From 7231c4208f462ffb0d5f1cbb7c3f74dc694fce99 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Wed, 14 Jul 2004 01:40:52 +0000 Subject: [PATCH] * acquire_cred.c: Include gss_libinit.h. (gssint_krb5_keytab_lock): New mutex. (krb5_gss_register_acceptor_identity, acquire_accept_cred): Lock the mutex while manipulating krb5_gss_keytab. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16590 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/krb5/ChangeLog | 7 +++++ src/lib/gssapi/krb5/acquire_cred.c | 44 ++++++++++++++++++++++++------ 2 files changed, 43 insertions(+), 8 deletions(-) diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index ce78f5940..2625b6b76 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,10 @@ +2004-07-13 Ken Raeburn + + * acquire_cred.c: Include gss_libinit.h. + (gssint_krb5_keytab_lock): New mutex. + (krb5_gss_register_acceptor_identity, acquire_accept_cred): Lock + the mutex while manipulating krb5_gss_keytab. + 2004-07-08 Ken Raeburn * Makefile.in (LOCALINCLUDES): Add $(srcdir)/.. to the list. diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index 0a0de14b9..e86419e19 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -71,6 +71,7 @@ */ #include "k5-int.h" +#include "gss_libinit.h" #include "gssapiP_krb5.h" #ifdef HAVE_STRING_H #include @@ -78,6 +79,7 @@ #include #endif +k5_mutex_t gssint_krb5_keytab_lock = K5_MUTEX_PARTIAL_INITIALIZER; static char *krb5_gss_keytab = NULL; /* Heimdal calls this gsskrb5_register_acceptor_identity. */ @@ -85,19 +87,32 @@ OM_uint32 KRB5_CALLCONV krb5_gss_register_acceptor_identity(const char *keytab) { size_t len; + char *new, *old; + int err; + + err = gssint_initialize_library(); + if (err != 0) + return GSS_S_FAILURE; if (keytab == NULL) return GSS_S_FAILURE; - if (krb5_gss_keytab != NULL) - free(krb5_gss_keytab); len = strlen(keytab); - krb5_gss_keytab = malloc(len + 1); - if (krb5_gss_keytab == NULL) + new = malloc(len + 1); + if (new == NULL) return GSS_S_FAILURE; + strcpy(new, keytab); - strcpy(krb5_gss_keytab, keytab); - + err = k5_mutex_lock(&gssint_krb5_keytab_lock); + if (err) { + free(new); + return GSS_S_FAILURE; + } + old = krb5_gss_keytab; + krb5_gss_keytab = new; + k5_mutex_unlock(&gssint_krb5_keytab_lock); + if (old != NULL) + free(old); return GSS_S_COMPLETE; } @@ -126,10 +141,23 @@ acquire_accept_cred(context, minor_status, desired_name, output_princ, cred) /* open the default keytab */ - if (krb5_gss_keytab != NULL) + code = gssint_initialize_library(); + if (code != 0) { + *minor_status = code; + return GSS_S_FAILURE; + } + code = k5_mutex_lock(&gssint_krb5_keytab_lock); + if (code) { + *minor_status = code; + return GSS_S_FAILURE; + } + if (krb5_gss_keytab != NULL) { code = krb5_kt_resolve(context, krb5_gss_keytab, &kt); - else + k5_mutex_unlock(&gssint_krb5_keytab_lock); + } else { + k5_mutex_unlock(&gssint_krb5_keytab_lock); code = krb5_kt_default(context, &kt); + } if (code) { *minor_status = code; -- 2.26.2