krb5 commit: Disallow unlocked iteration of hash databases
Tom Yu
tlyu at MIT.EDU
Thu Aug 7 16:29:46 EDT 2014
https://github.com/krb5/krb5/commit/ded6f17bbda92419a68478b822ce79406c0be1e0
commit ded6f17bbda92419a68478b822ce79406c0be1e0
Author: Tom Yu <tlyu at mit.edu>
Date: Wed Aug 6 18:45:20 2014 -0400
Disallow unlocked iteration of hash databases
It's not clear whether unlocked iteration over a hash DB2 database
will omit unaffected entries if database additions or deletions occur
concurrently with the iteration. Avoid this situation by disabling
unlocked iteration in the unlikely event that someone is still using a
hash database for their KDB.
ticket: 7977
src/plugins/kdb/db2/kdb_db2.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c
index b7cdc88..4c2292c 100644
--- a/src/plugins/kdb/db2/kdb_db2.c
+++ b/src/plugins/kdb/db2/kdb_db2.c
@@ -386,6 +386,9 @@ open_db(krb5_db2_context *dbc, int flags, int mode)
break;
}
+ /* Don't try unlocked iteration with a hash database. */
+ if (db != NULL && dbc->hashfirst)
+ dbc->unlockiter = FALSE;
done:
free(fname);
return db;
More information about the cvs-krb5
mailing list