summaryrefslogtreecommitdiff
path: root/lib/tdb
AgeCommit message (Collapse)AuthorFilesLines
2013-06-04tdb: change version to tdb-1.2.12Stefan Metzmacher2-1/+68
* internal code cleanups * crash fix for pytdb * fix for 4GB overflow detection See http://permalink.gmane.org/gmane.network.samba.internals/42906 for an example of what happens. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Jun 4 16:07:55 CEST 2013 on sn-devel-104
2013-06-03tdb: Add another overflow check to tdb_expand_adjustVolker Lendecke1-0/+6
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jun 3 14:08:54 CEST 2013 on sn-devel-104
2013-06-03tdb: Make tdb_recovery_allocate overflow-safeVolker Lendecke1-1/+6
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
2013-06-03tdb: Make tdb_recovery_size overflow-safeVolker Lendecke2-7/+28
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
2013-06-03tdb: add proper OOM/ENOSPC handling to tdb_expand()Stefan Metzmacher1-8/+23
Failing to do so will result in corrupt tdbs: We will overwrite the hash chain pointers with 0x42424242. Pair-Programmed-With: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
2013-06-03tdb: add overflow detection to tdb_expand_adjust()Stefan Metzmacher1-3/+31
We round up at maximun to a new size of 4GB, but still return at least the given size. The caller has to deal with ENOSPC itself. Pair-Programmed-With: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
2013-06-03tdb: add overflow/ENOSPC handling to tdb_expand_file()Stefan Metzmacher1-1/+11
Pair-Programmed-With: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
2013-06-03tdb: add a 'new_size' helper variable to tdb_expand_file()Stefan Metzmacher1-4/+7
Pair-Programmed-With: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
2013-06-03tdb: Add overflow-checking tdb_add_off_tVolker Lendecke2-0/+12
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
2013-05-28tdb: fix logging of offets and lengths.Rusty Russell7-47/+46
We can have offsets > 2G, so use unsigned values. Fixes other prints to be native types rather than casts, too. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue May 28 11:22:14 CEST 2013 on sn-devel-104
2013-05-28build: Remove autoconf build systemAndrew Bartlett1-41/+0
We are now confident that that waf build system meets enough of our needs that we will work to improve it, rather than maintain two build systems. Andrew Bartlett Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-05-14tdb: include information about hash function being used in tdbtool info outputChristian Ambach1-0/+2
makes it possible to easily determine if the tdb under examination uses jenkins hash or not Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-03-26tdb: Fix blank line endingsVolker Lendecke5-46/+45
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-26tdb: Little format changeVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-05tdb: Slightly simplify tdb_expand_fileVolker Lendecke1-2/+4
The "else" keywords are not necessary here, we return in the preceding if clause Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Mar 5 14:00:47 CET 2013 on sn-devel-104
2013-02-20ntdb: switch between secrets.tdb and secrets.ntdb depending on 'use ntdb'Rusty Russell1-0/+5
Since we open with dbwrap, it auto-converts old tdbs (which it will rename to secrets.tdb.bak once it's done). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Wed Feb 20 07:09:19 CET 2013 on sn-devel-104
2013-02-19tdb: Slightly simplify transaction_writeVolker Lendecke1-8/+2
realloc(NULL, ...) is equivalent to malloc. We are already using this realloc property for tdb->lockrecs. It should not make any difference in speed, it just makes for a little simpler code. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Feb 19 17:30:13 CET 2013 on sn-devel-104
2013-02-19tdb: Make tdb_release_transaction_locks use tdb_allrecord_unlockVolker Lendecke1-1/+1
The transaction code uses tdb_alrecord_lock/upgrade, so it should also use the tdb_allrecord_unlock function just for symmetry reasons Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-19tdb: Don't segfault if tdb_open_ex for check failedVolker Lendecke1-0/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-19tdb: Factor out the retry loop from tdb_allrecord_upgradeVolker Lendecke1-20/+39
For the mutex code we will have to lock the hashchain and the record lock area independently. So we will have to call the loop twice. And, it's a small refactoring for the better anyway I think. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-19tdb: Simplify fcntl_lock() a bitVolker Lendecke1-4/+4
