summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2009-11-19 17:22:27 +0100
committerVolker Lendecke <vl@samba.org>2009-11-19 19:04:39 +0100
commitc4c984d97d45964e91625f69d7216cc68444ba3f (patch)
tree68b13da56f67d07fbfd746da2eddd3800e43b0a4 /source3
parent882350b0abe87ca7b3542996acfabc6d4bff5509 (diff)
downloadsamba-c4c984d97d45964e91625f69d7216cc68444ba3f.tar.gz
samba-c4c984d97d45964e91625f69d7216cc68444ba3f.tar.bz2
samba-c4c984d97d45964e91625f69d7216cc68444ba3f.zip
s3: Avoid races to change the machine password in winbind
The machine password handler has code to deal with every node in the cluster trying to change the machine password at the same time. However, it is not very nice to the DC if everyone tries this simultaneously. This adds a random 0-255 second offset to our timed event. When this fires a bit later than strictly calculated, someone else might have stepped in and have already changed it. The timed event handler will handle this gracefully, it won't even try to do it again.
Diffstat (limited to 'source3')
-rw-r--r--source3/winbindd/winbindd_dual.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c
index ae8f236cb4..376d7c7309 100644
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -1051,6 +1051,24 @@ static bool calculate_next_machine_pwd_change(const char *domain,
DEBUG(10,("machine password still valid until: %s\n",
http_timestring(talloc_tos(), next_change)));
*t = timeval_set(next_change, 0);
+
+ if (lp_clustering()) {
+ uint8_t randbuf;
+ /*
+ * When having a cluster, we have several
+ * winbinds racing for the password change. In
+ * the machine_password_change_handler()
+ * function we check if someone else was
+ * faster when the event triggers. We add a
+ * 255-second random delay here, so that we
+ * don't run to change the password at the
+ * exact same moment.
+ */
+ generate_random_buffer(&randbuf, sizeof(randbuf));
+ DEBUG(10, ("adding %d seconds randomness\n",
+ (int)randbuf));
+ t->tv_sec += randbuf;
+ }
return true;
}