[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Tue May 6 05:37:04 MDT 2014
The branch, master has been updated
via 401f555 dsdb: Do not permit nested event loops when in a transaction, use a nested event context
via 543c5bf dsdb: Rename private_data to rootdse_private_data in rootdse
from 8dc24d4 Minor typo fix in source3/wscript.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 401f555c28aee861385b75c371b5f44cded1d391
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Apr 17 15:39:56 2014 +1200
dsdb: Do not permit nested event loops when in a transaction, use a nested event context
It is never safe to execute arbitary code inside a transaction - we
need to get in and get out, not run other events for the rest of the
server.
This patch avoids that by creating a private event loop during
transactions, so no unexpected operations fire, and returning the
original one when we finish it.
If an event fires during an LDB transaction, an unrelated operation
can occur during the transaction, and if the transaction were to be
cancelled, there would be a silent rollback (despite the client having
been indicated success).
Additionally, other processes could be called via IRPC that need to
operate on the database but are locked out due to the ongoing
transaction.
Andrew Bartlett
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10582
Change-Id: I22322fc006e61d7291da17cdf6431416ebb7b30f
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue May 6 13:36:20 CEST 2014 on sn-devel-104
commit 543c5bf94187473271767ad782439abbfccda00d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Apr 17 15:38:14 2014 +1200
dsdb: Rename private_data to rootdse_private_data in rootdse
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10582
Change-Id: I349a2be67333ada86c19cd6d2ed283cd5bbeb2aa
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/rootdse.c | 109 ++++++++++++++++++++++++------
1 files changed, 88 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c
index 7e1d277..b13dc9e 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -36,13 +36,16 @@
#include "librpc/gen_ndr/ndr_irpc_c.h"
#include "lib/tsocket/tsocket.h"
#include "cldap_server/cldap_server.h"
+#include "lib/events/events.h"
-struct private_data {
+struct rootdse_private_data {
unsigned int num_controls;
char **controls;
unsigned int num_partitions;
struct ldb_dn **partitions;
bool block_anonymous;
+ struct tevent_context *saved_ev;
+ struct tevent_context *private_ev;
};
struct rootdse_context {
@@ -227,7 +230,7 @@ static int dsdb_module_we_are_master(struct ldb_module *module, struct ldb_dn *d
static int rootdse_add_dynamic(struct rootdse_context *ac, struct ldb_message *msg)
{
struct ldb_context *ldb;
- struct private_data *priv = talloc_get_type(ldb_module_get_private(ac->module), struct private_data);
+ struct rootdse_private_data *priv = talloc_get_type(ldb_module_get_private(ac->module), struct rootdse_private_data);
const char * const *attrs = ac->req->op.search.attrs;
char **server_sasl;
const struct dsdb_schema *schema;
@@ -654,7 +657,7 @@ static int rootdse_callback(struct ldb_request *req, struct ldb_reply *ares)
static int rootdse_filter_controls(struct ldb_module *module, struct ldb_request *req)
{
unsigned int i, j;
- struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data);
+ struct rootdse_private_data *priv = talloc_get_type(ldb_module_get_private(module), struct rootdse_private_data);
bool is_untrusted;
if (!req->controls) {
@@ -717,7 +720,7 @@ static int rootdse_filter_controls(struct ldb_module *module, struct ldb_request
static int rootdse_filter_operations(struct ldb_module *module, struct ldb_request *req)
{
struct auth_session_info *session_info;
- struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data);
+ struct rootdse_private_data *priv = talloc_get_type(ldb_module_get_private(module), struct rootdse_private_data);
bool is_untrusted = ldb_req_is_untrusted(req);
bool is_anonymous = true;
if (is_untrusted == false) {
@@ -855,7 +858,7 @@ static int rootdse_search(struct ldb_module *module, struct ldb_request *req)
static int rootdse_register_control(struct ldb_module *module, struct ldb_request *req)
{
- struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data);
+ struct rootdse_private_data *priv = talloc_get_type(ldb_module_get_private(module), struct rootdse_private_data);
char **list;
list = talloc_realloc(priv, priv->controls, char *, priv->num_controls + 1);
@@ -876,7 +879,7 @@ static int rootdse_register_control(struct ldb_module *module, struct ldb_reques
static int rootdse_register_partition(struct ldb_module *module, struct ldb_request *req)
{
- struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data);
+ struct rootdse_private_data *priv = talloc_get_type(ldb_module_get_private(module), struct rootdse_private_data);
