#include <errno.h>
-#ifdef POSIX_FILE_LOCKS
-#include <fcntl.h>
-#endif
-
#include <stdio.h>
#include <ctype.h>
#include <sys/file.h>
#include <krb5/kdb_dbm.h>
#include <krb5/ext-proto.h>
#include <krb5/los-proto.h>
+#include <krb5/libos.h>
#include <com_err.h>
#ifdef NEED_SYS_FCNTL_H
void PRS();
void get_tickets();
-static void usage();
-krb5_error_code open_connection();
-void kerberos_authenticate();
-int open_database();
-void xmit_database();
-void send_error();
-void update_last_prop_file();
+static void usage NPROTOTYPE((void));
+krb5_error_code open_connection NPROTOTYPE((char *, int *, char *));
+void kerberos_authenticate NPROTOTYPE((int, krb5_principal));
+int open_database NPROTOTYPE((char *, int *));
+void close_database NPROTOTYPE((int));
+void xmit_database NPROTOTYPE((int, int, int));
+void send_error NPROTOTYPE((int, int, int));
+void update_last_prop_file NPROTOTYPE((char *, char *));
static void usage()
{
xmit_database(fd, database_fd, database_size);
update_last_prop_file(slave_host, file);
printf("Database propagation to %s: SUCCEEDED\n", slave_host);
+ close_database(database_fd);
exit(0);
}
krb5_free_ap_rep_enc_part(rep_result);
}
+FILE * dbfp;
+char * dbpathname;
/*
* Open the Kerberos database dump file. Takes care of locking it
* and making sure that the .ok file is more recent that the database
int *size;
{
int fd;
+ int err;
struct stat stbuf, stbuf_ok;
char *data_ok_fn;
static char ok[] = ".dump_ok";
-#ifdef POSIX_FILE_LOCKS
- struct flock lock_arg;
-#endif
- if ((fd = open(data_fn, O_RDONLY)) < 0) {
+ dbpathname = strdup(data_fn);
+ if (!dbpathname) {
+ com_err(progname, ENOMEM, "allocating database file name '%s'",
+ data_fn);
+ exit(1);
+ }
+ if ((dbfp = fopen(dbpathname, "r")) == 0) {
com_err(progname, errno, "while trying to open %s",
- data_fn);
+ dbpathname);
exit(1);
}
-
-#ifdef POSIX_FILE_LOCKS
- lock_arg.l_whence = 0;
- lock_arg.l_start = 0;
- lock_arg.l_len = 0;
- if (fcntl(fd, F_SETLK, &lock_arg) == -1) {
- if (errno == EACCES || errno == EAGAIN)
- com_err(progname, 0, "database locked");
- else
- com_err(progname, errno, "while trying to flock %s",
- data_fn);
- exit(1);
- }
-#else
- if (flock(fd, LOCK_SH | LOCK_NB) < 0) {
- if (errno == EWOULDBLOCK || errno == EAGAIN)
- com_err(progname, 0, "database locked");
- else
- com_err(progname, errno, "while trying to flock %s",
- data_fn);
- exit(1);
- }
-#endif
+
+ err = krb5_lock_file(dbfp, dbpathname,
+ KRB5_LOCKMODE_SHARED|KRB5_LOCKMODE_DONTBLOCK);
+ if (err == EAGAIN || err == EWOULDBLOCK || errno == EACCES) {
+ com_err(progname, 0, "database locked");
+ exit(1);
+ } else if (err) {
+ com_err(progname, err, "while trying to lock '%s'", dbpathname);
+ exit(1);
+ }
+ fd = fileno(dbfp);
if (fstat(fd, &stbuf)) {
com_err(progname, errno, "while trying to stat %s",
data_fn);
return(fd);
}
+void
+close_database(fd)
+ int fd;
+{
+ int err;
+ if (fd != fileno(dbfp)) {
+ com_err(progname, 0, "bad fd passed to close_database");
+ exit(1);
+ }
+ err = krb5_file_lock(dbfp, dbpathname, KRB5_LOCKMODE_UNLOCK);
+ if (err)
+ com_err(progname, err, "while unlocking database '%s'", dbpathname);
+ free(dbpathname);
+ (void) fclose(dbfp);
+ return;
+}
+
/*
* Now we send over the database. We use the following protocol:
* Send over a KRB_SAFE message with the size. Then we send over the
#include <krb5/kdb_dbm.h>
#include <krb5/ext-proto.h>
#include <krb5/los-proto.h>
+#include <krb5/libos.h>
#include <com_err.h>
#include <errno.h>
int on = 1, fromlen;
struct hostent *hp;
krb5_error_code retval;
- int lock_fd;
+ FILE *lock_fp;
+ int omask;
fromlen = sizeof (from);
if (getpeername(fd, (struct sockaddr *) &from, &fromlen) < 0) {
printf("My sequence number: %d\n", my_seq_num);
printf("His sequence number: %d\n", his_seq_num);
}
- if ((lock_fd = (open(temp_file_name, O_WRONLY | O_CREAT, 0600))) < 0) {
- com_err(progname, errno,
- "while opening database file, '%s'",
- temp_file_name);
- exit(1);
- }
-#ifdef POSIX_FILE_LOCKS
- {
- int lock_cmd = F_SETLK;
- struct flock lock_arg;
-
- lock_arg.l_type = F_WRLCK;
- lock_arg.l_whence = 0;
- lock_arg.l_start = 0;
- lock_arg.l_len = 0;
-
- if (fcntl(lock_fd, lock_cmd, &lock_arg) == -1) {
- /* see POSIX/IEEE 1003.1-1988, 6.5.2.4 */
- if (errno == EACCES || errno == EAGAIN)
- errno = EAGAIN;
- com_err(progname, errno, "while trying to lock '%s'",
- temp_file_name);
- }
+ omask = umask(077);
+ lock_fp = fopen(temp_file_name, "a");
+ (void) umask(omask);
+ retval = krb5_lock_file(lock_fp, temp_file_name,
+ KRB5_LOCKMODE_EXCLUSIVE|KRB5_LOCKMODE_DONTBLOCK);
+ if (retval) {
+ com_err(progname, retval, "while trying to lock '%s'",
+ temp_file_name);
+ exit(1);
}
-#else
- if (flock(lock_fd, LOCK_EX | LOCK_NB)) {
- com_err(progname, errno, "while trying to lock '%s'",
- temp_file_name);
- exit(1);
- }
-#endif
if ((database_fd = open(temp_file_name,
O_WRONLY|O_CREAT|O_TRUNC, 0600)) < 0) {
com_err(progname, errno,
exit(1);
}
load_database(kdb5_edit, file);
- close(lock_fd);
+ retval = krb5_lock_file(lock_fp, temp_file_name, KRB5_LOCKMODE_UNLOCK);
+ if (retval) {
+ com_err(progname, retval, "while unlocking '%s'", temp_file_name);
+ exit(1);
+ }
+ (void) fclose(lock_fp);
exit(0);
}
projects / krb5.git / commitdiff