_name, entry->ccname));
357
358         goto got_ticket;
359
360   retry_later:
361  
362 #if defined(DEBUG_KRB5_TKT_REGAIN)
363         t = timeval_set(time(NULL) + 30, 0);
364 #else
365         t = timeval_current_ofs(MAX(30, lp_winbind_cache_time()), 0);
366 #endif
367
368         add_krb5_ticket_gain_handler_event(entry, t);
369         return;
370
371   got_ticket:
372
373 #if defined(DEBUG_KRB5_TKT_RENEWAL)
374         t = timeval_set(time(NULL) + 30, 0);
375 #else
376         t = timeval_set(KRB5_EVENT_REFRESH_TIME(entry->refresh_time), 0);
377 #endif
378
379         if (entry->refresh_time == 0) {
380                 entry->refresh_time = t.tv_sec;
381         }
382         entry->event = event_add_timed(winbind_event_context(),
383                                        entry,
384                                        t,
385                                        krb5_ticket_refresh_handler,
386                                        entry);
387
388         return;
389 #endif
390 }
391
392 /**************************************************************
393  The gain initial ticket case is recognised as entry->refresh_time
394  is always zero.
395 **************************************************************/
396
397 static void add_krb5_ticket_gain_handler_event(struct WINBINDD_CCACHE_ENTRY *entry,
398                                      struct timeval t)
399 {
400         entry->refresh_time = 0;
401         entry->event = event_add_timed(winbind_event_context(),
402                                        entry,
403                                        t,
404                                        krb5_ticket_gain_handler,
405                                        entry);
406 }
407
408 void ccache_regain_all_now(void)
409 {
410         struct WINBINDD_CCACHE_ENTRY *cur;
411         struct timeval t = timeval_current();
412
413         for (cur = ccache_list; cur; cur = cur->next) {
414                 struct timed_event *new_event;
415
416                 /*
417                  * if refresh_time is 0, we know that the
418                  * the event has the krb5_ticket_gain_handler
419                  */
420                 if (cur->refresh_time == 0) {
421                         new_event = event_add_timed(winbind_event_context(),
422                                                     cur,
423                                                     t,
424                                                     krb5_ticket_gain_handler,
425                                                     cur);
426                 } else {
427                         new_event = event_add_timed(winbind_event_context(),
428                                                     cur,
429                                                     t,
430                                                     krb5_ticket_refresh_handler,
431                                                     cur);
432                 }
433
434                 if (!new_event) {
435                         continue;
436                 }
437
438                 TALLOC_FREE(cur->event);
439                 cur->event = new_event;
440         }
441
442         return;
443 }
444
445 /****************************************************************
446  Check if an ccache entry exists.
447 ****************************************************************/
448
449 bool ccache_entry_exists(const char *username)
450 {
451         struct WINBINDD_CCACHE_ENTRY *entry = get_ccache_by_username(username);
452         return (entry != NULL);
