projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: aa75cd7)
pull up r18793 from trunk
authorTom Yu <tlyu@mit.edu>
Sat, 11 Nov 2006 01:57:23 +0000 (01:57 +0000)
committerTom Yu <tlyu@mit.edu>
Sat, 11 Nov 2006 01:57:23 +0000 (01:57 +0000)
 r18793@cathode-dark-space:  rra | 2006-11-09 18:29:26 -0500
 ticket: new
 subject: Delay kadmind random number initialization until after fork
 Component: krb5-admin
 Version_Reported: 1.4.4
 Target_Version 1.6
 Tags: pullup

 Delay initialization of the random number generator in kadmind until
 after the fork and backgrounding of the process.  Otherwise, a lack of
 sufficient entropy during the system boot process will delay system
 boot on systems that run each init script in series and that start
 kadmind via an init script.

ticket: 4693
version_fixed: 1.6

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18797 dc483132-0cff-0310-8789-dd5450dbe970

src/kadmin/server/ovsec_kadmd.c patch | blob | history

diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c
index 1efdf078bf3e5bebb8eca142863092b79ad3d8d1..48fc38daae4c40683eec1c2c0d5f1f04863143a9 100644 (file)
--- a/src/kadmin/server/ovsec_kadmd.c
+++ b/src/kadmin/server/ovsec_kadmd.c
@@ -301,15 +301,6 @@ int main(int argc, char *argv[])
 
      krb5_klog_init(context, "admin_server", whoami, 1);
 
-     krb5_klog_syslog(LOG_INFO, "Seeding random number generator");
-          ret = krb5_c_random_os_entropy(context, 1, NULL);
-         if(ret) {
-           krb5_klog_syslog(LOG_ERR,
-                            "Error getting random seed: %s, aborting",
-                            krb5_get_error_message (context, ret));
-           exit(1);
-         }
-         
      if((ret = kadm5_init("kadmind", NULL,
                          NULL, &params,
                          KADM5_STRUCT_VERSION,
@@ -639,6 +630,17 @@ kterr:
          exit(1);
      }
      
+     krb5_klog_syslog(LOG_INFO, "Seeding random number generator");
+     ret = krb5_c_random_os_entropy(context, 1, NULL);
+     if (ret) {
+         krb5_klog_syslog(LOG_ERR, "Error getting random seed: %s, aborting",
+                          krb5_get_error_message(context, ret));
+         svcauth_gssapi_unset_names();
+         kadm5_destroy(global_server_handle);
+         krb5_klog_close(context);
+         exit(1);
+     }
+         
      setup_signal_handlers();
      krb5_klog_syslog(LOG_INFO, "starting");
      kadm_svc_run(&params);
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.