r11317: An ugly hack to setup the global gssapi_krb5_context early, when we

have easy access to the event context.

This stops Samba dead-locking against itself when the winbindd client
tries to contact the KDC.

Andrew Bartlett

diff --git a/source/heimdal/lib/gssapi/gssapi_locl.h b/source/heimdal/lib/gssapi/gssapi_locl.h
index a25e2fdcc9a82a25842f9cb2c96d852de83224f3..1d22099877ca5c10465f5a5598feab018490626e 100644 (file)
--- a/source/heimdal/lib/gssapi/gssapi_locl.h
+++ b/source/heimdal/lib/gssapi/gssapi_locl.h
@@ -108,6 +108,7 @@ struct gssapi_thr_context {
  */
 
 krb5_error_code gssapi_krb5_init (void);
+krb5_error_code gssapi_krb5_init_ev (void *event_context);
 
 #define GSSAPI_KRB5_INIT() do {                                        \
     krb5_error_code kret_gss_init;                             \

diff --git a/source/heimdal/lib/gssapi/init.c b/source/heimdal/lib/gssapi/init.c
index a642b629f44bee0e96fa13a13e1ef194a9a2472e..11d7c9bb9ff950dd6a5045aeaac34e725e62063f 100644 (file)
--- a/source/heimdal/lib/gssapi/init.c
+++ b/source/heimdal/lib/gssapi/init.c
@@ -89,17 +89,19 @@ gssapi_get_thread_context(int createp)
     return NULL;
 }
 
-krb5_error_code
-gssapi_krb5_init (void)
-{
-    krb5_error_code ret = 0;
 #ifdef _SAMBA_BUILD_
+/* Init krb5 with an event context.  Disgusting Samba-specific hack */
+
+krb5_error_code 
+gssapi_krb5_init_ev (void *event_context)
+{
     static struct smb_krb5_context *smb_krb5_context;
+    krb5_error_code ret = 0;
 
     HEIMDAL_MUTEX_lock(&gssapi_krb5_context_mutex);
 
     if(smb_krb5_context == NULL) {
-       ret = smb_krb5_init_context(NULL, &smb_krb5_context);
+       ret = smb_krb5_init_context(event_context, &smb_krb5_context);
     }
     if (ret == 0 && !created_key) {
        HEIMDAL_key_create(&gssapi_context_key, 
@@ -116,6 +118,16 @@ gssapi_krb5_init (void)
     }
 
     HEIMDAL_MUTEX_unlock(&gssapi_krb5_context_mutex);
+    return ret;
+}
+#endif
+
+krb5_error_code
+gssapi_krb5_init (void)
+{
+    krb5_error_code ret = 0;
+#ifdef _SAMBA_BUILD_
+    ret = gssapi_krb5_init_ev(NULL);
 #else 
     HEIMDAL_MUTEX_lock(&gssapi_krb5_context_mutex);
 

diff --git a/source/smbd/server.c b/source/smbd/server.c
index 93399b15f378a73bc2700a2aee551e8f397daf6b..41d6329b024058e7822e98f8481d789d89b483a9 100644 (file)
--- a/source/smbd/server.c
+++ b/source/smbd/server.c
@@ -29,7 +29,10 @@
 #include "lib/cmdline/popt_common.h"
 #include "system/dir.h"
 #include "system/filesys.h"
+#include "system/kerberos.h"
 
+/* For sepecifiying event context to GSSAPI below */
+#include "heimdal/lib/gssapi/gssapi_locl.h"
 
 /*
   recursively delete a directory tree
@@ -236,6 +239,9 @@ static int binary_smbd_main(int argc, const char *argv[])
                return 1;
        }
 
+       /* Hack to ensure that GSSAPI uses the right event context */
+       gssapi_krb5_init_ev(event_ctx);
+
        /* wait for events - this is where smbd sits for most of its
           life */
        event_loop_wait(event_ctx);