453 }
454
455 /****************************************************************
456  Ensure we're changing the correct entry.
457 ****************************************************************/
458
459 bool ccache_entry_identical(const char *username,
460                             uid_t uid,
461                             const char *ccname)
462 {
463         struct WINBINDD_CCACHE_ENTRY *entry = get_ccache_by_username(username);
464
465         if (!entry) {
466                 return False;
467         }
468
469         if (entry->uid != uid) {
470                 DEBUG(0,("cache_entry_identical: uid's differ: %u != %u\n",
471                         (unsigned int)entry->uid, (unsigned int)uid));
472                 return False;
473         }
474         if (!strcsequal(entry->ccname, ccname)) {
475                 DEBUG(0,("cache_entry_identical: "
476                         "ccnames differ: (cache) %s != (client) %s\n",
477                         entry->ccname, ccname));
478                 return False;
479         }
480         return True;
481 }
482
483 NTSTATUS add_ccache_to_list(const char *princ_name,
484                             const char *ccname,
485                             const char *service,
486                             const char *username,
487                             const char *realm,
488                             uid_t uid,
489                             time_t create_time,
490                             time_t ticket_end,
491                             time_t renew_until,
492                             bool postponed_request)
493 {
494         struct WINBINDD_CCACHE_ENTRY *entry = NULL;
495         struct timeval t;
496         NTSTATUS ntret;
497 #ifdef HAVE_KRB5
498         int ret;
499 #endif
500
501         if ((username == NULL && princ_name == NULL) ||
502             ccname == NULL || uid < 0) {
503                 return NT_STATUS_INVALID_PARAMETER;
504         }
505
506         if (ccache_entry_count() + 1 > MAX_CCACHES) {
507                 DEBUG(10,("add_ccache_to_list: "
508                         "max number of ccaches reached\n"));
509                 return NT_STATUS_NO_MORE_ENTRIES;
510         }
511
512         /* If it is cached login, destroy krb5 ticket
513          * to avoid surprise. */
514 #ifdef HAVE_KRB5
515         if (postponed_request) {
516                 /* ignore KRB5_FCC_NOFILE error here */
517                 ret = ads_kdestroy(ccname);
518                 if (ret == KRB5_FCC_NOFILE) {
519                         ret = 0;
520                 }
521                 if (ret) {
522                         DEBUG(0, ("add_ccache_to_list: failed to destroy "
523                                    "user krb5 ccache %s with %s\n", ccname,
524                                    error_message(ret)));
525                         return krb5_to_nt_status(ret);
526                 }
527                 DEBUG(10, ("add_ccache_to_list: successfully destroyed "
528                            "krb5 ccache %s for user %s\n", ccname,
529                            username));
530         }
531 #endif
532
533         /* Reference count old entries */
534         entry = get_ccache_by_username(username);
535         if (entry) {
536                 /* Check cached entries are identical. */
537                 if (!ccache_entry_identical(username, uid, ccname)) {
538                         return NT_STATUS_INVALID_PARAMETER;
539                 }
540                 entry->ref_count++;
541                 DEBUG(10,("add_ccache_to_list: "
542                         "ref count on entry %s is now %d\n",
543                         username, entry->ref_count));
544                 /* FIXME: in this case we still might want to have a krb5 cred
545                  * event handler created - gd
546                  * Add ticket refresh handler here */
547
548                 if (!lp_winbind_refresh_tickets() || renew_until <= 0) {
549                         return NT_STATUS_OK;
550                 }
551
552                 if (!entry->event) {
553                         if (postponed_request) {
554                                 t = timeval_current_ofs(MAX(30, lp_winbind_cache_time()), 0);
555                                 add_krb5_ticket_gain_handler_event(entry, t);
556                         } else {
557                                 /* Renew at 1/2 the ticket expiration time */
558 #if defined(DEBUG_KRB5_TKT_RENEWAL)
559                                 t = timeval_set(time(NULL)+30, 0);
560 #else
561                                 t = timeval_set(KRB5_EVENT_REFRESH_TIME(ticket_end), 0);
562 #endif