struct ldb_dn **list;
list = talloc_realloc(priv, priv->partitions, struct ldb_dn *, priv->num_partitions + 1);
@@ -916,14 +919,14 @@ static int rootdse_init(struct ldb_module *module)
int ret;
struct ldb_context *ldb;
struct ldb_result *res;
- struct private_data *data;
+ struct rootdse_private_data *data;
const char *attrs[] = { "msDS-Behavior-Version", NULL };
const char *ds_attrs[] = { "dsServiceName", NULL };
TALLOC_CTX *mem_ctx;
ldb = ldb_module_get_ctx(module);
- data = talloc_zero(module, struct private_data);
+ data = talloc_zero(module, struct rootdse_private_data);
if (data == NULL) {
return ldb_oom(ldb);
}
@@ -1356,6 +1359,67 @@ static int rootdse_add(struct ldb_module *module, struct ldb_request *req)
return LDB_ERR_NAMING_VIOLATION;
}
+static int rootdse_start_trans(struct ldb_module *module)
+{
+ int ret;
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+ struct rootdse_private_data *data = talloc_get_type_abort(ldb_module_get_private(module),
+ struct rootdse_private_data);
+ ret = ldb_next_start_trans(module);
+ if (ret == LDB_SUCCESS) {
+ if (data->private_ev != NULL) {
+ return ldb_operr(ldb);
+ }
+ data->private_ev = s4_event_context_init(data);
+ if (data->private_ev == NULL) {
+ return ldb_operr(ldb);
+ }
+ data->saved_ev = ldb_get_event_context(ldb);
+ ldb_set_event_context(ldb, data->private_ev);
+ }
+ return ret;
+}
+
+static int rootdse_end_trans(struct ldb_module *module)
+{
+ int ret;
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+ struct rootdse_private_data *data = talloc_get_type_abort(ldb_module_get_private(module),
+ struct rootdse_private_data);
+ ret = ldb_next_end_trans(module);
+ if (data->saved_ev == NULL) {
+ return ldb_operr(ldb);
+ }
+
+ if (data->private_ev != ldb_get_event_context(ldb)) {
+ return ldb_operr(ldb);
+ }
+ ldb_set_event_context(ldb, data->saved_ev);
+ data->saved_ev = NULL;
+ TALLOC_FREE(data->private_ev);
+ return ret;
+}
+
+static int rootdse_del_trans(struct ldb_module *module)
+{
+ int ret;
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+ struct rootdse_private_data *data = talloc_get_type_abort(ldb_module_get_private(module),
+ struct rootdse_private_data);
+ ret = ldb_next_del_trans(module);
+ if (data->saved_ev == NULL) {
+ return ldb_operr(ldb);
+ }
+
+ if (data->private_ev != ldb_get_event_context(ldb)) {
+ return ldb_operr(ldb);
+ }
+ ldb_set_event_context(ldb, data->saved_ev);
+ data->saved_ev = NULL;
+ TALLOC_FREE(data->private_ev);
+ return ret;
+}
+
struct fsmo_transfer_state {
struct ldb_context *ldb;
struct ldb_request *req;
@@ -1383,7 +1447,7 @@ static void rootdse_fsmo_transfer_callback(struct tevent_req *treq)
* Now that it is failed, start the transaction up
* again so the wrappers can close it without additional error
*/
- ldb_next_start_trans(module);
+ rootdse_start_trans(module);
ldb_module_done(req, NULL, NULL, LDB_ERR_UNAVAILABLE);
return;
}
@@ -1393,7 +1457,7 @@ static void rootdse_fsmo_transfer_callback(struct tevent_req *treq)
* Now that it is failed, start the transaction up
* again so the wrappers can close it without additional error
*/
- ldb_next_start_trans(module);
+ rootdse_start_trans(module);
ldb_module_done(req, NULL, NULL, LDB_ERR_UNAVAILABLE);
return;
}
@@ -1402,7 +1466,7 @@ static void rootdse_fsmo_transfer_callback(struct tevent_req *treq)
* Now that it is done, start the transaction up again so the
* wrappers can close it without error
*/
- ret = ldb_next_start_trans(module);
+ ret = rootdse_start_trans(module);
ldb_module_done(req, NULL, NULL, ret);
}
@@ -1443,7 +1507,7 @@ static int rootdse_become_master(struct ldb_module *module,
* this gives the least supprise to this supprising action (as
* we will never record anything done to this point
*/
- ldb_next_del_trans(module);
+ rootdse_del_trans(module);
msg = imessaging_client_init(tmp_ctx, lp_ctx,
ldb_get_event_context(ldb));
@@ -1612,15 +1676,18 @@ static int rootdse_extended(struct ldb_module *module, struct ldb_request *req)
}
static const struct ldb_module_ops ldb_rootdse_module_ops = {
- .name = "rootdse",
- .init_context = rootdse_init,
- .search = rootdse_search,
- .request = rootdse_request,
- .add = rootdse_add,
- .modify = rootdse_modify,
- .rename = rootdse_rename,
- .extended = rootdse_extended,
- .del = rootdse_delete
+ .name = "rootdse",
+ .init_context = rootdse_init,
+ .search = rootdse_search,
+ .request = rootdse_request,
+ .add = rootdse_add,
+ .modify = rootdse_modify,
+ .rename = rootdse_rename,
+ .extended = rootdse_extended,
+ .del = rootdse_delete,
+ .start_transaction = rootdse_start_trans,
+ .end_transaction = rootdse_end_trans,
+ .del_transaction = rootdse_del_trans
};
int ldb_rootdse_module_init(const char *version)
--
Samba Shared Repository
More information about the samba-cvs
mailing list