* acquire_cred.c: Include gss_libinit.h.
authorKen Raeburn <raeburn@mit.edu>
Wed, 14 Jul 2004 01:40:52 +0000 (01:40 +0000)
committerKen Raeburn <raeburn@mit.edu>
Wed, 14 Jul 2004 01:40:52 +0000 (01:40 +0000)
(gssint_krb5_keytab_lock): New mutex.
(krb5_gss_register_acceptor_identity, acquire_accept_cred): Lock the mutex
while manipulating krb5_gss_keytab.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16590 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/gssapi/krb5/ChangeLog
src/lib/gssapi/krb5/acquire_cred.c

index ce78f5940da68345a1cf42dc33b4d6af0dd0edda..2625b6b76de4e5d4134a0aca191c2ef0bb5bdfa3 100644 (file)
@@ -1,3 +1,10 @@
+2004-07-13  Ken Raeburn  <raeburn@mit.edu>
+
+       * acquire_cred.c: Include gss_libinit.h.
+       (gssint_krb5_keytab_lock): New mutex.
+       (krb5_gss_register_acceptor_identity, acquire_accept_cred): Lock
+       the mutex while manipulating krb5_gss_keytab.
+
 2004-07-08  Ken Raeburn  <raeburn@mit.edu>
 
        * Makefile.in (LOCALINCLUDES): Add $(srcdir)/.. to the list.
index 0a0de14b99a87d5dc1ff6d20094a318d8b9651f9..e86419e1932bf206e68284fb82d7c0aefb7c08c8 100644 (file)
@@ -71,6 +71,7 @@
  */
 
 #include "k5-int.h"
+#include "gss_libinit.h"
 #include "gssapiP_krb5.h"
 #ifdef HAVE_STRING_H
 #include <string.h>
@@ -78,6 +79,7 @@
 #include <strings.h>
 #endif
 
+k5_mutex_t gssint_krb5_keytab_lock = K5_MUTEX_PARTIAL_INITIALIZER;
 static char *krb5_gss_keytab = NULL;
 
 /* Heimdal calls this gsskrb5_register_acceptor_identity. */
@@ -85,19 +87,32 @@ OM_uint32 KRB5_CALLCONV
 krb5_gss_register_acceptor_identity(const char *keytab)
 {
     size_t     len;
+    char *new, *old;
+    int err;
+
+    err = gssint_initialize_library();
+    if (err != 0)
+       return GSS_S_FAILURE;
 
     if (keytab == NULL)
        return GSS_S_FAILURE;
-    if (krb5_gss_keytab != NULL)
-       free(krb5_gss_keytab);
 
     len = strlen(keytab);
-    krb5_gss_keytab = malloc(len + 1);
-    if (krb5_gss_keytab == NULL)
+    new = malloc(len + 1);
+    if (new == NULL)
        return GSS_S_FAILURE;
+    strcpy(new, keytab);
 
-    strcpy(krb5_gss_keytab, keytab);
-
+    err = k5_mutex_lock(&gssint_krb5_keytab_lock);
+    if (err) {
+       free(new);
+       return GSS_S_FAILURE;
+    }
+    old = krb5_gss_keytab;
+    krb5_gss_keytab = new;
+    k5_mutex_unlock(&gssint_krb5_keytab_lock);
+    if (old != NULL)
+       free(old);
     return GSS_S_COMPLETE;
 }
 
@@ -126,10 +141,23 @@ acquire_accept_cred(context, minor_status, desired_name, output_princ, cred)
 
    /* open the default keytab */
 
-   if (krb5_gss_keytab != NULL)
+   code = gssint_initialize_library();
+   if (code != 0) {
+       *minor_status = code;
+       return GSS_S_FAILURE;
+   }
+   code = k5_mutex_lock(&gssint_krb5_keytab_lock);
+   if (code) {
+       *minor_status = code;
+       return GSS_S_FAILURE;
+   }
+   if (krb5_gss_keytab != NULL) {
       code = krb5_kt_resolve(context, krb5_gss_keytab, &kt);
-   else
+      k5_mutex_unlock(&gssint_krb5_keytab_lock);
+   } else {
+      k5_mutex_unlock(&gssint_krb5_keytab_lock);
       code = krb5_kt_default(context, &kt);
+   }
 
    if (code) {
       *minor_status = code;