All arguments but the cmd are the same. To me this looks a bit better and saves some bytes in the object code. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-19tdb: Use tdb_null in freelistcheckVolker Lendecke1-3/+2
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-19tdb: Enhance lock tracking a bitVolker Lendecke1-0/+11
lock-tracking.c mirrors the in-kernel fcntl structures to detect unexpected use of fcntl calls. During my mutex work I changed our fcntl use so that we unlock the allrecord_lock in two pieces: The range covering the hash locks and the range covering the data area for the individual traverse record locks. Splitting locks is not covered by lock-tracking.c. This patch extends lock-tracking.c with this little piece. It's still far from complete to track the full range of fcntl semantics. It is not strictly needed right now, but it does not hurt either. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-16tdb: Fix a typoVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Simo Sorce <idra@samba.org> Autobuild-Date(master): Sat Feb 16 17:13:32 CET 2013 on sn-devel-104
2013-02-05tdb: Remove "header" from tdb_contextVolker Lendecke13-59/+64
header.hash_size was the only thing we ever referenced outside of tdb_open_ex and its direct callees. So this shrinks the tdb_context by 164 bytes. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Feb 5 13:18:28 CET 2013 on sn-devel-104
2013-02-05tdb: Pass argument "header" to check_header_hashVolker Lendecke1-4/+6
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-05tdb: Pass argument "header" to tdb_new_databaseVolker Lendecke1-6/+8
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-19Remove some unused variables.Jeremy Allison1-3/+0
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-07tdb: Fix undefined prototype warningsVolker Lendecke1-0/+2
These functions are deliberately left without prototypes according to 3fdeaa399, but without prototypes we get warnings. Reviewed-by: Rusty Russell <rusty@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jan 7 11:20:19 CET 2013 on sn-devel-104
2013-01-07tdb: Fix \n in error messagesVolker Lendecke1-2/+2
Reviewed-by: Rusty Russell <rusty@samba.org>
2012-12-21tdb: Add a comment explaining the "check"Volker Lendecke1-1/+4
I had to ask git blame to find why we have to do it here... Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Dec 21 13:54:39 CET 2012 on sn-devel-104
2012-12-21tdb: Make tdb_new_database() follow a more conventional styleVolker Lendecke1-3/+4
We usually "goto fail" on every error and then in normal flow set the return variable to success. This patch removes a comment which from my point of view is now obsolete. It violates the {} rule from README.Coding here in favor of the style used in this function. Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Fix a typoVolker Lendecke1-1/+1
Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Fix a typoVolker Lendecke1-1/+1
Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Use tdb_lock_covered_by_allrecord_lock in tdb_unlockVolker Lendecke1-7/+1
Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Factor out tdb_lock_covered_by_allrecord_lock from tdb_lock_listVolker Lendecke1-23/+31
Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Simplify logic in tdb_lock_list slightlyVolker Lendecke1-7/+22
Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Slightly simplify tdb_lock_listVolker Lendecke1-11/+11
Avoid an else {} branch when we can do an early return Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Fix blank line endingsVolker Lendecke11-89/+89
Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Fix a commentVolker Lendecke1-1/+1
Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Fix a typoVolker Lendecke1-1/+1
Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Fix a missing CONVERTVolker Lendecke1-1/+1
methods->tdb_write expects data in on-disk format. For reading that record, methods->tdb_read() has taken care of the on-disk to in-memory representation according to the DOCONV() flag passed down. tdb_rec_write() is a wrapper around methods->tdb_write just doing the CONVERT() on the way to disk. Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-12tdb: Improve the documentation of tdb_reopen() and tdb_close().Andreas Schneider1-2/+8
Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Dec 12 14:58:50 CET 2012 on sn-devel-104
2012-12-12tdb: Fix possible crash bugs in the python tdb code.Andreas Schneider1-2/+15
