diff options
| author | Volker Lendecke <vl@samba.org> | 2008-03-27 17:10:31 +0100 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2008-04-01 14:04:21 +0200 |
| commit | 04ab83917043168911da4fd10fae8188e77a2d38 (patch) | |
| tree | 20ad0fd025853f9025bbe61d53ca2b4687f18cd0 /source3/groupdb | |
| parent | 8957f6b0cf76e595d08eeb4accbf67575ea35b5b (diff) | |
| download | samba-04ab83917043168911da4fd10fae8188e77a2d38.tar.gz samba-04ab83917043168911da4fd10fae8188e77a2d38.tar.bz2 samba-04ab83917043168911da4fd10fae8188e77a2d38.zip | |
Protect group_mapping.tdb ops with transactions
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(This used to be commit d702ed73c1b986ded9deaa3abed92c39d71949fc)
Diffstat (limited to 'source3/groupdb')
| -rw-r--r-- | source3/groupdb/mapping_tdb.c | 82 |
1 files changed, 66 insertions, 16 deletions
diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c index d4ee523405..aab337da6a 100644 --- a/source3/groupdb/mapping_tdb.c +++ b/source3/groupdb/mapping_tdb.c @@ -123,7 +123,7 @@ static bool add_mapping_entry(GROUP_MAP *map, int flag) { char *key, *buf; int len; - NTSTATUS status; + int res; key = group_mapping_key(talloc_tos(), &map->sid); if (key == NULL) { @@ -141,12 +141,13 @@ static bool add_mapping_entry(GROUP_MAP *map, int flag) len = tdb_pack((uint8 *)buf, len, "ddff", map->gid, map->sid_name_use, map->nt_name, map->comment); - status = dbwrap_store_bystring( - db, key, make_tdb_data((uint8_t *)buf, len), flag); + res = dbwrap_trans_store( + db, string_term_tdb_data(key), + make_tdb_data((uint8_t *)buf, len), flag); TALLOC_FREE(key); - return NT_STATUS_IS_OK(status); + return (res == 0); } @@ -281,17 +282,17 @@ static bool get_group_map_from_ntname(const char *name, GROUP_MAP *map) static bool group_map_remove(const DOM_SID *sid) { char *key; - bool result; + int res; key = group_mapping_key(talloc_tos(), sid); if (key == NULL) { return false; } - result = NT_STATUS_IS_OK(dbwrap_delete_bystring(db, key)); + res = dbwrap_trans_delete(db, string_term_tdb_data(key)); TALLOC_FREE(key); - return result; + return (res == 0); } /**************************************************************************** @@ -479,12 +480,18 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member) return NT_STATUS_NO_MEMORY; } + if (db->transaction_start(db) != 0) { + DEBUG(0, ("transaction_start failed\n")); + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + rec = db->fetch_locked(db, key, string_term_tdb_data(key)); if (rec == NULL) { DEBUG(10, ("fetch_lock failed\n")); TALLOC_FREE(key); - return NT_STATUS_INTERNAL_DB_CORRUPTION; + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto cancel; } sid_to_fstring(string_sid, alias); @@ -498,7 +505,8 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member) if (new_memberstring == NULL) { TALLOC_FREE(key); - return NT_STATUS_NO_MEMORY; + status = NT_STATUS_NO_MEMORY; + goto cancel; } status = rec->store(rec, string_term_tdb_data(new_memberstring), 0); @@ -507,6 +515,20 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member) if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("Could not store record: %s\n", nt_errstr(status))); + goto cancel; + } + + if (db->transaction_commit(db) != 0) { + DEBUG(0, ("transaction_commit failed\n")); + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto cancel; + } + + return NT_STATUS_OK; + + cancel: + if (db->transaction_cancel(db) != 0) { + smb_panic("transaction_cancel failed"); } return status; @@ -604,10 +626,16 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member) char *key; fstring sid_string; + if (db->transaction_start(db) != 0) { + DEBUG(0, ("transaction_start failed\n")); + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + status = alias_memberships(member, 1, &sids, &num); - if (!NT_STATUS_IS_OK(status)) - return status; + if (!NT_STATUS_IS_OK(status)) { + goto cancel; + } for (i=0; i<num; i++) { if (sid_compare(&sids[i], alias) == 0) { @@ -618,7 +646,8 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member) if (!found) { TALLOC_FREE(sids); - return NT_STATUS_MEMBER_NOT_IN_ALIAS; + status = NT_STATUS_MEMBER_NOT_IN_ALIAS; + goto cancel; } if (i < num) @@ -631,19 +660,21 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member) key = talloc_asprintf(sids, "%s%s", MEMBEROF_PREFIX, sid_string); if (key == NULL) { TALLOC_FREE(sids); - return NT_STATUS_NO_MEMORY; + status = NT_STATUS_NO_MEMORY; + goto cancel; } if (num == 0) { status = dbwrap_delete_bystring(db, key); TALLOC_FREE(sids); - return status; + goto cancel; } member_string = talloc_strdup(sids, ""); if (member_string == NULL) { TALLOC_FREE(sids); - return NT_STATUS_NO_MEMORY; + status = NT_STATUS_NO_MEMORY; + goto cancel; } for (i=0; i<num; i++) { @@ -655,7 +686,8 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member) if (member_string == NULL) { TALLOC_FREE(sids); - return NT_STATUS_NO_MEMORY; + status = NT_STATUS_NO_MEMORY; + goto cancel; } } @@ -664,6 +696,24 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member) TALLOC_FREE(sids); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("dbwrap_store_bystring failed: %s\n", + nt_errstr(status))); + goto cancel; + } + + if (db->transaction_commit(db) != 0) { + DEBUG(0, ("transaction_commit failed\n")); + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto cancel; + } + + return NT_STATUS_OK; + + cancel: + if (db->transaction_cancel(db) != 0) { + smb_panic("transaction_cancel failed"); + } return status; } |