s3:winbind: Do not use domain's private data to store the ADS_STRUCT

The ADS_STRUCT is not allocated using talloc and there are many places
casting this pointer directly so use a typed pointer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15046

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h
index 762844502e556eab01099604eeb34bb475b8bf40..3cc88367b9066d0503858b0d2c093c4f4e9193d3 100644 (file)
--- a/source3/winbindd/winbindd.h
+++ b/source3/winbindd/winbindd.h
@@ -44,6 +44,7 @@
 #define WB_REPLACE_CHAR                '_'
 
 struct winbind_internal_pipes;
+struct ads_struct;
 
 struct winbindd_cli_state {
        struct winbindd_cli_state *prev, *next;   /* Linked list pointers */
@@ -161,6 +162,7 @@ struct winbindd_domain {
 
        struct {
                struct winbind_internal_pipes *samr_pipes;
+               struct ads_struct *ads_conn;
        } backend_data;
 
        /* A working DC */

diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 6f01ef6e334290feefd0fb9f7be35b5bf02c26f1..d350f1602231af9491c9887eafa9fbfae8b3a98f 100644 (file)
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -269,10 +269,10 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
        }
 
        DEBUG(10,("ads_cached_connection\n"));
-       ads_cached_connection_reuse((ADS_STRUCT **)&domain->private_data);
+       ads_cached_connection_reuse(&domain->backend_data.ads_conn);
 
-       if (domain->private_data) {
-               return (ADS_STRUCT *)domain->private_data;
+       if (domain->backend_data.ads_conn != NULL) {
+               return domain->backend_data.ads_conn;
        }
 
        /* the machine acct password might have change - fetch it every time */
@@ -303,7 +303,7 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
        }
 
        status = ads_cached_connection_connect(
-                                       (ADS_STRUCT **)&domain->private_data,
+                                       &domain->backend_data.ads_conn,
                                        domain->alt_name,
                                        domain->name, NULL,
                                        password, realm,
@@ -322,7 +322,7 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
                return NULL;
        }
 
-       return (ADS_STRUCT *)domain->private_data;
+       return domain->backend_data.ads_conn;
 }
 
 /* Query display info for a realm. This is the basic user list fn */

diff --git a/source3/winbindd/winbindd_ndr.c b/source3/winbindd/winbindd_ndr.c
index 36901776b98b11568b5b16d461bada50bc9bd98d..94ce9d7374774fba6599f5e9a0595726cf2c2e69 100644 (file)
--- a/source3/winbindd/winbindd_ndr.c
+++ b/source3/winbindd/winbindd_ndr.c
@@ -147,6 +147,9 @@ void ndr_print_winbindd_domain(struct ndr_print *ndr,
        ndr_print_ptr(ndr,
                      "backend_data.samr_pipes",
                      r->backend_data.samr_pipes);
+       ndr_print_ptr(ndr,
+                     "backend_data.ads_conn",
+                     r->backend_data.ads_conn);
        ndr_print_string(ndr, "dcname", r->dcname);
        ndr_print_sockaddr_storage(ndr, "dcaddr", &r->dcaddr);
        ndr_print_time_t(ndr, "last_seq_check", r->last_seq_check);

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 418166af657654b6444c9b44b73857ad973e0d2f..78bc6c932f30c94d9b7e237ca053769eec6bacba 100644 (file)
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -748,7 +748,6 @@ static NTSTATUS winbindd_raw_kerberos_login(TALLOC_CTX *mem_ctx,
        fstring name_namespace, name_domain, name_user;
        time_t ticket_lifetime = 0;
        time_t renewal_until = 0;
-       ADS_STRUCT *ads;
        time_t time_offset = 0;
        const char *user_ccache_file;
        struct PAC_LOGON_INFO *logon_info = NULL;
@@ -791,9 +790,8 @@ static NTSTATUS winbindd_raw_kerberos_login(TALLOC_CTX *mem_ctx,
        /* 2nd step:
         * get kerberos properties */
 
-       if (domain->private_data) {
-               ads = (ADS_STRUCT *)domain->private_data;
-               time_offset = ads->auth.time_offset;
+       if (domain->backend_data.ads_conn != NULL) {
+               time_offset = domain->backend_data.ads_conn->auth.time_offset;
        }