From 0c4e467c1cc661552bfd6745825e2106ec8279d7 Mon Sep 17 00:00:00 2001
From: Christof Schmitt <christof.schmitt@us.ibm.com>
Date: Thu, 21 Feb 2013 12:31:28 -0700
Subject: [PATCH] s3-winbindd: Move code for verifying ADS connection to common
 helper function

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 source3/winbindd/idmap_ad.c       | 26 ++-----------------
 source3/winbindd/winbindd_ads.c   | 54 ++++++++++++++++++++++++---------------
 source3/winbindd/winbindd_proto.h |  6 +++++
 3 files changed, 41 insertions(+), 45 deletions(-)

diff --git a/source3/winbindd/idmap_ad.c b/source3/winbindd/idmap_ad.c
index d6f31ba6e96..0e00a340bf2 100644
--- a/source3/winbindd/idmap_ad.c
+++ b/source3/winbindd/idmap_ad.c
@@ -39,8 +39,6 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_IDMAP
 
-#define WINBIND_CCACHE_NAME "MEMORY:winbind_ccache"
-
 #define CHECK_ALLOC_DONE(mem) do { \
      if (!mem) { \
            DEBUG(0, ("Out of memory!\n")); \
@@ -74,29 +72,9 @@ static ADS_STATUS ad_idmap_cached_connection_internal(struct idmap_domain *dom)
 
 	ctx = talloc_get_type(dom->private_data, struct idmap_ad_context);
 
+	ads_cached_connection_reuse(&ctx->ads);
 	if (ctx->ads != NULL) {
-
-		time_t expire;
-		time_t now = time(NULL);
-
-		ads = ctx->ads;
-
-		expire = MIN(ads->auth.tgt_expire, ads->auth.tgs_expire);
-
-		/* check for a valid structure */
-		DEBUG(7, ("Current tickets expire in %d seconds (at %d, time is now %d)\n",
-			  (uint32)expire-(uint32)now, (uint32) expire, (uint32) now));
-
-		if ( ads->config.realm && (expire > time(NULL))) {
-			return ADS_SUCCESS;
-		} else {
-			/* we own this ADS_STRUCT so make sure it goes away */
-			DEBUG(7,("Deleting expired krb5 credential cache\n"));
-			ads->is_mine = True;
-			ads_destroy( &ads );
-			ads_kdestroy(WINBIND_CCACHE_NAME);
-			ctx->ads = NULL;
-		}
+		return ADS_SUCCESS;
 	}
 
 	/* we don't want this to affect the users ccache */
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 8abcfd6d0f5..03cbcf23a33 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -40,43 +40,55 @@
 
 extern struct winbindd_methods reconnect_methods;
 
-/*
-  return our ads connections structure for a domain. We keep the connection
-  open to make things faster
-*/
-static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
+/**
+ * Check if cached connection can be reused. If the connection cannot
+ * be reused the ADS_STRUCT is freed and the pointer is set to NULL.
+ */
+void ads_cached_connection_reuse(ADS_STRUCT **adsp)
 {
-	ADS_STRUCT *ads;
-	ADS_STATUS status;
-	fstring dc_name;
-	struct sockaddr_storage dc_ss;
-
-	DEBUG(10,("ads_cached_connection\n"));
 
-	if (domain->private_data) {
+	ADS_STRUCT *ads = *adsp;
 
+	if (ads != NULL) {
 		time_t expire;
 		time_t now = time(NULL);
 
-		/* check for a valid structure */
-		ads = (ADS_STRUCT *)domain->private_data;
-
 		expire = MIN(ads->auth.tgt_expire, ads->auth.tgs_expire);
 
-		DEBUG(7, ("Current tickets expire in %d seconds (at %d, time is now %d)\n",
-			  (uint32)expire-(uint32)now, (uint32) expire, (uint32) now));
+		DEBUG(7, ("Current tickets expire in %d seconds (at %d, time "
+			  "is now %d)\n", (uint32)expire - (uint32)now,
+			  (uint32) expire, (uint32) now));
 
 		if ( ads->config.realm && (expire > now)) {
-			return ads;
+			return;
 		} else {
 			/* we own this ADS_STRUCT so make sure it goes away */
 			DEBUG(7,("Deleting expired krb5 credential cache\n"));
 			ads->is_mine = True;
 			ads_destroy( &ads );
-			ads_kdestroy("MEMORY:winbind_ccache");
-			domain->private_data = NULL;
+			ads_kdestroy(WINBIND_CCACHE_NAME);
+			*adsp = NULL;
 		}
 	}
+}
+
+/*
+  return our ads connections structure for a domain. We keep the connection
+  open to make things faster
+*/
+static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
+{
+	ADS_STRUCT *ads;
+	ADS_STATUS status;
+	fstring dc_name;
+	struct sockaddr_storage dc_ss;
+
+	DEBUG(10,("ads_cached_connection\n"));
+	ads_cached_connection_reuse((ADS_STRUCT **)&domain->private_data);
+
+	if (domain->private_data) {
+		return (ADS_STRUCT *)domain->private_data;
+	}
 
 	ads = ads_init(domain->alt_name, domain->name, NULL);
 	if (!ads) {
@@ -1282,7 +1294,7 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq)
 			ads = (ADS_STRUCT *)domain->private_data;
 			ads->is_mine = True;
 			ads_destroy(&ads);
-			ads_kdestroy("MEMORY:winbind_ccache");
+			ads_kdestroy(WINBIND_CCACHE_NAME);
 			domain->private_data = NULL;
 		}
 	}
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 00b7c321949..0d757910206 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -23,6 +23,8 @@
 #ifndef _WINBINDD_PROTO_H_
 #define _WINBINDD_PROTO_H_
 
+#include "ads.h"
+
 /* The following definitions come from winbindd/winbindd.c  */
 struct messaging_context *winbind_messaging_context(void);
 void request_error(struct winbindd_cli_state *state);
@@ -890,4 +892,8 @@ NTSTATUS open_internal_samr_conn(TALLOC_CTX *mem_ctx,
 				 struct rpc_pipe_client **samr_pipe,
 				 struct policy_handle *samr_domain_hnd);
 
+/* The following definitions come from winbindd/winbindd_ads.c  */
+#define WINBIND_CCACHE_NAME "MEMORY:winbind_ccache"
+void ads_cached_connection_reuse(ADS_STRUCT **ads);
+
 #endif /*  _WINBINDD_PROTO_H_  */
-- 
2.11.4.GIT