s3:winbindd: raise the timeout for lsa_Lookup*() calls from 10 to 35 seconds.

metze
(cherry picked from commit 1e1445bc7672b17a1d689fa0f0732b05b6e04da5)

Fixes bug #6627.
(cherry picked from commit 8d57806544dade748aaac9cc493deb75d4e95735)

diff --git a/source/winbindd/winbindd_ads.c b/source/winbindd/winbindd_ads.c
index a508682e5ebc9d189b9197116f6975e2dfd64ab2..3c45f5748a02c3516a870398f95435b14110f107 100644 (file)
--- a/source/winbindd/winbindd_ads.c
+++ b/source/winbindd/winbindd_ads.c
@@ -1122,6 +1122,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
 
        /* handle sids not resolved from cache by lsa_lookup_sids */
        if (num_nocache > 0) {
+               unsigned int orig_timeout;
 
                status = cm_connect_lsa(domain, tmp_ctx, &cli, &lsa_policy);
 
@@ -1129,6 +1130,13 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
                        goto done;
                }
 
+               /*
+                * This call can take a long time
+                * allow the server to time out.
+                * 35 seconds should do it.
+                */
+               orig_timeout = rpccli_set_timeout(cli, 35000);
+
                status = rpccli_lsa_lookup_sids(cli, tmp_ctx,
                                                &lsa_policy,
                                                num_nocache,
@@ -1137,6 +1145,9 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
                                                &names_nocache,
                                                &name_types_nocache);
 
+               /* And restore our original timeout. */
+               rpccli_set_timeout(cli, orig_timeout);
+
                if (!(NT_STATUS_IS_OK(status) ||
                      NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED) ||
                      NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)))
@@ -1151,6 +1162,13 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
                                goto done;
                        }
 
+                       /*
+                        * This call can take a long time
+                        * allow the server to time out.
+                        * 35 seconds should do it.
+                        */
+                       orig_timeout = rpccli_set_timeout(cli, 35000);
+
                        status = rpccli_lsa_lookup_sids(cli, tmp_ctx,
                                                        &lsa_policy,
                                                        num_nocache,
@@ -1158,6 +1176,9 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
                                                        &domains_nocache,
                                                        &names_nocache,
                                                        &name_types_nocache);
+
+                       /* And restore our original timeout. */
+                       rpccli_set_timeout(cli, orig_timeout);
                }
 
                if (NT_STATUS_IS_OK(status) ||

diff --git a/source/winbindd/winbindd_rpc.c b/source/winbindd/winbindd_rpc.c
index 14f7c0c7750a729dd1e856c5f801ed5e2ac75bde..5f51b5f35a9e74c35f83de7d125c6edcace07016 100644 (file)
--- a/source/winbindd/winbindd_rpc.c
+++ b/source/winbindd/winbindd_rpc.c
@@ -281,6 +281,7 @@ static NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain,
        POLICY_HND lsa_policy;
        NTSTATUS name_map_status = NT_STATUS_UNSUCCESSFUL;
        char *mapped_name = NULL;
+       unsigned int orig_timeout;
 
        if (name == NULL || *name=='\0') {
                full_name = talloc_asprintf(mem_ctx, "%s", domain_name);
@@ -314,9 +315,19 @@ static NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain,
        if (!NT_STATUS_IS_OK(result))
                return result;
 
+       /*
+        * This call can take a long time
+        * allow the server to time out.
+        * 35 seconds should do it.
+        */
+       orig_timeout = rpccli_set_timeout(cli, 35000);
+
        result = rpccli_lsa_lookup_names(cli, mem_ctx, &lsa_policy, 1, 
                                         (const char**) &full_name, NULL, 1, &sids, &types);
-        
+
+       /* And restore our original timeout. */
+       rpccli_set_timeout(cli, orig_timeout);
+
        if (!NT_STATUS_IS_OK(result))
                return result;
 
@@ -346,6 +357,7 @@ static NTSTATUS msrpc_sid_to_name(struct winbindd_domain *domain,
        POLICY_HND lsa_policy;
        NTSTATUS name_map_status = NT_STATUS_UNSUCCESSFUL;
        char *mapped_name = NULL;
+       unsigned int orig_timeout;
 
        DEBUG(3,("sid_to_name [rpc] %s for domain %s\n", sid_string_dbg(sid),
                 domain->name ));
@@ -358,8 +370,19 @@ static NTSTATUS msrpc_sid_to_name(struct winbindd_domain *domain,
        }
        
 
+       /*
+        * This call can take a long time
+        * allow the server to time out.
+        * 35 seconds should do it.
+        */
+       orig_timeout = rpccli_set_timeout(cli, 35000);
+
        result = rpccli_lsa_lookup_sids(cli, mem_ctx, &lsa_policy,
                                        1, sid, &domains, &names, &types);
+
+       /* And restore our original timeout. */
+       rpccli_set_timeout(cli, orig_timeout);
+
        if (!NT_STATUS_IS_OK(result)) {         
                DEBUG(2,("msrpc_sid_to_name: rpccli_lsa_lookup_sids()  failed (%s)\n",
                         nt_errstr(result)));           
@@ -400,6 +423,7 @@ static NTSTATUS msrpc_rids_to_names(struct winbindd_domain *domain,
        DOM_SID *sids;
        size_t i;
        char **ret_names;
+       unsigned int orig_timeout;
 
        DEBUG(3, ("rids_to_names [rpc] for domain %s\n", domain->name ));
 
@@ -423,9 +447,20 @@ static NTSTATUS msrpc_rids_to_names(struct winbindd_domain *domain,
                return result;
        }
 
+       /*
+        * This call can take a long time
+        * allow the server to time out.
+        * 35 seconds should do it.
+        */
+       orig_timeout = rpccli_set_timeout(cli, 35000);
+
        result = rpccli_lsa_lookup_sids(cli, mem_ctx, &lsa_policy,
                                        num_rids, sids, &domains,
                                        names, types);
+
+       /* And restore our original timeout. */
+       rpccli_set_timeout(cli, orig_timeout);
+
        if (!NT_STATUS_IS_OK(result) &&
            !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED)) {
                return result;