diff options
| author | Andrew Tridgell <tridge@samba.org> | 2002-02-18 11:07:57 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2002-02-18 11:07:57 +0000 |
| commit | eb196070e62b45b113e5712f27198c50c5c95657 (patch) | |
| tree | 962074ed93d8a4178584cabe9633cc333cf4bbc0 /source | |
| parent | 569505b77140c2688aeab4df058b864464f23c1d (diff) | |
| download | samba-eb196070e62b45b113e5712f27198c50c5c95657.tar.gz samba-eb196070e62b45b113e5712f27198c50c5c95657.tar.xz samba-eb196070e62b45b113e5712f27198c50c5c95657.zip | |
serialise all domain auth requests
this is needed because W2K will send a TCP reset to any open
connections that have not done a negprot when a second connection is
made. This meant that under heavy netlogon load a Samba domain member
would fail authentications.
Jeremy, you may wish to port this to 2.2.x
Diffstat (limited to 'source')
| -rw-r--r-- | source/auth/auth_domain.c | 11 | ||||
| -rw-r--r-- | source/lib/messages.c | 30 |
2 files changed, 40 insertions, 1 deletions
diff --git a/source/auth/auth_domain.c b/source/auth/auth_domain.c index 9e5f32c9a3d..947cd41a265 100644 --- a/source/auth/auth_domain.c +++ b/source/auth/auth_domain.c @@ -81,10 +81,19 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, logonserver. We can avoid a 30-second timeout if the DC is down if the SAMLOGON request fails as it is only over UDP. */ + /* we use a mutex to prevent two connections at once - when a NT PDC gets + two connections where one hasn't completed a negprot yet it will send a + TCP reset to the first connection (tridge) */ + if (!message_named_mutex(server)) { + DEBUG(1,("domain mutex failed for %s\n", server)); + return NT_STATUS_UNSUCCESSFUL; + } + /* Attempt connection */ - result = cli_full_connection(cli, global_myname, server, &dest_ip, 0, "IPC$", "IPC", "", "", "", 0); + + message_named_mutex_release(server); if (!NT_STATUS_IS_OK(result)) { return result; diff --git a/source/lib/messages.c b/source/lib/messages.c index 096452784a3..7ce050d70d6 100644 --- a/source/lib/messages.c +++ b/source/lib/messages.c @@ -458,3 +458,33 @@ BOOL message_send_all(TDB_CONTEXT *conn_tdb, int msg_type, } /** @} **/ + + +/* + lock the messaging tdb based on a string - this is used as a primitive form of mutex + between smbd instances. +*/ +BOOL message_named_mutex(const char *name) +{ + TDB_DATA key; + + if (!message_init()) return False; + + key.dptr = name; + key.dsize = strlen(name)+1; + + return (tdb_chainlock(tdb, key) == 0); +} + +/* + unlock a named mutex +*/ +void message_named_mutex_release(const char *name) +{ + TDB_DATA key; + + key.dptr = name; + key.dsize = strlen(name)+1; + + tdb_chainunlock(tdb, key); +} |