| commit | 38beef2ff63664d7d5805f1032bb9f69d0b965d7 | |
| author | Uri Simchoni <urisimchoni@gmail.com> | |
| Sat, 2 May 2015 10:44:53 +0000 (2 13:44 +0300) | ||
| committer | Jeremy Allison <jra@samba.org> | |
| Mon, 4 May 2015 19:01:41 +0000 (4 21:01 +0200) | ||
| tree | 63ba58238ec9de15e2da0dd6170408472b741999 | treesnapshot (tar.gz zip) |
| parent | df91bc5159b24f6f10fd9742b49192921d51f821 | commitdiff |
libads: Fix deadlock when re-joining a domain and updating keytab
When updating the system keytab as a result of joining a domain,
if the keytb had prior entries, ads_keytab_create_default tries to
update those entries. However, it starts updating before freeing the
cursor which was used for finding those entries, and hence causes
an an attempt to write-lock the keytab while a read-lock exists.
To reproduce configure smb.conf for ads domain member and run this twice:
net ads join -U <credentials> '--option=kerberos method=secrets and keytab'
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon May 4 21:01:41 CEST 2015 on sn-devel-104
When updating the system keytab as a result of joining a domain,
if the keytb had prior entries, ads_keytab_create_default tries to
update those entries. However, it starts updating before freeing the
cursor which was used for finding those entries, and hence causes
an an attempt to write-lock the keytab while a read-lock exists.
To reproduce configure smb.conf for ads domain member and run this twice:
net ads join -U <credentials> '--option=kerberos method=secrets and keytab'
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon May 4 21:01:41 CEST 2015 on sn-devel-104
| source3/libads/kerberos_keytab.c | diffblobblamehistory |