r12268: Use transactions to ensure that the schannel db is consistant.

Andrew Bartlett
(This used to be commit 949137e3122a3163a9fc923a418633a791364afe)

diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c
index 8f9a8ef6b5093fe40c888c11bbfabdcff1dec8d6..edc7b8445bbea78b2d3a299466992c8fa15c5c3d 100644 (file)
--- a/source4/auth/gensec/schannel_state.c
+++ b/source4/auth/gensec/schannel_state.c
@@ -122,6 +122,14 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
        ldb_msg_add_string(msg, "flatname", creds->domain);
        samdb_msg_add_dom_sid(ldb, mem_ctx, msg, "objectSid", creds->sid);
 
+       ret = ldb_transaction_start(ldb);
+       if (ret != 0) {
+               DEBUG(0,("Unable to start transaction to add %s to session key db - %s\n", 
+                        ldb_dn_linearize(msg, msg->dn), ldb_errstring(ldb)));
+               talloc_free(ldb);
+               return NT_STATUS_INTERNAL_DB_CORRUPTION;
+       }
+
        ldb_delete(ldb, msg->dn);
 
        ret = ldb_add(ldb, msg);
@@ -133,6 +141,15 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
        }
 
+       ret = ldb_transaction_commit(ldb);
+
+       if (ret != 0) {
+               DEBUG(0,("Unable to commit adding %s to session key db - %s\n", 
+                        ldb_dn_linearize(msg, msg->dn), ldb_errstring(ldb)));
+               talloc_free(ldb);
+               return NT_STATUS_INTERNAL_DB_CORRUPTION;
+       }
+
        talloc_free(ldb);
 
        return NT_STATUS_OK;