/* pull the session key for this client */
status = schannel_fetch_session_key_ldb(schannel_ldb,
out_mem_ctx, workstation, &creds);
- talloc_free(schannel_ldb);
+ talloc_unlink(out_mem_ctx, schannel_ldb);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("Could not find session key for attempted schannel connection from %s: %s\n",
workstation, nt_errstr(status)));
if (!path) return NULL;
pdb = ldb_wrap_connect(mem_ctx, ev_ctx, lp_ctx, path,
- NULL, NULL, 0, NULL);
+ NULL, NULL, 0);
talloc_free(path);
return pdb;
/* And once we are bound, free the tempoary ldb, it will
* connect again on each incoming LDAP connection */
- talloc_free(ldb);
+ talloc_unlink(ldap_service, ldb);
return status;
}
LDB wrap functions
- Copyright (C) Andrew Tridgell 2004
+ Copyright (C) Andrew Tridgell 2004-2009
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include "ldb_wrap.h"
#include "dsdb/samdb/samdb.h"
#include "param/param.h"
+#include "dlinklist.h"
/*
this is used to catch debug messages from ldb
free(s);
}
-/* check for memory leaks on the ldb context */
-static int ldb_wrap_destructor(struct ldb_context *ldb)
+
+/*
+ connecting to a ldb can be a relatively expensive operation because
+ of the schema and partition loads. We keep a list of open ldb
+ contexts here, and try to re-use when possible.
+
+ This means callers of ldb_wrap_connect() must use talloc_unlink() or
+ the free of a parent to destroy the context
+ */
+static struct ldb_wrap {
+ struct ldb_wrap *next, *prev;
+ struct ldb_wrap_context {
+ /* the context is what we use to tell if two ldb
+ * connections are exactly equivalent
+ */
+ const char *url;
+ struct tevent_context *ev;
+ struct loadparm_context *lp_ctx;
+ struct auth_session_info *session_info;
+ struct cli_credentials *credentials;
+ unsigned int flags;
+ } context;
+ struct ldb_context *ldb;
+} *ldb_wrap_list;
+
+/*
+ see if two database opens are equivalent
+ */
+static bool ldb_wrap_same_context(const struct ldb_wrap_context *c1,
+ const struct ldb_wrap_context *c2)
{
- size_t *startup_blocks = (size_t *)ldb_get_opaque(ldb, "startup_blocks");
-
- if (startup_blocks &&
- talloc_total_blocks(ldb) > *startup_blocks + 400) {
- DEBUG(0,("WARNING: probable memory leak in ldb %s - %lu blocks (startup %lu) %lu bytes\n",
- (char *)ldb_get_opaque(ldb, "wrap_url"),
- (unsigned long)talloc_total_blocks(ldb),
- (unsigned long)*startup_blocks,
- (unsigned long)talloc_total_size(ldb)));
-#if 0
- talloc_report_full(ldb, stdout);
- call_backtrace();
- smb_panic("probable memory leak in ldb");
-#endif
- }
+ return (c1->ev == c2->ev &&
+ c1->lp_ctx == c2->lp_ctx &&
+ c1->session_info == c2->session_info &&
+ c1->credentials == c2->credentials &&
+ c1->flags == c2->flags &&
+ (c1->url == c2->url || strcmp(c1->url, c2->url) == 0));
+}
+
+/*
+ free a ldb_wrap structure
+ */
+static int ldb_wrap_destructor(struct ldb_wrap *w)
+{
+ DLIST_REMOVE(ldb_wrap_list, w);
return 0;
-}
+}
/*
wrapped connection to a ldb database
const char *url,
struct auth_session_info *session_info,
struct cli_credentials *credentials,
- unsigned int flags,
- const char *options[])
+ unsigned int flags)
{
struct ldb_context *ldb;
int ret;
char *real_url = NULL;
- size_t *startup_blocks;
+ struct ldb_wrap *w;
+ struct ldb_wrap_context c;
+
+ c.url = url;
+ c.ev = ev;
+ c.lp_ctx = lp_ctx;
+ c.session_info = session_info;
+ c.credentials = credentials;
+ c.flags = flags;
+
+ /* see if we can re-use an existing ldb */
+ for (w=ldb_wrap_list; w; w=w->next) {
+ if (ldb_wrap_same_context(&c, &w->context)) {
+ return talloc_reference(mem_ctx, w->ldb);
+ }
+ }
/* we want to use the existing event context if possible. This
relies on the fact that in smbd, everything is a child of
ldb_wrap_connect() */
ldb_set_create_perms(ldb, 0600);
- ret = ldb_connect(ldb, real_url, flags, options);
+ ret = ldb_connect(ldb, real_url, flags, NULL);
if (ret != LDB_SUCCESS) {
talloc_free(ldb);
return NULL;
/* setup for leak detection */
ldb_set_opaque(ldb, "wrap_url", real_url);
- startup_blocks = talloc(ldb, size_t);
- *startup_blocks = talloc_total_blocks(ldb);
- ldb_set_opaque(ldb, "startup_blocks", startup_blocks);
- talloc_set_destructor(ldb, ldb_wrap_destructor);
+ /* add to the list of open ldb contexts */
+ w = talloc(ldb, struct ldb_wrap);
+ if (w == NULL) {
