From 9322442510d9c2cf16c25f5109fe81b277c44881 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 1 Apr 2008 11:02:01 +0200 Subject: [PATCH] passdb: guard pdb_generate_sam_sid() with a transaction This prevents possible races with some dbwrap backends metze --- source/passdb/machine_sid.c | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/source/passdb/machine_sid.c b/source/passdb/machine_sid.c index 8fafcbbbd46..ff2c9bcb0d9 100644 --- a/source/passdb/machine_sid.c +++ b/source/passdb/machine_sid.c @@ -181,16 +181,38 @@ static DOM_SID *pdb_generate_sam_sid(void) /* return our global_sam_sid */ DOM_SID *get_global_sam_sid(void) { + struct db_context *db; + if (global_sam_sid != NULL) return global_sam_sid; - /* memory for global_sam_sid is allocated in - pdb_generate_sam_sid() as needed */ + /* + * memory for global_sam_sid is allocated in + * pdb_generate_sam_sid() as needed + * + * Note: this is garded by a transaction + * to prevent races on startup which + * can happen with some dbwrap backends + */ + + db = secrets_db_ctx(); + if (!db) { + smb_panic("could not open secrets db"); + } + + if (db->transaction_start(db) != 0) { + smb_panic("could not start transaction on secrets db"); + } if (!(global_sam_sid = pdb_generate_sam_sid())) { + db->transaction_cancel(db); smb_panic("could not generate a machine SID"); } + if (db->transaction_commit(db) != 0) { + smb_panic("could not start commit secrets db"); + } + return global_sam_sid; } -- 2.11.4.GIT