oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Do not recover log in kadm5_get_principal()

Browse Source
This commit is contained in:
Nicolas Williams
2019-09-17 16:21:29 -05:00
committed by Nico Williams
parent afaaf3d89d
commit c6d0793e63
2 changed files with 14 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
lib/kadm5/get_s.c
View File

@@ -123,31 +123,26 @@ kadm5_s_get_principal(void *server_handle,
kadm5_server_context *context = server_handle; kadm5_server_context *context = server_handle;
kadm5_ret_t ret; kadm5_ret_t ret;
hdb_entry_ex ent; hdb_entry_ex ent;
int hdb_is_rw = 1;
memset(&ent, 0, sizeof(ent)); memset(&ent, 0, sizeof(ent));
memset(out, 0, sizeof(*out)); memset(out, 0, sizeof(*out));
if (!context->keep_open) { if (!context->keep_open) {
ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); ret = context->db->hdb_open(context->context, context->db, O_RDONLY, 0);
if (ret == EPERM || ret == EACCES) {
ret = context->db->hdb_open(context->context, context->db, O_RDONLY, 0);
hdb_is_rw = 0;
}
if (ret) if (ret)
return ret; return ret;
} }
/* /*
* Attempt to recover the log. This will generally fail on slaves, * We may want to attempt to recover the log on read operations, but we
* and we can't tell if we're on a slave here. * because the HDB/log lock order is reversed on slaves, in order to avoid
* lock contention from kadm5srv apps we need to make sure that the the HDB
* open for read-write is optimistic and attempts only a non-blocking lock,
* and if it doesn't get it then it should fallback to read-only. But we
* don't have that option in the hdb_open() interface at this time.
* *
* Perhaps we could set a flag in the kadm5_server_context to * For now we won't attempt to recover the log.
* indicate whether a read has been done without recovering the log,
* in which case we could fail any subsequent writes.
*/ */
if (hdb_is_rw && kadm5_log_init_nb(context) == 0)
(void) kadm5_log_end(context);
ret = context->db->hdb_fetch_kvno(context->context, context->db, princ, ret = context->db->hdb_fetch_kvno(context->context, context->db, princ,
HDB_F_DECRYPT|HDB_F_ALL_KVNOS| HDB_F_DECRYPT|HDB_F_ALL_KVNOS|

8
tests/kdc/check-iprop.in
View File

@@ -157,7 +157,8 @@ echo foo > ${objdir}/foopassword
echo "Test log recovery" echo "Test log recovery"
${kadmin} -l add --random-key --use-defaults recovtest@${R} || exit 1 ${kadmin} -l add --random-key --use-defaults recovtest@${R} || exit 1
# Test theory: save the log, make a change and save the record it # Test theory: save the log, make a change and save the record it
# produced, restore the log, append to it the saved record, then get # produced, restore the log, append to it the saved record, then add dummy
# record.
# Save the log # Save the log
cp current.log current.log.tmp cp current.log current.log.tmp
@@ -180,7 +181,10 @@ mv current.log.tmp current.log
# Append the saved record # Append the saved record
cat current.log.tmp.saved-record >> current.log cat current.log.tmp.saved-record >> current.log
rm current.log.tmp.saved-record rm current.log.tmp.saved-record
# Check that we still see the principal as modified # Check that we still see the principal as modified after another write forcing
# log recovery.
${kadmin} -l add --random-key --use-defaults dummy@${R} || exit 1
${kadmin} -l del dummy@${R} || exit 1
${kadmin} -l get recovtest@${R} | grep 'Attributes: requires-pre-auth$' > /dev/null || exit 1 ${kadmin} -l get recovtest@${R} | grep 'Attributes: requires-pre-auth$' > /dev/null || exit 1
# -- foo # -- foo