Fix winbind cache upgrade.

This commit is contained in:
Andreas Schneider 2011-12-05 15:39:35 +01:00
parent 9a9322255a
commit eac283e634
2 changed files with 155 additions and 1 deletions

View File

@ -0,0 +1,148 @@
From a3f600521122d1a6d74d16668bd1ea4447c5c867 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 2 Dec 2011 16:19:34 -0800
Subject: [PATCH] s3-winbind: Add an update function for winbind cache.
With 57b3d32 we changed the format for the winbind cache database and
the code deleted the database for the upgrade. As this database holds
also cached credentials, removing it is not an option. We need to update
from version 1 to version 2.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Dec 3 03:47:58 CET 2011 on sn-devel-104
---
source3/winbindd/winbindd_cache.c | 96 ++++++++++++++++++++++++++++++++++++-
1 files changed, 94 insertions(+), 2 deletions(-)
Index: samba-3.6.1/source3/winbindd/winbindd_cache.c
===================================================================
--- samba-3.6.1.orig/source3/winbindd/winbindd_cache.c
+++ samba-3.6.1/source3/winbindd/winbindd_cache.c
@@ -38,7 +38,10 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
-#define WINBINDD_CACHE_VERSION 2
+#define WINBINDD_CACHE_VER1 1 /* initial db version */
+#define WINBINDD_CACHE_VER2 2 /* second version with timeouts for NDR entries */
+
+#define WINBINDD_CACHE_VERSION WINBINDD_CACHE_VER2
#define WINBINDD_CACHE_VERSION_KEYSTR "WINBINDD_CACHE_VERSION"
extern struct winbindd_methods reconnect_methods;
@@ -4081,6 +4084,70 @@ static void validate_panic(const char *c
exit(47);
}
+static int wbcache_update_centry_fn(TDB_CONTEXT *tdb,
+ TDB_DATA key,
+ TDB_DATA data,
+ void *state)
+{
+ uint64_t ctimeout;
+ TDB_DATA blob;
+
+ if (is_non_centry_key(key)) {
+ return 0;
+ }
+
+ if (data.dptr == NULL || data.dsize == 0) {
+ if (tdb_delete(tdb, key) < 0) {
+ DEBUG(0, ("tdb_delete for [%s] failed!\n",
+ key.dptr));
+ return 1;
+ }
+ }
+
+ /* add timeout to blob (uint64_t) */
+ blob.dsize = data.dsize + 8;
+
+ blob.dptr = SMB_XMALLOC_ARRAY(uint8_t, blob.dsize);
+ if (blob.dptr == NULL) {
+ return 1;
+ }
+ memset(blob.dptr, 0, blob.dsize);
+
+ /* copy status and seqnum */
+ memcpy(blob.dptr, data.dptr, 8);
+
+ /* add timeout */
+ ctimeout = lp_winbind_cache_time() + time(NULL);
+ SBVAL(blob.dptr, 8, ctimeout);
+
+ /* copy the rest */
+ memcpy(blob.dptr + 16, data.dptr + 8, data.dsize - 8);
+
+ if (tdb_store(tdb, key, blob, TDB_REPLACE) < 0) {
+ DEBUG(0, ("tdb_store to update [%s] failed!\n",
+ key.dptr));
+ SAFE_FREE(blob.dptr);
+ return 1;
+ }
+
+ SAFE_FREE(blob.dptr);
+ return 0;
+}
+
+static bool wbcache_upgrade_v1_to_v2(TDB_CONTEXT *tdb)
+{
+ int rc;
+
+ DEBUG(1, ("Upgrade to version 2 of the winbindd_cache.tdb\n"));
+
+ rc = tdb_traverse(tdb, wbcache_update_centry_fn, NULL);
+ if (rc < 0) {
+ return false;
+ }
+
+ return true;
+}
+
/***********************************************************************
Try and validate every entry in the winbindd cache. If we fail here,
delete the cache tdb and return non-zero.
@@ -4091,11 +4158,12 @@ int winbindd_validate_cache(void)
int ret = -1;
const char *tdb_path = cache_path("winbindd_cache.tdb");
TDB_CONTEXT *tdb = NULL;
+ uint32_t vers_id;
+ bool ok;
DEBUG(10, ("winbindd_validate_cache: replacing panic function\n"));
smb_panic_fn = validate_panic;
-
tdb = tdb_open_log(tdb_path,
WINBINDD_CACHE_TDB_DEFAULT_HASH_SIZE,
TDB_INCOMPATIBLE_HASH |
@@ -4109,6 +4177,30 @@ int winbindd_validate_cache(void)
"error opening/initializing tdb\n"));
goto done;
}
+
+ /* Version check and upgrade code. */
+ if (!tdb_fetch_uint32(tdb, WINBINDD_CACHE_VERSION_KEYSTR, &vers_id)) {
+ DEBUG(10, ("Fresh database\n"));
+ tdb_store_uint32(tdb, WINBINDD_CACHE_VERSION_KEYSTR, WINBINDD_CACHE_VERSION);
+ vers_id = WINBINDD_CACHE_VERSION;
+ }
+
+ if (vers_id != WINBINDD_CACHE_VERSION) {
+ if (vers_id == WINBINDD_CACHE_VER1) {
+ ok = wbcache_upgrade_v1_to_v2(tdb);
+ if (!ok) {
+ DEBUG(10, ("winbindd_validate_cache: upgrade to version 2 failed.\n"));
+ unlink(tdb_path);
+ goto done;
+ }
+
+ tdb_store_uint32(tdb,
+ WINBINDD_CACHE_VERSION_KEYSTR,
+ WINBINDD_CACHE_VERSION);
+ vers_id = WINBINDD_CACHE_VER2;
+ }
+ }
+
tdb_close(tdb);
ret = tdb_validate_and_backup(tdb_path, cache_traverse_validate_fn);

