summaryrefslogtreecommitdiff
path: root/source3/winbindd/winbindd_dual.c
AgeCommit message (Collapse)AuthorFilesLines
2010-04-01s3:winbindd: fix problems with SIGCHLD handling (bug #7317)Stefan Metzmacher1-3/+3
The main problem is that we call CatchChild() within the parent winbindd, which overwrites the signal handler that was registered by winbindd_setup_sig_chld_handler(). That means winbindd_sig_chld_handler() and winbind_child_died() are never triggered when a winbindd domain child dies. As a result will get "broken pipe" for all requests to that domain. To reduce the risk of similar bugs in future we call CatchChild() in winbindd_reinit_after_fork() now. We also use a full winbindd_reinit_after_fork() in the cache validation child now instead instead of just resetting the SIGCHLD handler by hand. This will also fix possible tdb problems on systems without pread/pwrite and disabled mmap as we now correctly reopen the tdb handle for the child. metze
2010-04-01s3:winbindd: only set child_domain in the childStefan Metzmacher1-1/+1
metze
2010-02-26Fix one of the valgrind warnings from bug #6814 - Fixes for problems ↵Roel van Meer1-0/+8
reported by valgrind The timeval passed to event_add_to_select_args() must be initialized as event_add_to_select_args() uses a timeval_min() on this and next_event.
2010-01-02s3: Fix a typoVolker Lendecke1-1/+1
2009-12-28s3: Simplify "setup_domain_child" slightlyVolker Lendecke1-1/+1
2009-12-26s3: Fix some nonempty blank linesVolker Lendecke1-2/+2
2009-12-23s3: Remove some unused codeVolker Lendecke1-79/+0
2009-12-23s3: Remove unused sendto_child()Volker Lendecke1-7/+0
2009-11-19s3: Avoid races to change the machine password in winbindVolker Lendecke1-0/+18
The machine password handler has code to deal with every node in the cluster trying to change the machine password at the same time. However, it is not very nice to the DC if everyone tries this simultaneously. This adds a random 0-255 second offset to our timed event. When this fires a bit later than strictly calculated, someone else might have stepped in and have already changed it. The timed event handler will handle this gracefully, it won't even try to do it again.
2009-11-19s3: Protect against flooding the DC with pwchange requestsVolker Lendecke1-14/+24
When there is a temporary problem changing passwords we flooded the DC with pwchange requests. This gives the DC a 60-second break to recover.
2009-11-19s3: Re-check the timeout in machine_password_change_handler()Volker Lendecke1-0/+6
Someone else might have come in between and changed the password since we created that timed request
2009-11-19s3: Add some debugs to the winbind machine pwchange machineryVolker Lendecke1-0/+16
2009-11-19s3: Do not kill the whole smb session if a machine pwchange failedVolker Lendecke1-1/+1
2009-10-06s3-winbindd: make sure to reset connections when machine account password ↵Günther Deschner1-0/+8
change chain was broken. Guenther
2009-10-05Revert "s3: Attempt to fix machine password change"Volker Lendecke1-33/+9
This reverts commit 20a8ea91e10af167067cc794a251265aaf489e75. Ooops, this should not have been committed.
2009-10-05s3: Attempt to fix machine password changeVolker Lendecke1-9/+33
2009-08-27s3:winbind: Add a generic cache for NDR based parent-child requestsVolker Lendecke1-2/+2
2009-08-05s3:winbind: Add NDR-based parent-child communication to winbindVolker Lendecke1-0/+13
2009-07-31Provide a mem_ctx for child requestsVolker Lendecke1-0/+1
2009-07-28Remove a duplicate prototypeVolker Lendecke1-1/+0
2009-07-18s3: don't do this, upper callbacks will check itBo Yang1-4/+0
Signed-off-by: Bo Yang <boyang@samba.org>
2009-06-14Remove "winbindd_request" and "winbindd_response" from winbindd_cli_stateVolker Lendecke1-2/+4
This shrinks the memory footprint of an idle client by 5592 bytes to 60 bytes on my 32-bit box.
