From 1ebfc66b2c145289d1e1314e8415d9e3c6f405ae Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 10 Mar 2008 21:08:29 +0100 Subject: Use a separate tdb for mutexes Another preparation to convert secrets.c to dbwrap: The dbwrap API does not provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC mutex is needed per-node anyway, so it is perfectly fine to use a local mutex only. (This used to be commit f94a63cd8f94490780ad9331da229c0bcb2ca5d6) --- source3/auth/auth_domain.c | 16 +++++++++------- source3/auth/auth_server.c | 16 +++++++++------- 2 files changed, 18 insertions(+), 14 deletions(-) (limited to 'source3/auth') diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index df51966f4c..26474089fb 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -24,6 +24,7 @@ #define DBGC_CLASS DBGC_AUTH extern bool global_machine_password_needs_changing; +static struct named_mutex *mutex; /** * Connect to a remote server for (inter)domain security authenticaion. @@ -67,7 +68,8 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, * ACCESS_DENIED errors if 2 auths are done from the same machine. JRA. */ - if (!grab_server_mutex(dc_name)) { + mutex = grab_named_mutex(NULL, dc_name, 10); + if (mutex == NULL) { return NT_STATUS_NO_LOGON_SERVERS; } @@ -87,7 +89,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, *cli = NULL; } - release_server_mutex(); + TALLOC_FREE(mutex); return result; } @@ -118,7 +120,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, machine %s. Error was : %s.\n", dc_name, nt_errstr(result))); cli_shutdown(*cli); *cli = NULL; - release_server_mutex(); + TALLOC_FREE(mutex); return result; } @@ -137,7 +139,7 @@ machine %s. Error was : %s.\n", dc_name, nt_errstr(result))); domain)); cli_shutdown(*cli); *cli = NULL; - release_server_mutex(); + TALLOC_FREE(mutex); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -153,7 +155,7 @@ machine %s. Error was : %s.\n", dc_name, nt_errstr(result))); if (!NT_STATUS_IS_OK(result)) { cli_shutdown(*cli); *cli = NULL; - release_server_mutex(); + TALLOC_FREE(mutex); return result; } } @@ -163,7 +165,7 @@ machine %s. Error was : %s.\n", dc_name, nt_errstr(result))); machine %s. Error was : %s.\n", dc_name, cli_errstr(*cli))); cli_shutdown(*cli); *cli = NULL; - release_server_mutex(); + TALLOC_FREE(mutex); return NT_STATUS_NO_LOGON_SERVERS; } @@ -247,7 +249,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx, /* Let go as soon as possible so we avoid any potential deadlocks with winbind lookup up users or groups. */ - release_server_mutex(); + TALLOC_FREE(mutex); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("domain_client_validate: unable to validate password " diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index 095f0b9fb8..b07884c49b 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -37,6 +37,7 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) const char *p; char *pserver = NULL; bool connected_ok = False; + struct named_mutex *mutex; if (!(cli = cli_initialise())) return NULL; @@ -74,7 +75,8 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) session setup yet it will send a TCP reset to the first connection (tridge) */ - if (!grab_server_mutex(desthost)) { + mutex = grab_named_mutex(talloc_tos(), desthost, 10); + if (mutex == NULL) { cli_shutdown(cli); return NULL; } @@ -87,7 +89,7 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) } DEBUG(10,("server_cryptkey: failed to connect to server %s. Error %s\n", desthost, nt_errstr(status) )); - release_server_mutex(); + TALLOC_FREE(mutex); } if (!connected_ok) { @@ -98,7 +100,7 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) if (!attempt_netbios_session_request(&cli, global_myname(), desthost, &dest_ss)) { - release_server_mutex(); + TALLOC_FREE(mutex); DEBUG(1,("password server fails session request\n")); cli_shutdown(cli); return NULL; @@ -111,16 +113,16 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) DEBUG(3,("got session\n")); if (!cli_negprot(cli)) { + TALLOC_FREE(mutex); DEBUG(1,("%s rejected the negprot\n",desthost)); - release_server_mutex(); cli_shutdown(cli); return NULL; } if (cli->protocol < PROTOCOL_LANMAN2 || !(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) { + TALLOC_FREE(mutex); DEBUG(1,("%s isn't in user level security mode\n",desthost)); - release_server_mutex(); cli_shutdown(cli); return NULL; } @@ -132,14 +134,14 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 0, "", 0, ""))) { + TALLOC_FREE(mutex); DEBUG(0,("%s rejected the initial session setup (%s)\n", desthost, cli_errstr(cli))); - release_server_mutex(); cli_shutdown(cli); return NULL; } - release_server_mutex(); + TALLOC_FREE(mutex); DEBUG(3,("password server OK\n")); -- cgit