563                                 if (!entry->refresh_time) {
564                                         entry->refresh_time = t.tv_sec;
565                                 }
566                                 entry->event = event_add_timed(winbind_event_context(),
567                                                                entry,
568                                                                t,
569                                                                krb5_ticket_refresh_handler,
570                                                                entry);
571                         }
572
573                         if (!entry->event) {
574                                 ntret = remove_ccache(username);
575                                 if (!NT_STATUS_IS_OK(ntret)) {
576                                         DEBUG(0, ("add_ccache_to_list: Failed to remove krb5 "
577                                                   "ccache %s for user %s\n", entry->ccname,
578                                                   entry->username));
579                                         DEBUG(0, ("add_ccache_to_list: error is %s\n",
580                                                   nt_errstr(ntret)));
581                                         return ntret;
582                                 }
583                                 return NT_STATUS_NO_MEMORY;
584                         }
585
586                         DEBUG(10,("add_ccache_to_list: added krb5_ticket handler\n"));
587                 }
588
589                 return NT_STATUS_OK;
590         }
591
592         entry = TALLOC_P(NULL, struct WINBINDD_CCACHE_ENTRY);
593         if (!entry) {
594                 return NT_STATUS_NO_MEMORY;
595         }
596
597         ZERO_STRUCTP(entry);
598
599         if (username) {
600                 entry->username = talloc_strdup(entry, username);
601                 if (!entry->username) {
602                         goto no_mem;
603                 }
604         }
605         if (princ_name) {
606                 entry->principal_name = talloc_strdup(entry, princ_name);
607                 if (!entry->principal_name) {
608                         goto no_mem;
609                 }
610         }
611         if (service) {
612                 entry->service = talloc_strdup(entry, service);
613                 if (!entry->service) {
614                         goto no_mem;
615                 }
616         }
617
618         entry->ccname = talloc_strdup(entry, ccname);
619         if (!entry->ccname) {
620                 goto no_mem;
621         }
622
623         entry->realm = talloc_strdup(entry, realm);
624         if (!entry->realm) {
625                 goto no_mem;
626         }
627
628         entry->create_time = create_time;
629         entry->renew_until = renew_until;
630         entry->uid = uid;
631         entry->ref_count = 1;
632
633         if (!lp_winbind_refresh_tickets() || renew_until <= 0) {
634                 goto add_entry;
635         }
636
637         if (postponed_request) {
638                 t = timeval_current_ofs(MAX(30, lp_winbind_cache_time()), 0);
639                 add_krb5_ticket_gain_handler_event(entry, t);
640         } else {
641                 /* Renew at 1/2 the ticket expiration time */
642 #if defined(DEBUG_KRB5_TKT_RENEWAL)
643                 t = timeval_set(time(NULL)+30, 0);
644 #else
645                 t = timeval_set(KRB5_EVENT_REFRESH_TIME(ticket_end), 0);
646 #endif
647                 if (entry->refresh_time == 0) {
648                         entry->refresh_time = t.tv_sec;
649                 }
650                 entry->event = event_add_timed(winbind_event_context(),
651                                                entry,
652                                                t,
653                                                krb5_ticket_refresh_handler,
654                                                entry);
655         }
656
657         if (!entry->event) {
658                 goto no_mem;
659         }
660
661         DEBUG(10,("add_ccache_to_list: added krb5_ticket handler\n"));
662
663  add_entry:
664
665         DLIST_ADD(ccache_list, entry);
666
667         DEBUG(10,("add_ccache_to_list: "
668                 "added ccache [%s] for user [%s] to the list\n",
669                 ccname, username));
670
671         return NT_STATUS_OK;
672
673  no_mem:
674
675         TALLOC_FREE(entry);
676         return NT_STATUS_NO_MEMORY;
677 }
678
679 /*******************************************************************
680  Remove a WINBINDD_CCACHE_ENTRY entry and the krb5 ccache if no longer
681  referenced.
