summaryrefslogtreecommitdiff
path: root/libcli/auth
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2013-03-27 08:43:18 +0100
committerVolker Lendecke <vl@samba.org>2013-03-28 14:52:14 +0100
commitadbe6cba005a2060b0f641e91b500574f4637a36 (patch)
treef3846688cf61aeac6724cfcf8778abc0179ea8c7 /libcli/auth
parent40d783c397ea21d03d1ea7130a438dd8c0d817f1 (diff)
downloadsamba-adbe6cba005a2060b0f641e91b500574f4637a36.tar.gz
samba-adbe6cba005a2060b0f641e91b500574f4637a36.tar.bz2
samba-adbe6cba005a2060b0f641e91b500574f4637a36.zip
libcli/auth: avoid using transactions a chainlock is enough
We're just writting a single record into a CLEAR_IF_FIRST|TDB_NOSYNC tdb. We just need to make sure we lock the record between reading and writting. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Mar 28 14:52:14 CET 2013 on sn-devel-104
Diffstat (limited to 'libcli/auth')
-rw-r--r--libcli/auth/schannel_state_tdb.c36
1 files changed, 26 insertions, 10 deletions
diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c
index bc91104f71..eecd00edb2 100644
--- a/libcli/auth/schannel_state_tdb.c
+++ b/libcli/auth/schannel_state_tdb.c
@@ -285,19 +285,41 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
struct netlogon_creds_CredentialState *creds;
NTSTATUS status;
int ret;
+ char *name_upper = NULL;
+ char *keystr = NULL;
+ TDB_DATA key;
+
+ if (creds_out != NULL) {
+ *creds_out = NULL;
+ }
tmpctx = talloc_named(mem_ctx, 0, "schannel_check_creds_state");
if (!tmpctx) {
return NT_STATUS_NO_MEMORY;
}
+ name_upper = strupper_talloc(tmpctx, computer_name);
+ if (!name_upper) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ keystr = talloc_asprintf(tmpctx, "%s/%s",
+ SECRETS_SCHANNEL_STATE, name_upper);
+ if (!keystr) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ key = string_term_tdb_data(keystr);
+
tdb_sc = open_schannel_session_store(tmpctx, lp_ctx);
if (!tdb_sc) {
status = NT_STATUS_ACCESS_DENIED;
goto done;
}
- ret = tdb_transaction_start(tdb_sc->tdb);
+ ret = tdb_chainlock(tdb_sc->tdb, key);
if (ret != 0) {
status = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto done;
@@ -310,7 +332,7 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
status = schannel_fetch_session_key_tdb(tdb_sc, tmpctx,
computer_name, &creds);
if (!NT_STATUS_IS_OK(status)) {
- tdb_transaction_cancel(tdb_sc->tdb);
+ tdb_chainunlock(tdb_sc->tdb, key);
goto done;
}
@@ -318,19 +340,13 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
received_authenticator,
return_authenticator);
if (!NT_STATUS_IS_OK(status)) {
- tdb_transaction_cancel(tdb_sc->tdb);
+ tdb_chainunlock(tdb_sc->tdb, key);
goto done;
}
status = schannel_store_session_key_tdb(tdb_sc, tmpctx, creds);
+ tdb_chainunlock(tdb_sc->tdb, key);
if (!NT_STATUS_IS_OK(status)) {
- tdb_transaction_cancel(tdb_sc->tdb);
- goto done;
- }
-
- ret = tdb_transaction_commit(tdb_sc->tdb);
- if (ret != 0) {
- status = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto done;
}