[krbdev.mit.edu #6019] Add signal to force KDC to check for changed interfaces
Alexandra Ellwood via RT
rt-comment at krbdev.mit.edu
Mon Jul 7 16:19:32 EDT 2008
diff -uNr -x '*.orig' -x '*.rej' -x '*~' Kerberos.orig/KerberosFramework/Kerberos5/Sources/kdc/extern.c Kerberos/KerberosFramework/Kerberos5/Sources/kdc/extern.c
--- Kerberos.orig/KerberosFramework/Kerberos5/Sources/kdc/extern.c 2006-11-16 14:54:22.000000000 -0800
+++ Kerberos/KerberosFramework/Kerberos5/Sources/kdc/extern.c 2006-11-16 19:02:36.000000000 -0800
@@ -40,3 +40,4 @@
volatile int signal_requests_exit = 0; /* gets set when signal hits */
volatile int signal_requests_hup = 0; /* ditto */
+volatile int signal_requests_network = 0; /* ditto (SIGUSR1) */
diff -uNr -x '*.orig' -x '*.rej' -x '*~' Kerberos.orig/KerberosFramework/Kerberos5/Sources/kdc/extern.h Kerberos/KerberosFramework/Kerberos5/Sources/kdc/extern.h
--- Kerberos.orig/KerberosFramework/Kerberos5/Sources/kdc/extern.h 2006-11-16 14:54:22.000000000 -0800
+++ Kerberos/KerberosFramework/Kerberos5/Sources/kdc/extern.h 2006-11-16 19:02:36.000000000 -0800
@@ -96,4 +96,5 @@
extern volatile int signal_requests_exit;
extern volatile int signal_requests_hup;
+extern volatile int signal_requests_network;
#endif /* __KRB5_KDC_EXTERN__ */
diff -uNr -x '*.orig' -x '*.rej' -x '*~' Kerberos.orig/KerberosFramework/Kerberos5/Sources/kdc/main.c Kerberos/KerberosFramework/Kerberos5/Sources/kdc/main.c
--- Kerberos.orig/KerberosFramework/Kerberos5/Sources/kdc/main.c 2006-11-16 14:54:22.000000000 -0800
+++ Kerberos/KerberosFramework/Kerberos5/Sources/kdc/main.c 2006-11-16 19:12:43.000000000 -0800
@@ -56,6 +56,7 @@
krb5_sigtype request_exit (int);
krb5_sigtype request_hup (int);
+krb5_sigtype request_network (int);
void setup_signal_handlers (void);
@@ -371,6 +372,18 @@
#endif
}
+krb5_sigtype
+request_network(int signo)
+{
+ signal_requests_network = 1;
+
+#ifdef POSIX_SIGTYPE
+ return;
+#else
+ return(0);
+#endif
+}
+
void
setup_signal_handlers(void)
{
@@ -382,12 +395,15 @@
(void) sigaction(SIGTERM, &s_action, (struct sigaction *) NULL);
s_action.sa_handler = request_hup;
(void) sigaction(SIGHUP, &s_action, (struct sigaction *) NULL);
+ s_action.sa_handler = request_network;
+ (void) sigaction(SIGUSR1, &s_action, (struct sigaction *) NULL);
s_action.sa_handler = SIG_IGN;
(void) sigaction(SIGPIPE, &s_action, (struct sigaction *) NULL);
#else /* POSIX_SIGNALS */
signal(SIGINT, request_exit);
signal(SIGTERM, request_exit);
signal(SIGHUP, request_hup);
+ signal(SIGUSR1, request_network);
signal(SIGPIPE, SIG_IGN);
#endif /* POSIX_SIGNALS */
diff -uNr -x '*.orig' -x '*.rej' -x '*~' Kerberos.orig/KerberosFramework/Kerberos5/Sources/kdc/network.c Kerberos/KerberosFramework/Kerberos5/Sources/kdc/network.c
--- Kerberos.orig/KerberosFramework/Kerberos5/Sources/kdc/network.c 2006-11-16 14:54:22.000000000 -0800
+++ Kerberos/KerberosFramework/Kerberos5/Sources/kdc/network.c 2006-11-16 19:02:36.000000000 -0800
@@ -207,7 +207,7 @@
(set.data[idx] = set.data[--set.n], 0)
#define FREE_SET_DATA(set) if(set.data) free(set.data); \
- (set.data = 0, set.max = 0)
+ (set.data = 0, set.max = 0, set.n = 0)
/* Set<struct connection *> connections; */
@@ -222,6 +222,8 @@
static struct select_state sstate;
+static int getcurtime (struct timeval *tvp);
+
static krb5_error_code add_udp_port(int port)
{
int i;
@@ -1066,17 +1068,42 @@
that junk on the stack. */
static struct select_state sout;
int i, sret;
+ int netchanged;
krb5_error_code err;
- if (conns == (struct connection **) NULL)
- return KDC5_NONET;
-
+ netchanged = 0;
+ if (conns == (struct connection **) NULL){
+ sleep(30);
+ err = setup_network(prog);
+ if (conns == (struct connection **) NULL)
+ return KDC5_NONET;
+ if (err){
+ com_err(prog, err,"while initalizing the network");
+ return err;
+ }
+ }
+
while (!signal_requests_exit) {
if (signal_requests_hup) {
krb5_klog_reopen(kdc_context);
signal_requests_hup = 0;
}
- sstate.end_time.tv_sec = sstate.end_time.tv_usec = 0;
+
+
+ if (signal_requests_network) {
+ com_err(prog, EINTR, "signal_requests_network recieved");
+ err = getcurtime(&(sstate.end_time));
+ if(err) {
+ com_err(prog, err, "while getting the time");
+ continue;
+ }
+ sstate.end_time.tv_sec += 3;
+ netchanged = 1;
+ } else {
+ sstate.end_time.tv_sec = sstate.end_time.tv_usec = 0;
+ }
+
+
err = krb5int_cm_call_select(&sstate, &sout, &sret);
if (err) {
com_err(prog, err, "while selecting for network input(1)");
@@ -1087,6 +1114,17 @@
com_err(prog, errno, "while selecting for network input(2)");
continue;
}
+ if(netchanged && (sret == 0)) {
+ signal_requests_network = 0;
+ (void)closedown_network(prog);
+ err = setup_network(prog);
+ if(err) {
+ com_err(prog, err, "while re-initializing network");
+ return err;
+ }
+ netchanged = 0;
+ }
+
nfound = sret;
for (i=0; i<n_sockets && nfound > 0; i++) {
int sflags = 0;
@@ -1129,4 +1167,24 @@
return 0;
}
+// stolen from sendto_kdc.c
+static int getcurtime (struct timeval *tvp)
+{
+#ifdef _WIN32
+ struct _timeb tb;
+ _ftime(&tb);
+ tvp->tv_sec = tb.time;
+ tvp->tv_usec = tb.millitm * 1000;
+ /* Can _ftime fail? */
+ return 0;
+#else
+ if (gettimeofday(tvp, 0)) {
+ //dperror("gettimeofday");
+ return errno;
+ }
+ return 0;
+#endif
+}
+
+
#endif /* INET */
More information about the krb5-bugs
mailing list