summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2008-03-10 21:08:29 +0100
committerVolker Lendecke <vl@samba.org>2008-03-10 21:08:45 +0100
commit1ebfc66b2c145289d1e1314e8415d9e3c6f405ae (patch)
tree30b3ca059640ecc963a8744c2a69ef4151dbac7b /source3/auth
parentd634ab06b34990b6eecee751435f2436ff76ec44 (diff)
downloadsamba-1ebfc66b2c145289d1e1314e8415d9e3c6f405ae.tar.gz
samba-1ebfc66b2c145289d1e1314e8415d9e3c6f405ae.tar.bz2
samba-1ebfc66b2c145289d1e1314e8415d9e3c6f405ae.zip
Use a separate tdb for mutexes
Another preparation to convert secrets.c to dbwrap: The dbwrap API does not provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC mutex is needed per-node anyway, so it is perfectly fine to use a local mutex only. (This used to be commit f94a63cd8f94490780ad9331da229c0bcb2ca5d6)
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_domain.c16
-rw-r--r--source3/auth/auth_server.c16
2 files changed, 18 insertions, 14 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index df51966f4c..26474089fb 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -24,6 +24,7 @@
#define DBGC_CLASS DBGC_AUTH
extern bool global_machine_password_needs_changing;
+static struct named_mutex *mutex;
/**
* Connect to a remote server for (inter)domain security authenticaion.
@@ -67,7 +68,8 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
* ACCESS_DENIED errors if 2 auths are done from the same machine. JRA.
*/
- if (!grab_server_mutex(dc_name)) {
+ mutex = grab_named_mutex(NULL, dc_name, 10);
+ if (mutex == NULL) {
return NT_STATUS_NO_LOGON_SERVERS;
}
@@ -87,7 +89,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
*cli = NULL;
}
- release_server_mutex();
+ TALLOC_FREE(mutex);
return result;
}
@@ -118,7 +120,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
machine %s. Error was : %s.\n", dc_name, nt_errstr(result)));
cli_shutdown(*cli);
*cli = NULL;
- release_server_mutex();
+ TALLOC_FREE(mutex);
return result;
}
@@ -137,7 +139,7 @@ machine %s. Error was : %s.\n", dc_name, nt_errstr(result)));
domain));
cli_shutdown(*cli);
*cli = NULL;
- release_server_mutex();
+ TALLOC_FREE(mutex);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
@@ -153,7 +155,7 @@ machine %s. Error was : %s.\n", dc_name, nt_errstr(result)));
if (!NT_STATUS_IS_OK(result)) {
cli_shutdown(*cli);
*cli = NULL;
- release_server_mutex();
+ TALLOC_FREE(mutex);
return result;
}
}
@@ -163,7 +165,7 @@ machine %s. Error was : %s.\n", dc_name, nt_errstr(result)));
machine %s. Error was : %s.\n", dc_name, cli_errstr(*cli)));
cli_shutdown(*cli);
*cli = NULL;
- release_server_mutex();
+ TALLOC_FREE(mutex);
return NT_STATUS_NO_LOGON_SERVERS;
}
@@ -247,7 +249,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
/* Let go as soon as possible so we avoid any potential deadlocks
with winbind lookup up users or groups. */
- release_server_mutex();
+ TALLOC_FREE(mutex);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("domain_client_validate: unable to validate password "
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
index 095f0b9fb8..b07884c49b 100644
--- a/source3/auth/auth_server.c
+++ b/source3/auth/auth_server.c
@@ -37,6 +37,7 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
const char *p;
char *pserver = NULL;
bool connected_ok = False;
+ struct named_mutex *mutex;
if (!(cli = cli_initialise()))
return NULL;
@@ -74,7 +75,8 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
session setup yet it will send a TCP reset to the first
connection (tridge) */
- if (!grab_server_mutex(desthost)) {
+ mutex = grab_named_mutex(talloc_tos(), desthost, 10);
+ if (mutex == NULL) {
cli_shutdown(cli);
return NULL;
}
@@ -87,7 +89,7 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
}
DEBUG(10,("server_cryptkey: failed to connect to server %s. Error %s\n",
desthost, nt_errstr(status) ));
- release_server_mutex();
+ TALLOC_FREE(mutex);
}
if (!connected_ok) {
@@ -98,7 +100,7 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
if (!attempt_netbios_session_request(&cli, global_myname(),
desthost, &dest_ss)) {
- release_server_mutex();
+ TALLOC_FREE(mutex);
DEBUG(1,("password server fails session request\n"));
cli_shutdown(cli);
return NULL;
@@ -111,16 +113,16 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
DEBUG(3,("got session\n"));
if (!cli_negprot(cli)) {
+ TALLOC_FREE(mutex);
DEBUG(1,("%s rejected the negprot\n",desthost));
- release_server_mutex();
cli_shutdown(cli);
return NULL;
}
if (cli->protocol < PROTOCOL_LANMAN2 ||
!(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
+ TALLOC_FREE(mutex);
DEBUG(1,("%s isn't in user level security mode\n",desthost));
- release_server_mutex();
cli_shutdown(cli);
return NULL;
}
@@ -132,14 +134,14 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 0, "", 0,
""))) {
+ TALLOC_FREE(mutex);
DEBUG(0,("%s rejected the initial session setup (%s)\n",
desthost, cli_errstr(cli)));
- release_server_mutex();
cli_shutdown(cli);
return NULL;
}
- release_server_mutex();
+ TALLOC_FREE(mutex);
DEBUG(3,("password server OK\n"));