682  *******************************************************************/
683
684 NTSTATUS remove_ccache(const char *username)
685 {
686         struct WINBINDD_CCACHE_ENTRY *entry = get_ccache_by_username(username);
687         NTSTATUS status = NT_STATUS_OK;
688         #ifdef HAVE_KRB5
689         krb5_error_code ret;
690 #endif
691
692         if (!entry) {
693                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
694         }
695
696         if (entry->ref_count <= 0) {
697                 DEBUG(0,("remove_ccache: logic error. "
698                         "ref count for user %s = %d\n",
699                         username, entry->ref_count));
700                 return NT_STATUS_INTERNAL_DB_CORRUPTION;
701         }
702
703         entry->ref_count--;
704
705         if (entry->ref_count > 0) {
706                 DEBUG(10,("remove_ccache: entry %s ref count now %d\n",
707                         username, entry->ref_count));
708                 return NT_STATUS_OK;
709         }
710
711         /* no references any more */
712
713         DLIST_REMOVE(ccache_list, entry);
714         TALLOC_FREE(entry->event); /* unregisters events */
715
716 #ifdef HAVE_KRB5
717         ret = ads_kdestroy(entry->ccname);
718
719         /* we ignore the error when there has been no credential cache */
720         if (ret == KRB5_FCC_NOFILE) {
721                 ret = 0;
722         } else if (ret) {
723                 DEBUG(0,("remove_ccache: "
724                         "failed to destroy user krb5 ccache %s with: %s\n",
725                         entry->ccname, error_message(ret)));
726         } else {
727                 DEBUG(10,("remove_ccache: "
728                         "successfully destroyed krb5 ccache %s for user %s\n",
729                         entry->ccname, username));
730         }
731         status = krb5_to_nt_status(ret);
732 #endif
733
734         TALLOC_FREE(entry);
735         DEBUG(10,("remove_ccache: removed ccache for user %s\n", username));
736
737         return status;
738 }
739
740 /*******************************************************************
741  In memory credentials cache code.
742 *******************************************************************/
743
744 static struct WINBINDD_MEMORY_CREDS *memory_creds_list;
745
746 /***********************************************************
747  Find an entry on the list by name.
748 ***********************************************************/
749
750 struct WINBINDD_MEMORY_CREDS *find_memory_creds_by_name(const char *username)
751 {
752         struct WINBINDD_MEMORY_CREDS *p;
753
754         for (p = memory_creds_list; p; p = p->next) {
755                 if (strequal(p->username, username)) {
756                         return p;
757                 }
758         }
759         return NULL;
760 }
761
762 /***********************************************************
763  Store the required creds and mlock them.
764 ***********************************************************/
765
766 static NTSTATUS store_memory_creds(struct WINBINDD_MEMORY_CREDS *memcredp,
767                                    const char *pass)
768 {
769 #if !defined(HAVE_MLOCK)
770         return NT_STATUS_OK;
771 #else
772         /* new_entry->nt_hash is the base pointer for the block
773            of memory pointed into by new_entry->lm_hash and
774            new_entry->pass (if we're storing plaintext). */
775
776         memcredp->len = NT_HASH_LEN + LM_HASH_LEN;
777         if (pass) {
778                 memcredp->len += strlen(pass)+1;
779         }
780
781
782 #if defined(LINUX)
783         /* aligning the memory on on x86_64 and compiling
784            with gcc 4.1 using -O2 causes a segv in the
785            next memset()  --jerry */
786         memcredp->nt_hash = SMB_MALLOC_ARRAY(unsigned char, memcredp->len);
787 #else
788         /* On non-linux platforms, mlock()'d memory must be aligned */
789         memcredp->nt_hash = SMB_MEMALIGN_ARRAY(unsigned char,
790                                                getpagesize(), memcredp->len);
791 #endif
792         if (!memcredp->nt_hash) {
793                 return NT_STATUS_NO_MEMORY;
794         }
795         memset(memcredp->nt_hash, 0x0, memcredp->len);
796
797         memcredp->lm_hash = memcredp->nt_hash + NT_HASH_LEN;
798
799 #ifdef DEBUG_PASSWORD
800         DEBUG(10,("mlocking memory: %p\n", memcredp->nt_hash));
801 #endif
802         if ((mlock(memcredp->nt_hash, memcredp->len)) == -1) {
803                 DEBUG(0,("failed to mlock memory: %s (%d)\n",
804                         strerror(errno), errno));
805                 SAFE_FREE(memcredp->nt_hash);
806                 return map_nt_error_from_unix(errno);
807         }
808
809 #ifdef DEBUG_PASSWORD
810         DEBUG(10,("mlocked memory: %p\n", memcredp->nt_hash));
811 #endif
812
813         /* Create and store the password hashes. */
814         E_md4hash(pass, memcredp->nt_hash);
815         E_deshash(pass, memcredp->lm_hash);
816
817         if (pass) {
818                 memcredp->pass = (char *)memcredp->lm_hash + LM_HASH_LEN;
819                 memcpy(memcredp->pass, pass,
820                        memcredp->len - NT_HASH_LEN - LM_HASH_LEN);
821         }
822
823         return NT_STATUS_OK;
