Convert secrets_lock_trust_account_password to talloc

This is preparing the conversion of secrets.c to ctdb

diff --git a/source/passdb/secrets.c b/source/passdb/secrets.c
index 2ef8f439884be464b2be06901ad92116bec0aba5..2c0d648716520ed0bc093a3f830796e91cba76d6 100644 (file)
--- a/source/passdb/secrets.c
+++ b/source/passdb/secrets.c
@@ -325,20 +325,36 @@ static char *trustdom_keystr(const char *domain)
        return keystr;
 }
 
+static int unlock_trust_account(char *domain)
+{
+       tdb_unlock_bystring(tdb, trust_keystr(domain));
+       return 0;
+}
+
 /************************************************************************
  Lock the trust password entry.
 ************************************************************************/
 
-bool secrets_lock_trust_account_password(const char *domain, bool dolock)
+void *secrets_get_trust_account_lock(TALLOC_CTX *mem_ctx, const char *domain)
 {
-       if (!tdb)
-               return False;
+       char *result;
 
-       if (dolock)
-               return (tdb_lock_bystring(tdb, trust_keystr(domain)) == 0);
-       else
-               tdb_unlock_bystring(tdb, trust_keystr(domain));
-       return True;
+       if (!secrets_init()) {
+               return NULL;
+       }
+
+       result = talloc_strdup(mem_ctx, domain);
+       if (result == NULL) {
+               return NULL;
+       }
+
+       if (tdb_lock_bystring(tdb, trust_keystr(domain)) != 0) {
+               TALLOC_FREE(result);
+               return NULL;
+       }
+
+       talloc_set_destructor(result, unlock_trust_account);
+       return result;
 }
 
 /************************************************************************

diff --git a/source/smbd/process.c b/source/smbd/process.c
index 68bec7830a8b1d65efc3bb04bdc36080e21712b2..9c01bbaa4a86619edab2e6a82a37f60984eabc83 100644 (file)
--- a/source/smbd/process.c
+++ b/source/smbd/process.c
@@ -1901,6 +1901,7 @@ static void timeout_processing(int *select_timeout,
 
                unsigned char trust_passwd_hash[16];
                time_t lct;
+               void *lock;
 
                /*
                 * We're in domain level security, and the code that
@@ -1912,7 +1913,9 @@ static void timeout_processing(int *select_timeout,
                 * First, open the machine password file with an exclusive lock.
                 */
 
-               if (secrets_lock_trust_account_password(lp_workgroup(), True) == False) {
+               lock = secrets_get_trust_account_lock(NULL, lp_workgroup());
+
+               if (lock == NULL) {
                        DEBUG(0,("process: unable to lock the machine account password for \
 machine %s in domain %s.\n", global_myname(), lp_workgroup() ));
                        return;
@@ -1921,7 +1924,7 @@ machine %s in domain %s.\n", global_myname(), lp_workgroup() ));
                if(!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd_hash, &lct, NULL)) {
                        DEBUG(0,("process: unable to read the machine account password for \
 machine %s in domain %s.\n", global_myname(), lp_workgroup()));
-                       secrets_lock_trust_account_password(lp_workgroup(), False);
+                       TALLOC_FREE(lock);
                        return;
                }
 
@@ -1931,7 +1934,7 @@ machine %s in domain %s.\n", global_myname(), lp_workgroup()));
 
                if(t < lct + lp_machine_password_timeout()) {
                        global_machine_password_needs_changing = False;
-                       secrets_lock_trust_account_password(lp_workgroup(), False);
+                       TALLOC_FREE(lock);
                        return;
                }
 
@@ -1939,7 +1942,7 @@ machine %s in domain %s.\n", global_myname(), lp_workgroup()));
     
                change_trust_account_password( lp_workgroup(), NULL);
                global_machine_password_needs_changing = False;
-               secrets_lock_trust_account_password(lp_workgroup(), False);
+               TALLOC_FREE(lock);
        }
 
        /* update printer queue caches if necessary */