Fix the wcache_invalidate_samlogon calls.

author Jeremy Allison <jra@samba.org>

Thu, 28 Aug 2008 00:26:59 +0000 (17:26 -0700)

committer Karolin Seeger <kseeger@samba.org>

Thu, 28 Aug 2008 14:08:26 +0000 (16:08 +0200)
author Jeremy Allison <jra@samba.org>
Thu, 28 Aug 2008 00:26:59 +0000 (17:26 -0700)
committer Karolin Seeger <kseeger@samba.org>
Thu, 28 Aug 2008 14:08:26 +0000 (16:08 +0200)
diff --git a/source/winbindd/winbindd_cache.c b/source/winbindd/winbindd_cache.c

index 3b2b9aa9f8a74a26fb291ad0536009341f7a7a09..d3e47d08748582b4eb4b3a9ab025dce03669fb92 100644 (file)
--- a/source/winbindd/winbindd_cache.c
+++ b/source/winbindd/winbindd_cache.c
@@ -2265,6 +2265,8 @@ static int traverse_fn(TDB_CONTEXT *the_tdb, TDB_DATA kbuf, TDB_DATA dbuf,
  void wcache_invalidate_samlogon(struct winbindd_domain *domain, 
                                 struct netr_SamInfo3 *info3)
  {
+        DOM_SID sid;
+        fstring key_str, sid_string;
         struct winbind_cache *cache;
  
         /* dont clear cached U/SID and UG/SID entries when we want to logon
@@ -2278,7 +2280,26 @@ void wcache_invalidate_samlogon(struct winbindd_domain *domain,
                 return;
  
         cache = get_cache(domain);
-       netsamlogon_clear_cached_user(cache->tdb, info3);
+
+        if (!cache->tdb) {
+                return;
+        }
+
+       sid_copy(&sid, info3->base.domain_sid);
+       sid_append_rid(&sid, info3->base.rid);
+
+       /* Clear U/SID cache entry */
+       fstr_sprintf(key_str, "U/%s", sid_to_fstring(sid_string, &sid));
+       DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str));
+       tdb_delete(cache->tdb, string_tdb_data(key_str));
+
+       /* Clear UG/SID cache entry */
+       fstr_sprintf(key_str, "UG/%s", sid_to_fstring(sid_string, &sid));
+       DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str));
+       tdb_delete(cache->tdb, string_tdb_data(key_str));
+
+       /* Samba/winbindd never needs this. */
+       netsamlogon_clear_cached_user(info3);
  }
  
  bool wcache_invalidate_cache(void)
diff --git a/source/winbindd/winbindd_pam.c b/source/winbindd/winbindd_pam.c

index ce6a256484c82fef78aec2d2b7cfd93de03c1dcb..90849b59c3ea632f5cb2846329b996c67e054ac7 100644 (file)
--- a/source/winbindd/winbindd_pam.c
+++ b/source/winbindd/winbindd_pam.c
@@ -1599,8 +1599,8 @@ process_result:
                         goto done;
                 }
  
-               netsamlogon_cache_store(name_user, info3);
                 wcache_invalidate_samlogon(find_domain_from_name(name_domain), info3);
+               netsamlogon_cache_store(name_user, info3);
  
                 /* save name_to_sid info as early as possible (only if
                    this is our primary domain so we don't invalidate
@@ -1941,8 +1941,8 @@ enum winbindd_result winbindd_dual_pam_auth_crap(struct winbindd_domain *domain,
  
         if (NT_STATUS_IS_OK(result)) {
  
-               netsamlogon_cache_store(name_user, info3);
                 wcache_invalidate_samlogon(find_domain_from_name(name_domain), info3);
+               netsamlogon_cache_store(name_user, info3);
  
                 /* Check if the user is in the right group */
author	Jeremy Allison <jra@samba.org>
	Thu, 28 Aug 2008 00:26:59 +0000 (17:26 -0700)
committer	Karolin Seeger <kseeger@samba.org>
	Thu, 28 Aug 2008 14:08:26 +0000 (16:08 +0200)
source/winbindd/winbindd_cache.c		patch \| blob \| history
source/winbindd/winbindd_pam.c		patch \| blob \| history