krb5 commit: Remove ulog_check(); the ulog is not a DB journal

Greg Hudson ghudson at MIT.EDU
Wed Jan 23 14:46:19 EST 2013


https://github.com/krb5/krb5/commit/ceac9a66ce2ae844b16ec318934004439f5b3ae5
commit ceac9a66ce2ae844b16ec318934004439f5b3ae5
Author: Nicolas Williams <nico at cryptonector.com>
Date:   Thu Oct 25 18:26:10 2012 -0500

    Remove ulog_check(); the ulog is not a DB journal
    
    The db2 DB is not power-fail safe.  There's no point trying to
    replay an incompletely committed entry from the ulog at kadmind
    startup time.  For that matter, even if the db2 DB was power-fail
    safe there'd be no point replaying an uncommitted entry from the
    ulog as the libkadm5srv app (nor any client of it, as in the case of
    kadmind) will not have received any notice of success -- it'd be
    wrong to complete that operation later when the user thought it'd
    failed.
    
    [ghudson at mit.edu: merge with master, adjust comment]
    
    ticket: 7552 (new)

 src/lib/kdb/kdb_log.c |  120 +++----------------------------------------------
 1 files changed, 6 insertions(+), 114 deletions(-)

diff --git a/src/lib/kdb/kdb_log.c b/src/lib/kdb/kdb_log.c
index 017c41a..b9906f0 100644
--- a/src/lib/kdb/kdb_log.c
+++ b/src/lib/kdb/kdb_log.c
@@ -284,12 +284,8 @@ ulog_delete_update(krb5_context context, kdb_incr_update_t *upd)
     return ulog_add_update(context, upd);
 }
 
-/*
- * Used by the slave or master (during ulog_check) to update it's hash db from
- * the incr update log.
- *
- * Must be called with lock held.
- */
+/* Used by the slave to update its hash db from* the incr update log.  Must be
+ * called with lock held. */
 krb5_error_code
 ulog_replay(krb5_context context, kdb_incr_result_t *incr_ret, char **db_args)
 {
@@ -364,96 +360,11 @@ cleanup:
     if (fupd)
         ulog_free_entries(fupd, no_of_updates);
 
-    if (log_ctx && log_ctx->iproprole == IPROP_SLAVE) {
-        if (retval)
-            ulog_finish_update_slave(ulog, errlast);
-        else
-            ulog_finish_update_slave(ulog, incr_ret->lastentry);
-    }
-
-    return retval;
-}
-
-/*
- * Validate the log file and resync any uncommitted update entries to the
- * principal database.
- *
- * Must be called with lock held.
- */
-static krb5_error_code
-ulog_check(krb5_context context, kdb_hlog_t *ulog, char **db_args)
-{
-    XDR xdrs;
-    krb5_error_code retval = 0;
-    unsigned int i;
-    kdb_ent_header_t *indx_log;
-    kdb_incr_update_t *upd = NULL;
-    kdb_incr_result_t *incr_ret = NULL;
-
-    ulog->kdb_state = KDB_STABLE;
-
-    for (i = 0; i < ulog->kdb_num; i++) {
-        indx_log = (kdb_ent_header_t *)INDEX(ulog, i);
-
-        if (indx_log->kdb_umagic != KDB_ULOG_MAGIC) {
-            /* The update entry is corrupted; we should scream and die. */
-            ulog->kdb_state = KDB_CORRUPT;
-            retval = KRB5_LOG_CORRUPT;
-            break;
-        }
-
-        if (indx_log->kdb_commit)
-            continue;
-
-        ulog->kdb_state = KDB_UNSTABLE;
-
-        incr_ret = k5alloc(sizeof(kdb_incr_result_t), &retval);
-        if (incr_ret == NULL)
-            goto error;
-        upd = k5alloc(sizeof(kdb_incr_update_t), &retval);
-        if (upd == NULL)
-            goto error;
-
-        xdrmem_create(&xdrs, (char *)indx_log->entry_data,
-                      indx_log->kdb_entry_size, XDR_DECODE);
-        if (!xdr_kdb_incr_update_t(&xdrs, upd)) {
-            retval = KRB5_LOG_CONV;
-            goto error;
-        }
-
-        incr_ret->updates.kdb_ulog_t_len = 1;
-        incr_ret->updates.kdb_ulog_t_val = upd;
-
-        upd->kdb_commit = TRUE;
-
-        /* We don't want to re-add this update; just use the existing update to
-         * be propagated later on.  ulog_replay frees upd. */
-        ulog_set_role(context, IPROP_NULL);
-        retval = ulog_replay(context, incr_ret, db_args);
-        free(incr_ret);
-        incr_ret = NULL;
-        upd = NULL;
-        ulog_set_role(context, IPROP_MASTER);
-        if (retval)
-            goto error;
-
-        /*
-         * We flag this as committed since this was the last entry before
-         * kadmind crashed, ergo the slaves have not seen this update before.
-         */
-        indx_log->kdb_commit = TRUE;
-        retval = ulog_sync_update(ulog, indx_log);
-        if (retval)
-            goto error;
-
-        ulog->kdb_state = KDB_STABLE;
-    }
+    if (retval)
+        ulog_finish_update_slave(ulog, errlast);
+    else
+        ulog_finish_update_slave(ulog, incr_ret->lastentry);
 
-error:
-    if (upd)
-        ulog_free_entries(upd, 1);
-    free(incr_ret);
-    ulog_sync_header(ulog);
     return retval;
 }
 
@@ -609,25 +520,6 @@ ulog_map(krb5_context context, const char *logname, uint32_t ulogentries,
         return 0;
     }
 
-    if (caller == FKADMIND) {
-        switch (ulog->kdb_state) {
-        case KDB_STABLE:
-        case KDB_UNSTABLE:
-            /* Log is currently un/stable, check anyway. */
-            retval = ulog_check(context, ulog, db_args);
-            ulog_lock(context, KRB5_LOCKMODE_UNLOCK);
-            if (retval)
-                return retval;
-            break;
-        case KDB_CORRUPT:
-            ulog_lock(context, KRB5_LOCKMODE_UNLOCK);
-            return KRB5_LOG_CORRUPT;
-        default:
-            /* Invalid db state. */
-            ulog_lock(context, KRB5_LOCKMODE_UNLOCK);
-            return KRB5_LOG_ERROR;
-        }
-    }
     assert(caller == FKADMIND || caller == FKCOMMAND);
 
     /* Reinit ulog if the log is being truncated or expanded after we have


More information about the cvs-krb5 mailing list