824 #endif
825 }
826
827 /***********************************************************
828  Destroy existing creds.
829 ***********************************************************/
830
831 static NTSTATUS delete_memory_creds(struct WINBINDD_MEMORY_CREDS *memcredp)
832 {
833 #if !defined(HAVE_MUNLOCK)
834         return NT_STATUS_OK;
835 #else
836         if (munlock(memcredp->nt_hash, memcredp->len) == -1) {
837                 DEBUG(0,("failed to munlock memory: %s (%d)\n",
838                         strerror(errno), errno));
839                 return map_nt_error_from_unix(errno);
840         }
841         memset(memcredp->nt_hash, '\0', memcredp->len);
842         SAFE_FREE(memcredp->nt_hash);
843         memcredp->nt_hash = NULL;
844         memcredp->lm_hash = NULL;
845         memcredp->pass = NULL;
846         memcredp->len = 0;
847         return NT_STATUS_OK;
848 #endif
849 }
850
851 /***********************************************************
852  Replace the required creds with new ones (password change).
853 ***********************************************************/
854
855 static NTSTATUS winbindd_replace_memory_creds_internal(struct WINBINDD_MEMORY_CREDS *memcredp,
856                                                        const char *pass)
857 {
858         NTSTATUS status = delete_memory_creds(memcredp);
859         if (!NT_STATUS_IS_OK(status)) {
860                 return status;
861         }
862         return store_memory_creds(memcredp, pass);
863 }
864
865 /*************************************************************
866  Store credentials in memory in a list.
867 *************************************************************/
868
869 static NTSTATUS winbindd_add_memory_creds_internal(const char *username,
870                                                    uid_t uid,
871                                                    const char *pass)
872 {
873         /* Shortcut to ensure we don't store if no mlock. */
874 #if !defined(HAVE_MLOCK) || !defined(HAVE_MUNLOCK)
875         return NT_STATUS_OK;
876 #else
877         NTSTATUS status;
878         struct WINBINDD_MEMORY_CREDS *memcredp = NULL;
879
880         memcredp = find_memory_creds_by_name(username);
881         if (uid == (uid_t)-1) {
882                 DEBUG(0,("winbindd_add_memory_creds_internal: "
883                         "invalid uid for user %s.\n", username));
884                 return NT_STATUS_INVALID_PARAMETER;
885         }
886
887         if (memcredp) {
888                 /* Already exists. Increment the reference count and replace stored creds. */
889                 if (uid != memcredp->uid) {
890                         DEBUG(0,("winbindd_add_memory_creds_internal: "
891                                 "uid %u for user %s doesn't "
892                                 "match stored uid %u. Replacing.\n",
893                                 (unsigned int)uid, username,
894                                 (unsigned int)memcredp->uid));
895                         memcredp->uid = uid;
896                 }
897                 memcredp->ref_count++;
898                 DEBUG(10,("winbindd_add_memory_creds_internal: "
899                         "ref count for user %s is now %d\n",
900                         username, memcredp->ref_count));
901                 return winbindd_replace_memory_creds_internal(memcredp, pass);
902         }
903
904         memcredp = TALLOC_ZERO_P(NULL, struct WINBINDD_MEMORY_CREDS);
905         if (!memcredp) {
906                 return NT_STATUS_NO_MEMORY;
907         }
908         memcredp->username = talloc_strdup(memcredp, username);
909         if (!memcredp->username) {
910                 talloc_destroy(memcredp);
911                 return NT_STATUS_NO_MEMORY;
912         }
913
914         status = store_memory_creds(memcredp, pass);
915         if (!NT_STATUS_IS_OK(status)) {
916                 talloc_destroy(memcredp);
917                 return status;
918         }
919
920         memcredp->uid = uid;
921         memcredp->ref_count = 1;
922         DLIST_ADD(memory_creds_list, memcredp);
923
924         DEBUG(10,("winbindd_add_memory_creds_internal: "
925                 "added entry for user %s\n", username));
926
927         return NT_STATUS_OK;
928 #endif
929 }
930
931 /*************************************************************
932  Store users credentials in memory. If we also have a
933  struct WINBINDD_CCACHE_ENTRY for this username with a
934  refresh timer, then store the plaintext of the password
935  and associate the new credentials with the struct WINBINDD_CCACHE_ENTRY.
