[krbdev.mit.edu #7677] 1.10.5 & 1.10.6 kpropd patch
basch@MIT.EDU via RT
rt-comment at krbdev.mit.edu
Sat Jul 6 16:29:40 EDT 2013
The fix ported back from 1.11.2 to 1.10.5 to resolve the potential issue
where a failed full resync might result in a database still reporting it is
current is flawed. Attached is a patch which ensures if a full resync fails
the resulting database is not considered "current".
I have seen this bad database condition if kpropd logs an error similar to
"kpropd: Full resync, invalid return."
Sorry... I don't have my krb5 1.10 tree in github... it's only 10 additional
lines of code + 3 other lines for readability (comments, whitespace).
-----Original Message-----
From: Richard Basch [mailto:probe at mail.bright-prospects.com]
Sent: Saturday, July 06, 2013 12:33 AM
To: basch at mit.edu; richard.basch at gs.com
Subject: kpropd patch
--- src/slave/kpropd.c.orig 2013-04-17 20:40:18.000000000 -0400
+++ src/slave/kpropd.c 2013-07-06 00:27:45.135069434 -0400
@@ -931,6 +931,19 @@
break;
}
+ if (incr_ret->ret == UPDATE_FULL_RESYNC_NEEDED && frdone == 0) {
+ /* Re-init ulog so we don't accidentally think we are current */
+ if (log_ctx && log_ctx->iproprole) {
+ log_ctx->ulog->kdb_last_sno = 0;
+ log_ctx->ulog->kdb_last_time.seconds = 0;
+ log_ctx->ulog->kdb_last_time.useconds = 0;
+
+ log_ctx->ulog->kdb_first_sno = 0;
+ log_ctx->ulog->kdb_first_time.seconds = 0;
+ log_ctx->ulog->kdb_first_time.useconds = 0;
+ }
+ }
+
if (runonce == 1)
goto done;
More information about the krb5-bugs
mailing list