r11317: An ugly hack to setup the global gssapi_krb5_context early, when we

have easy access to the event context.

This stops Samba dead-locking against itself when the winbindd client
tries to contact the KDC.

Andrew Bartlett
(This used to be commit 57f811115ed768ea1f170dcd71038398bf2ab6e9)

3 files changed, 24 insertions, 5 deletions

diff --git a/source4/heimdal/lib/gssapi/gssapi_locl.h b/source4/heimdal/lib/gssapi/gssapi_locl.h
index a25e2fdcc9a..1d22099877c 100644
--- a/source4/heimdal/lib/gssapi/gssapi_locl.h
+++ b/source4/heimdal/lib/gssapi/gssapi_locl.h
@@ -108,6 +108,7 @@ struct gssapi_thr_context {
  */
 
 krb5_error_code gssapi_krb5_init (void);
+krb5_error_code gssapi_krb5_init_ev (void *event_context);
 
 #define GSSAPI_KRB5_INIT() do {					\
     krb5_error_code kret_gss_init;				\
diff --git a/source4/heimdal/lib/gssapi/init.c b/source4/heimdal/lib/gssapi/init.c
index a642b629f44..11d7c9bb9ff 100644
--- a/source4/heimdal/lib/gssapi/init.c
+++ b/source4/heimdal/lib/gssapi/init.c
@@ -89,17 +89,19 @@ gssapi_get_thread_context(int createp)
     return NULL;
 }
 
-krb5_error_code
-gssapi_krb5_init (void)
-{
-    krb5_error_code ret = 0;
 #ifdef _SAMBA_BUILD_
+/* Init krb5 with an event context.  Disgusting Samba-specific hack */
+
+krb5_error_code 
+gssapi_krb5_init_ev (void *event_context)
+{
     static struct smb_krb5_context *smb_krb5_context;
+    krb5_error_code ret = 0;
 
     HEIMDAL_MUTEX_lock(&gssapi_krb5_context_mutex);
 
     if(smb_krb5_context == NULL) {
-	ret = smb_krb5_init_context(NULL, &smb_krb5_context);
+	ret = smb_krb5_init_context(event_context, &smb_krb5_context);
     }
     if (ret == 0 && !created_key) {
 	HEIMDAL_key_create(&gssapi_context_key, 
@@ -116,6 +118,16 @@ gssapi_krb5_init (void)
     }
 
     HEIMDAL_MUTEX_unlock(&gssapi_krb5_context_mutex);
+    return ret;
+}
+#endif
+
+krb5_error_code
+gssapi_krb5_init (void)
+{
+    krb5_error_code ret = 0;
+#ifdef _SAMBA_BUILD_
+    ret = gssapi_krb5_init_ev(NULL);
 #else 
     HEIMDAL_MUTEX_lock(&gssapi_krb5_context_mutex);
 
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index 93399b15f37..41d6329b024 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -29,7 +29,10 @@
 #include "lib/cmdline/popt_common.h"
 #include "system/dir.h"
 #include "system/filesys.h"
+#include "system/kerberos.h"
 
+/* For sepecifiying event context to GSSAPI below */
+#include "heimdal/lib/gssapi/gssapi_locl.h"
 
 /*
   recursively delete a directory tree
@@ -236,6 +239,9 @@ static int binary_smbd_main(int argc, const char *argv[])
 		return 1;
 	}
 
+	/* Hack to ensure that GSSAPI uses the right event context */
+	gssapi_krb5_init_ev(event_ctx);
+
 	/* wait for events - this is where smbd sits for most of its
 	   life */
 	event_loop_wait(event_ctx);