From: Jeremy Allison Date: Sat, 2 Sep 2006 23:06:21 +0000 (+0000) Subject: r18010: Ensure we don't timeout twice to the same X-Git-Tag: samba-misc-tags/initial-v3-0-unstable~2314 X-Git-Url: http://git.samba.org/samba.git/?a=commitdiff_plain;h=10b32cb6de234fa17fdd691bb294864d4d40f782;p=sfrench%2Fsamba-autobuild%2F.git r18010: Ensure we don't timeout twice to the same server in winbindd when it's down and listed in the -ve connection cache. Fix memory leak, reduce timeout for cldap calls - minimum 3 secs. Jeremy. --- diff --git a/source/libads/cldap.c b/source/libads/cldap.c index da1dec6b931..8e34e27353e 100644 --- a/source/libads/cldap.c +++ b/source/libads/cldap.c @@ -188,6 +188,8 @@ static int recv_cldap_netlogon(int sock, struct cldap_netlogon_reply *reply) DATA_BLOB blob; DATA_BLOB os1, os2, os3; int i1; + /* half the time of a regular ldap timeout, not less than 3 seconds. */ + unsigned int al_secs = MAX(3,lp_ldap_timeout()/2); char *p; blob = data_blob(NULL, 8192); @@ -200,7 +202,7 @@ static int recv_cldap_netlogon(int sock, struct cldap_netlogon_reply *reply) /* Setup timeout */ gotalarm = 0; CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig); - alarm(lp_ldap_timeout()); + alarm(al_secs); /* End setup timeout. */ ret = read(sock, blob.data, blob.length); diff --git a/source/libads/kerberos.c b/source/libads/kerberos.c index c872508fe84..57233f21828 100644 --- a/source/libads/kerberos.c +++ b/source/libads/kerberos.c @@ -494,10 +494,13 @@ static char *get_kdc_ip_string(char *mem_ctx, const char *realm, struct in_addr kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", kdc_str, inet_ntoa(ip_srv[i].ip)); if (!kdc_str) { + SAFE_FREE(ip_srv); return NULL; } } + SAFE_FREE(ip_srv); + DEBUG(10,("get_kdc_ip_string: Returning %s\n", kdc_str )); diff --git a/source/nsswitch/winbindd_cm.c b/source/nsswitch/winbindd_cm.c index 6c35539e4dd..b6a3b3ac054 100644 --- a/source/nsswitch/winbindd_cm.c +++ b/source/nsswitch/winbindd_cm.c @@ -791,17 +791,22 @@ static NTSTATUS cm_open_connection(struct winbindd_domain *domain, char *saf_servername = saf_fetch( domain->name ); int retries; - if ((mem_ctx = talloc_init("cm_open_connection")) == NULL) + if ((mem_ctx = talloc_init("cm_open_connection")) == NULL) { + SAFE_FREE(saf_servername); return NT_STATUS_NO_MEMORY; + } /* we have to check the server affinity cache here since later we selecte a DC based on response time and not preference */ - if ( saf_servername ) - { + /* Check the negative connection cache + before talking to it. It going down may have + triggered the reconnection. */ + + if ( saf_servername && NT_STATUS_IS_OK(check_negative_conn_cache( domain->name, saf_servername))) { + /* convert an ip address to a name */ - if ( is_ipaddress( saf_servername ) ) - { + if ( is_ipaddress( saf_servername ) ) { fstring saf_name; struct in_addr ip; @@ -814,9 +819,7 @@ static NTSTATUS cm_open_connection(struct winbindd_domain *domain, domain->name, saf_servername, NT_STATUS_UNSUCCESSFUL); } - } - else - { + } else { fstrcpy( domain->dcname, saf_servername ); }