View File

@ -1,4 +1,4 @@
%define main_release 76 %define main_release 77
%define samba_version 3.6.1 %define samba_version 3.6.1
%define tdb_version 1.2.9 %define tdb_version 1.2.9
%define talloc_version 2.0.5 %define talloc_version 2.0.5
@ -46,6 +46,7 @@ Patch104: samba-3.0.0rc3-nmbd-netbiosname.patch
Patch107: samba-3.2.0pre1-grouppwd.patch Patch107: samba-3.2.0pre1-grouppwd.patch
Patch200: samba-3.2.5-inotify.patch Patch200: samba-3.2.5-inotify.patch
Patch300: samba-3.6.1-debug.patch Patch300: samba-3.6.1-debug.patch
Patch301: samba-3.6.1-winbind_upgrade_cache.patch
Requires(pre): samba-common = %{epoch}:%{samba_version}-%{release} Requires(pre): samba-common = %{epoch}:%{samba_version}-%{release}
Requires: pam >= 0:0.64 Requires: pam >= 0:0.64
@ -212,6 +213,7 @@ cp %{SOURCE11} packaging/Fedora/
%patch107 -p1 -b .grouppwd %patch107 -p1 -b .grouppwd
%patch200 -p0 -b .inotify %patch200 -p0 -b .inotify
%patch300 -p1 -b .debug %patch300 -p1 -b .debug
%patch301 -p1 -b .winbind
mv %samba_source/VERSION %samba_source/VERSION.orig mv %samba_source/VERSION %samba_source/VERSION.orig
sed -e 's/SAMBA_VERSION_VENDOR_SUFFIX=$/&\"%{samba_release}\"/' < %samba_source/VERSION.orig > %samba_source/VERSION sed -e 's/SAMBA_VERSION_VENDOR_SUFFIX=$/&\"%{samba_release}\"/' < %samba_source/VERSION.orig > %samba_source/VERSION
@ -669,6 +671,10 @@ fi
%{_datadir}/pixmaps/samba/logo-small.png %{_datadir}/pixmaps/samba/logo-small.png
%changelog %changelog
* Mon Dec 05 2011 Andreas Schneider <asn@redhat.com> - 1:3.6.1-77
- Fix winbind cache upgrade.
- resolves: #760137
* Fri Nov 18 2011 Andreas Schneider <asn@redhat.com> - 1:3.6.1-76 * Fri Nov 18 2011 Andreas Schneider <asn@redhat.com> - 1:3.6.1-76
- Fix piddir to match with systemd files. - Fix piddir to match with systemd files.
- Fix crash bug in the debug system. - Fix crash bug in the debug system.