From ad1fbe29fbeea48381c7bedd78f7a45d07ad14d5 Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Thu, 21 Feb 2013 12:31:41 -0700 Subject: [PATCH] s3-winbindd: Move connection to AD server from idmap_ad Having this in a common place allows reuse by other idmap modules. Reviewed-by: Andrew Bartlett --- source3/winbindd/idmap_ad.c | 49 +++------------------------------- source3/winbindd/winbindd_ads.c | 55 +++++++++++++++++++++++++++++++++------ source3/winbindd/winbindd_proto.h | 10 +------ 3 files changed, 52 insertions(+), 62 deletions(-) diff --git a/source3/winbindd/idmap_ad.c b/source3/winbindd/idmap_ad.c index 5b9c3774f66..5bafa90299d 100644 --- a/source3/winbindd/idmap_ad.c +++ b/source3/winbindd/idmap_ad.c @@ -56,58 +56,17 @@ struct idmap_ad_context { /************************************************************************ ***********************************************************************/ -static ADS_STATUS ad_idmap_cached_connection_internal(struct idmap_domain *dom) +static ADS_STATUS ad_idmap_cached_connection(struct idmap_domain *dom) { - struct idmap_ad_context *ctx; - char *ldap_server, *realm, *password; - struct winbindd_domain *wb_dom; + ADS_STATUS status; + struct idmap_ad_context * ctx; DEBUG(10, ("ad_idmap_cached_connection: called for domain '%s'\n", dom->name)); ctx = talloc_get_type(dom->private_data, struct idmap_ad_context); - ads_cached_connection_reuse(&ctx->ads); - if (ctx->ads != NULL) { - return ADS_SUCCESS; - } - - /* - * At this point we only have the NetBIOS domain name. - * Check if we can get server nam and realm from SAF cache - * and the domain list. - */ - ldap_server = saf_fetch(dom->name); - DEBUG(10, ("ldap_server from saf cache: '%s'\n", ldap_server?ldap_server:"")); - - wb_dom = find_domain_from_name_noinit(dom->name); - if (wb_dom == NULL) { - DEBUG(10, ("find_domain_from_name_noinit did not find domain '%s'\n", - dom->name)); - realm = NULL; - } else { - DEBUG(10, ("find_domain_from_name_noinit found realm '%s' for " - " domain '%s'\n", wb_dom->alt_name, dom->name)); - realm = wb_dom->alt_name; - } - - /* the machine acct password might have change - fetch it every time */ - password = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL); - realm = SMB_STRDUP(lp_realm()); - - return ads_cached_connection_connect(&ctx->ads, realm, dom->name, - ldap_server, password, realm, 0); -} - -/************************************************************************ - ***********************************************************************/ - -static ADS_STATUS ad_idmap_cached_connection(struct idmap_domain *dom) -{ - ADS_STATUS status; - struct idmap_ad_context * ctx; - - status = ad_idmap_cached_connection_internal(dom); + status = ads_idmap_cached_connection(&ctx->ads, dom->name); if (!ADS_ERR_OK(status)) { return status; } diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index e806aa87f0c..1e45ad9e851 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -40,11 +40,13 @@ extern struct winbindd_methods reconnect_methods; +#define WINBIND_CCACHE_NAME "MEMORY:winbind_ccache" + /** * Check if cached connection can be reused. If the connection cannot * be reused the ADS_STRUCT is freed and the pointer is set to NULL. */ -void ads_cached_connection_reuse(ADS_STRUCT **adsp) +static void ads_cached_connection_reuse(ADS_STRUCT **adsp) { ADS_STRUCT *ads = *adsp; @@ -72,13 +74,13 @@ void ads_cached_connection_reuse(ADS_STRUCT **adsp) } } -ADS_STATUS ads_cached_connection_connect(ADS_STRUCT **adsp, - const char *dom_name_alt, - const char *dom_name, - const char *ldap_server, - char *password, - char *realm, - time_t renewable) +static ADS_STATUS ads_cached_connection_connect(ADS_STRUCT **adsp, + const char *dom_name_alt, + const char *dom_name, + const char *ldap_server, + char *password, + char *realm, + time_t renewable) { ADS_STRUCT *ads; ADS_STATUS status; @@ -131,6 +133,43 @@ ADS_STATUS ads_cached_connection_connect(ADS_STRUCT **adsp, return status; } +ADS_STATUS ads_idmap_cached_connection(ADS_STRUCT **adsp, const char *dom_name) +{ + char *ldap_server, *realm, *password; + struct winbindd_domain *wb_dom; + + ads_cached_connection_reuse(adsp); + if (*adsp != NULL) { + return ADS_SUCCESS; + } + + /* + * At this point we only have the NetBIOS domain name. + * Check if we can get server nam and realm from SAF cache + * and the domain list. + */ + ldap_server = saf_fetch(dom_name); + DEBUG(10, ("ldap_server from saf cache: '%s'\n", + ldap_server ? ldap_server : "")); + + wb_dom = find_domain_from_name_noinit(dom_name); + if (wb_dom == NULL) { + DEBUG(10, ("could not find domain '%s'\n", dom_name)); + realm = NULL; + } else { + DEBUG(10, ("find_domain_from_name_noinit found realm '%s' for " + " domain '%s'\n", wb_dom->alt_name, dom_name)); + realm = wb_dom->alt_name; + } + + /* the machine acct password might have change - fetch it every time */ + password = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL); + realm = SMB_STRDUP(lp_realm()); + + return ads_cached_connection_connect(adsp, realm, dom_name, ldap_server, + password, realm, 0); +} + /* return our ads connections structure for a domain. We keep the connection open to make things faster diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 8bd7a392f2e..b07f30331eb 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -893,14 +893,6 @@ NTSTATUS open_internal_samr_conn(TALLOC_CTX *mem_ctx, struct policy_handle *samr_domain_hnd); /* The following definitions come from winbindd/winbindd_ads.c */ -#define WINBIND_CCACHE_NAME "MEMORY:winbind_ccache" -void ads_cached_connection_reuse(ADS_STRUCT **ads); -ADS_STATUS ads_cached_connection_connect(ADS_STRUCT **adsp, - const char *dom_name_alt, - const char *dom_name, - const char *ldap_server, - char *password, - char *realm, - time_t renewable); +ADS_STATUS ads_idmap_cached_connection(ADS_STRUCT **adsp, const char *dom_name); #endif /* _WINBINDD_PROTO_H_ */ -- 2.11.4.GIT