936 *************************************************************/
937
938 NTSTATUS winbindd_add_memory_creds(const char *username,
939                                    uid_t uid,
940                                    const char *pass)
941 {
942         struct WINBINDD_CCACHE_ENTRY *entry = get_ccache_by_username(username);
943         NTSTATUS status;
944
945         status = winbindd_add_memory_creds_internal(username, uid, pass);
946         if (!NT_STATUS_IS_OK(status)) {
947                 return status;
948         }
949
950         if (entry) {
951                 struct WINBINDD_MEMORY_CREDS *memcredp = NULL;
952                 memcredp = find_memory_creds_by_name(username);
953                 if (memcredp) {
954                         entry->cred_ptr = memcredp;
955                 }
956         }
957
958         return status;
959 }
960
961 /*************************************************************
962  Decrement the in-memory ref count - delete if zero.
963 *************************************************************/
964
965 NTSTATUS winbindd_delete_memory_creds(const char *username)
966 {
967         struct WINBINDD_MEMORY_CREDS *memcredp = NULL;
968         struct WINBINDD_CCACHE_ENTRY *entry = NULL;
969         NTSTATUS status = NT_STATUS_OK;
970
971         memcredp = find_memory_creds_by_name(username);
972         entry = get_ccache_by_username(username);
973
974         if (!memcredp) {
975                 DEBUG(10,("winbindd_delete_memory_creds: unknown user %s\n",
976                         username));
977                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
978         }
979
980         if (memcredp->ref_count <= 0) {
981                 DEBUG(0,("winbindd_delete_memory_creds: logic error. "
982                         "ref count for user %s = %d\n",
983                         username, memcredp->ref_count));
984                 status = NT_STATUS_INTERNAL_DB_CORRUPTION;
985         }
986
987         memcredp->ref_count--;
988         if (memcredp->ref_count <= 0) {
989                 delete_memory_creds(memcredp);
990                 DLIST_REMOVE(memory_creds_list, memcredp);
991                 talloc_destroy(memcredp);
992                 DEBUG(10,("winbindd_delete_memory_creds: "
993                         "deleted entry for user %s\n",
994                         username));
995         } else {
996                 DEBUG(10,("winbindd_delete_memory_creds: "
997                         "entry for user %s ref_count now %d\n",
998                         username, memcredp->ref_count));
999         }
1000
1001         if (entry) {
1002                 /* Ensure we have no dangling references to this. */
1003                 entry->cred_ptr = NULL;
1004         }
1005
1006         return status;
1007 }
1008
1009 /***********************************************************
1010  Replace the required creds with new ones (password change).
1011 ***********************************************************/
1012
1013 NTSTATUS winbindd_replace_memory_creds(const char *username,
1014                                        const char *pass)
1015 {
1016         struct WINBINDD_MEMORY_CREDS *memcredp = NULL;
1017
1018         memcredp = find_memory_creds_by_name(username);
1019         if (!memcredp) {
1020                 DEBUG(10,("winbindd_replace_memory_creds: unknown user %s\n",
1021                         username));
1022                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1023         }
1024
1025         DEBUG(10,("winbindd_replace_memory_creds: replaced creds for user %s\n",
1026                 username));
1027
1028         return winbindd_replace_memory_creds_internal(memcredp, pass);
1029 }