bug in profile_update_file_data_locked()?
Will Fiveash
will.fiveash at oracle.com
Mon Sep 10 17:57:03 EDT 2012
I think I may have found a bug in profile_update_file_data_locked().
Recently I had written some code that was basically creating a krb
profile in memory then doing profile_close_file(profile->first_file) to
flush it out to the filesystem. Immediately after that
kadm5_init_with_password() is called which was returning
KADM5_MISSING_KRB5_CONF_PARAMS. Debugging further I found in
_kadm5_init_any() this:
if (((handle->params.mask & REQUIRED_PARAMS) != REQUIRED_PARAMS) &&
((handle->params.mask & KPW_REQUIRED_PARAMS) != KPW_REQUIRED_PARAMS)) {
(void) kadm5_free_config_params(handle->context,
&handle->params);
free(handle->lhandle);
free(handle);
return KADM5_MISSING_KRB5_CONF_PARAMS;
}
which was where the error was being returned. I then noticed in
profile_update_file_data_locked() this logic:
#ifdef HAVE_STAT
now = time(0);
if (now == data->last_stat && data->root != NULL) {
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
return 0;
}
if (stat(data->filespec, &st)) {
return errno;
}
Putting in some debug syslogs I noticed that when
profile_update_file_data_locked() is called via
_kadm5_init_any()->kadm5_get_config_params()->get_string_param()->etc...
the:
if (now == data->last_stat && data->root != NULL) {
test is true and so the profile file is not opened nor is data-root
updated. The effect of this is that the admin_server spec that was
written out to krb5.conf is not found so KADM5_MISSING_KRB5_CONF_PARAMS
is returned. If I comment out
if (now == data->last_stat && data->root != NULL) {
and always execute the following:
if (stat(data->filespec, &st)) {
then I don't see KADM5_MISSING_KRB5_CONF_PARAMS being returned.
Thoughts?
--
Will Fiveash
Oracle Solaris Software Engineer
http://opensolaris.org/os/project/kerberos/
Sent using mutt, a sweet, text based e-mail app <http://www.mutt.org/>
More information about the krbdev
mailing list