diff options
author | Bo Yang <boyang@novell.com> | 2009-01-05 20:05:53 -0800 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2009-01-08 16:26:16 +0100 |
commit | 5a7e9667ff78764dee0a80cc36768480f6af2c5e (patch) | |
tree | a4cc5b69e71e3af4adfd9557931cbccf981f5272 /source/winbindd/winbindd_dual.c | |
parent | 7db39201adef6b1579b2f62e3ee95b0311cbf643 (diff) | |
download | samba-5a7e9667ff78764dee0a80cc36768480f6af2c5e.tar.gz samba-5a7e9667ff78764dee0a80cc36768480f6af2c5e.tar.xz samba-5a7e9667ff78764dee0a80cc36768480f6af2c5e.zip |
Fix broken krb5 refresh chain
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit d6eb7f1af2f4097085a4a14e9e88327f039bdf29)
Diffstat (limited to 'source/winbindd/winbindd_dual.c')
-rw-r--r-- | source/winbindd/winbindd_dual.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/source/winbindd/winbindd_dual.c b/source/winbindd/winbindd_dual.c index 6a8601d4ff0..2ce310ceaae 100644 --- a/source/winbindd/winbindd_dual.c +++ b/source/winbindd/winbindd_dual.c @@ -985,6 +985,7 @@ static void child_msg_offline(struct messaging_context *msg, DATA_BLOB *data) { struct winbindd_domain *domain; + struct winbindd_domain *primary_domain = NULL; const char *domainname = (const char *)data->data; if (data->data == NULL || data->length == 0) { @@ -998,6 +999,8 @@ static void child_msg_offline(struct messaging_context *msg, return; } + primary_domain = find_our_domain(); + /* Mark the requested domain offline. */ for (domain = domain_list(); domain; domain = domain->next) { @@ -1007,6 +1010,11 @@ static void child_msg_offline(struct messaging_context *msg, if (strequal(domain->name, domainname)) { DEBUG(5,("child_msg_offline: marking %s offline.\n", domain->name)); set_domain_offline(domain); + /* we are in the trusted domain, set the primary domain + * offline too */ + if (domain != primary_domain) { + set_domain_offline(primary_domain); + } } } } @@ -1020,6 +1028,7 @@ static void child_msg_online(struct messaging_context *msg, DATA_BLOB *data) { struct winbindd_domain *domain; + struct winbindd_domain *primary_domain = NULL; const char *domainname = (const char *)data->data; if (data->data == NULL || data->length == 0) { @@ -1033,6 +1042,8 @@ static void child_msg_online(struct messaging_context *msg, return; } + primary_domain = find_our_domain(); + /* Set our global state as online. */ set_global_winbindd_state_online(); @@ -1047,6 +1058,16 @@ static void child_msg_online(struct messaging_context *msg, DEBUG(5,("child_msg_online: requesting %s to go online.\n", domain->name)); winbindd_flush_negative_conn_cache(domain); set_domain_online_request(domain); + + /* we can be in trusted domain, which will contact primary domain + * we have to bring primary domain online in trusted domain process + * see, winbindd_dual_pam_auth() --> winbindd_dual_pam_auth_samlogon() + * --> contact_domain = find_our_domain() + * */ + if (domain != primary_domain) { + winbindd_flush_negative_conn_cache(primary_domain); + set_domain_online_request(primary_domain); + } } } } |