2009-06-14Make winbindd_cli_state->response a pointer instead of a struct memberVolker Lendecke1-15/+16
Same comment as in baa6084378e530b: This is just a preparatory checkin. Volker
2009-06-14Fix an error message: We get the errno in "err"Volker Lendecke1-1/+1
2009-06-14Do not use "finished" in winbind childVolker Lendecke1-10/+8
2009-06-14Convert async_domain_request to wb_domain_request_sendVolker Lendecke1-20/+22
2009-06-14Add wb_domain_request_send/recvVolker Lendecke1-0/+184
2009-06-14Convert the winbind parent->child communication to wb_reqtransVolker Lendecke1-230/+156
2009-06-14Make winbindd_cli_state->request a pointer instead of a struct memberVolker Lendecke1-18/+19
In itself, this is pretty pointless. But in the next steps I'll convert the winbind internal communication to wb_reqtrans which allocates the request properly. This minimizes the later diff. Volker
2009-05-27s3: Allow child processes to exit gracefully if we are out of fdsMarc VanHeyningen1-2/+3
When we run out of file descriptors for some reason, every new connection forks a child that immediately panics causing smbd to coredump. This seems unnecessarily harsh; with this code change we now catch that error and merely log a message about it and exit without the core dump. Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-05-22s3: Fix onlinestatus msg to return status of all domain instead of omitting ↵Bo Yang1-78/+51
trusted domains Signed-off-by: Bo Yang <boyang@samba.org>
2009-05-12Convert response.extra_data.data from malloc to tallocVolker Lendecke1-2/+0
2009-05-07Fix some nonempty blank linesVolker Lendecke1-11/+10
2009-02-23More warning fixes for Solaris.Jeremy Allison1-1/+1
Jeremy.
2009-02-01Add two new parameters to control how we verify kerberos tickets. Removes ↵Dan Sledz1-1/+1
lp_use_kerberos_keytab parameter. The first is "kerberos method" and replaces the "use kerberos keytab" with an enum. Valid options are: secrets only - use only the secrets for ticket verification (default) system keytab - use only the system keytab for ticket verification dedicated keytab - use a dedicated keytab for ticket verification. secrets and keytab - use the secrets.tdb first, then the system keytab For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only The major difference between "system keytab" and "dedicated keytab" is that the latter method relies on kerberos to find the correct keytab entry instead of filtering based on expected principals. The second parameter is "dedicated keytab file", which is the keytab to use when in "dedicated keytab" mode. This keytab is only used in ads_verify_ticket.
2009-01-27s3:winbindd: handle SIG_TERM, SIGHUP, SIGCHLD and SIGUSR2 via teventStefan Metzmacher1-5/+6
metze
2009-01-22s3:winbindd: we don't need to call message_dispatch() anymore it's event ↵Stefan Metzmacher1-4/+0
triggered now metze
2009-01-22s3: always call run_events() before and after sys_select()Stefan Metzmacher1-9/+24
And always setup the fd events. metze
2009-01-14Clean up comments a little.Jeremy Allison1-11/+13
Jeremy.
2009-01-14Don't send message to any other child in child process.Bo Yang1-0/+30
Signed-off-by: Bo Yang <boyang@novell.com>
2009-01-13From boyang - ensure we never "return" from a forked child, always _exit().Jeremy Allison1-2/+2
Jeremy.
2009-01-10Don't set child->requests to NULL in parent after forkBo Yang1-1/+0
2009-01-06Make winbindd_cm.c use winbindd_reinit_after_fork().Jeremy Allison1-17/+21
Jeremy.
2009-01-06Add winbindd_reinit_after_fork(), cleaning out all possible eventsJeremy Allison1-52/+76
in a forked child. Jeremy.
2009-01-05s3:events: change event_add_timed() prototype to match samba4Stefan Metzmacher1-8/+3
metze
2009-01-05s3:winbindd: cancel all ccache entry events and not just oneStefan Metzmacher1-6/+4
cancel_named_event() is stupid by design and also only cancels one single event. metze
2009-01-05Fix broken krb5 refresh chainBo Yang1-0/+21
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-01-05clean event context after child is forked.Bo Yang1-16/+24
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-12-31s3:winbindd: we don't need to call messaging_reinit() twiceStefan Metzmacher1-7/+0
reinit_after_fork() already calls messaging_reinit() metze
2008-11-21s3-winbindd: for now only change machine pwd when not using a system krb5 ↵Günther Deschner1-0/+1
keytab. Guenther