[krbdev.mit.edu #7674] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Fri Jul 5 19:40:02 EDT 2013
Fix lock inconsistency in krb5_db2_unlock()
[ text below refers to new function names in krb5-1.10+ ]
The lock inconsistency fixed here is quite possibly the same as
described in https://bugzilla.redhat.com/show_bug.cgi?id=586032 .
The problem is that ctx_unlock() fails to unlock the principal DB if
it fails to unlock the policy DB, and this happens when ctx_lock()
fails to lock the policy DB (likely because the caller is racing
against a kdb5_util load, which will be using a "permanent" lock,
meaning that the lock file will be unlinked after acquiring the
lock). The fix is to perform both unlock operations *then* handle
any errors that either or both might have returned.
(back ported from commit 29ee39baa919361ae08e26caab896890d5cb3eb4)
https://github.com/krb5/krb5/commit/c5a0602e889bb17e85b7201d9e69d41ff5d9f315
Author: Tom Yu <tlyu at mit.edu>
Commit: c5a0602e889bb17e85b7201d9e69d41ff5d9f315
Branch: krb5-1.9
src/plugins/kdb/db2/kdb_db2.c | 21 ++++++++++++---------
1 files changed, 12 insertions(+), 9 deletions(-)
More information about the krb5-bugs
mailing list