You can't call tdb_error() for tdb_reopen() or tdb_close(), both return the error code of close(2) and not a TDB_ERROR! Reviewed-by: Simo Sorce <idra@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03lib/tdb: Rename manpages/ to man/.Karolin Seeger5-12/+12
Trying to be more consistent. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-29docs: man tdbtool: Add missing meta data.Karolin Seeger1-1/+1
This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
2012-10-06tdb: Make tdb robust against improper CLEAR_IF_FIRST restartVolker Lendecke1-4/+28
When winbind is restarted, there is a potential crash in tdb. Following situation: We are in a cluster with ctdb. A winbind child hangs in a request to the DC. Cluster monitoring decides the node has a problem. Cluster monitoring decides to kill ctdbd. winbind child still hangs in a RPC request. winbind parent figures that ctdb is dead and immediately commits suicide. winbind parent is restarted by cluster management, overwriting gencache.tdb with CLEAR_IF_FIRST. The CLEAR_IF_FIRST logic as implemented now will not see that a child still has the tdb open, only the parent holds the ACTIVE_LOCK due to performance reasons. During the CLEAR_IF_FIRST logic is done, there is a very small window where we ftruncate(tfd, 0) the file and re-write a proper header without a lock. When during this small window the winbind child comes back, wanting to store something into gencache.tdb, that winbind child will crash with a SIGBUS. Sounds unlikely? See: [2012/09/29 07:02:31.871607, 0] lib/util.c:1183(smb_panic) PANIC (pid 1814517): internal error [2012/09/29 07:02:31.877596, 0] lib/util.c:1287(log_stack_trace) BACKTRACE: 35 stack frames: #0 winbindd(log_stack_trace+0x1a) [0x7feb7d4ca18a] #1 winbindd(smb_panic+0x2b) [0x7feb7d4ca25b] #2 winbindd(+0x1a3cc4) [0x7feb7d4bacc4] #3 /lib64/libc.so.6(+0x32900) [0x7feb7a929900] #4 /lib64/libc.so.6(memcpy+0x35) [0x7feb7a97f355] #5 /usr/lib64/libtdb.so.1(+0x6e76) [0x7feb7b0b0e76] #6 /usr/lib64/libtdb.so.1(+0x3d37) [0x7feb7b0add37] #7 /usr/lib64/libtdb.so.1(+0x863d) [0x7feb7b0b263d] #8 /usr/lib64/libtdb.so.1(+0x8700) [0x7feb7b0b2700] #9 /usr/lib64/libtdb.so.1(+0x2505) [0x7feb7b0ac505] #10 /usr/lib64/libtdb.so.1(+0x25b7) [0x7feb7b0ac5b7] #11 /usr/lib64/libtdb.so.1(tdb_fetch+0x13) [0x7feb7b0ac633] #12 winbindd(gencache_set_data_blob+0x259) [0x7feb7d4d8449] #13 winbindd(gencache_set+0x53) [0x7feb7d4d85b3] #14 winbindd(gencache_del+0x5e) [0x7feb7d4d879e] #15 winbindd(saf_delete+0x93) [0x7feb7d54b693] #16 winbindd(+0xe507e) [0x7feb7d3fc07e] #17 winbindd(+0xe85e5) [0x7feb7d3ff5e5] #18 winbindd(+0xe65be) [0x7feb7d3fd5be] #19 winbindd(+0xe7562) [0x7feb7d3fe562] #20 winbindd(init_dc_connection+0x2e) [0x7feb7d3fe5be] #21 winbindd(+0xe75d9) [0x7feb7d3fe5d9] #22 winbindd(cm_connect_netlogon+0x58) [0x7feb7d3fe658] #23 winbindd(_wbint_PingDc+0x61) [0x7feb7d410991] #24 winbindd(+0x103175) [0x7feb7d41a175] #25 winbindd(winbindd_dual_ndrcmd+0xb7) [0x7feb7d4107d7] #26 winbindd(+0xf8609) [0x7feb7d40f609] #27 winbindd(+0xf9075) [0x7feb7d410075] #28 winbindd(tevent_common_loop_immediate+0xe8) [0x7feb7d4db198] #29 winbindd(run_events_poll+0x3c) [0x7feb7d4d93fc] #30 winbindd(+0x1c2b52) [0x7feb7d4d9b52] #31 winbindd(_tevent_loop_once+0x90) [0x7feb7d4d9f60] #32 winbindd(main+0x7b3) [0x7feb7d3e7aa3] #33 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7feb7a915cdd] #34 winbindd(+0xce2a9) [0x7feb7d3e52a9] This is in a winbind child, logfiles surrounding indicate the parent was restarted. This patch takes all chain locks around the CLEAR_IF_FIRST introduced tdb_new_database.
2012-10-06tdb: Make robust against shrinking tdbsRusty Russell1-12/+20
When probing for a size change (eg. just before tdb_expand, tdb_check, tdb_rescue) we call tdb_oob(tdb, tdb->map_size, 1, 1). Unfortunately this does nothing if the tdb has actually shrunk, which as Volker demonstrated, can actually happen if a "longlived" parent crashes. So move the map/update size/remap before the limit check. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-10-04tdb: add -e option to tdbdump (and docment it).Rusty Russell2-3/+53
This allows for an emergency best-effort dump. It's a little better than strings(1). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Thu Oct 4 03:16:06 CEST 2012 on sn-devel-104
2012-10-04tdb: tdbdump should log errors, and fail in that case.Rusty Russell1-2/+38
Dumping a corrupt database should not exit silently with 0 status! Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>