+ talloc_free(ldb);
+ return NULL;
+ }
+
+ w->context = c;
+ w->context.url = talloc_strdup(w, url);
+ if (w->context.url == NULL) {
+ talloc_free(ldb);
+ return NULL;
+ }
+
+ w->ldb = ldb;
+
+ DLIST_ADD(ldb_wrap_list, w);
+
+ DEBUG(3,("ldb_wrap open of %s\n", url));
+
+ talloc_set_destructor(w, ldb_wrap_destructor);
return ldb;
}
+
+/*
+ when we fork() we need to make sure that any open ldb contexts have
+ any open transactions cancelled
+ */
+void ldb_wrap_fork_hook(void)
+{
+
+}
+
const char *url,
struct auth_session_info *session_info,
struct cli_credentials *credentials,
- unsigned int flags,
- const char *options[]);
+ unsigned int flags);
+void ldb_wrap_fork_hook(void);
#endif /* _LDB_WRAP_H_ */
return WERR_INVALID_PARAM;
wrap = ldb_wrap_connect(parent_ctx, ev_ctx, lp_ctx,
- location, session_info, credentials, 0, NULL);
+ location, session_info, credentials, 0);
if (wrap == NULL) {
DEBUG(1, (__FILE__": unable to connect\n"));
url = talloc_asprintf(ads, "ldap://%s", io->out.dcs[0].name);
ads->ldbctx = ldb_wrap_connect(ads, ads->netctx->event_ctx, ads->netctx->lp_ctx,
- url, NULL, ads->netctx->cred, 0, NULL);
+ url, NULL, ads->netctx->cred, 0);
if (ads->ldbctx == NULL) {
return ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
}
ldap->ldb = ldb_wrap_connect(s, s->libnet->event_ctx, s->libnet->lp_ctx, url,
NULL,
s->libnet->cred,
- 0, NULL);
+ 0);
talloc_free(url);
if (ldap->ldb == NULL) {
return NT_STATUS_UNEXPECTED_NETWORK_ERROR;
remote_ldb = ldb_wrap_connect(tmp_ctx, ctx->event_ctx, ctx->lp_ctx,
remote_ldb_url,
- NULL, ctx->cred, 0, NULL);
+ NULL, ctx->cred, 0);
if (!remote_ldb) {
r->out.error_string = NULL;
talloc_free(tmp_ctx);
state->samsync_state->machine_net_ctx->lp_ctx,
ldap_url,
NULL, state->samsync_state->machine_net_ctx->cred,
- 0, NULL);
+ 0);
if (!state->remote_ldb) {
*error_string = talloc_asprintf(mem_ctx, "Failed to connect to remote LDAP server at %s (used to extract additional data in SamSync replication)", ldap_url);
return NT_STATUS_NO_LOGON_SERVERS;
s->ldap.ldb = ldb_wrap_connect(s, s->libnet->event_ctx, s->libnet->lp_ctx, url,
NULL,
s->libnet->cred,
- 0, NULL);
+ 0);
talloc_free(url);
if (s->ldap.ldb == NULL) {
return NT_STATUS_UNEXPECTED_NETWORK_ERROR;
}
h->ldb = ldb_wrap_connect(h, ev_ctx, lp_ctx, lock_path(h, lp_ctx, lp_wins_url(lp_ctx)),
- NULL, NULL, flags, NULL);
+ NULL, NULL, flags);
if (!h->ldb) goto failed;
talloc_free(tmp_ctx);
}
h->ldb = ldb_wrap_connect(h, ev_ctx, lp_ctx, lock_path(h, lp_ctx, lp_wins_url(lp_ctx)),
- NULL, NULL, flags, NULL);
+ NULL, NULL, flags);
if (!h->ldb) goto failed;
h->caller = caller;
}
nt_status = schannel_store_session_key_ldb(schannel_ldb, mem_ctx, creds);
- talloc_free(schannel_ldb);
+ talloc_unlink(mem_ctx, schannel_ldb);
return nt_status;
}
schannel_in_use,
received_authenticator,
return_authenticator, creds_out);
- talloc_free(ldb);
+ talloc_unlink(mem_ctx, ldb);
return nt_status;
}
"pwdProperties", 1);
talloc_free(msgs);
- talloc_free(sam_ctx);
+ talloc_unlink(mem_ctx, sam_ctx);
return NT_STATUS_OK;
}
ldb = ldb_wrap_connect(torture, torture->ev, torture->lp_ctx, url,
NULL,
cmdline_credentials,
- 0, NULL);
+ 0);
torture_assert(torture, ldb, "Failed to make LDB connection to target");
ctx = talloc_zero(ldb, struct ldb_result);
ldb = ldb_wrap_connect(torture, torture->ev, torture->lp_ctx, url,
NULL,
cmdline_credentials,
- 0, NULL);
+ 0);
if (!ldb) goto failed;
ret &= test_search_rootDSE(ldb, &rootDSE);
ldb = ldb_wrap_connect(torture, torture->ev, torture->lp_ctx, url,
NULL,
cmdline_credentials,
- 0, NULL);
+ 0);
if (!ldb) goto failed;
ret &= test_check_uptodatevector(torture, ldb, samdb_base_dn(ldb));
torture_comment(torture, "Testing ldb speed for sidmap\n");
ldb = ldb_wrap_connect(tmp_ctx, torture->ev, torture->lp_ctx, "tdb://test.ldb",
- NULL, NULL, LDB_FLG_NOSYNC, NULL);
+ NULL, NULL, LDB_FLG_NOSYNC);
if (!ldb) {
unlink("./test.ldb");
talloc_free(tmp_ctx);
sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
NULL,
cmdline_credentials,
- 0, NULL);
+ 0);
torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
}
idmap_ctx->ldb_ctx = ldb_wrap_connect(mem_ctx, ev_ctx, lp_ctx,
lp_idmap_url(lp_ctx),
- system_session(mem_ctx, lp_ctx),
- NULL, 0, NULL);
+ system_session(lp_ctx),
+ NULL, 0);
if (idmap_ctx->ldb_ctx == NULL) {
return NULL;
}