oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
29,923 Commits 2 Branches 2 Tags
06f8985c55fcd23e3efe0017ed2480c5b3c4524f
Commit Graph

59 Commits

Author SHA1 Message Date
Nicolas Williams
733140553a kdc: Fix leaks 2019-12-09 21:39:30 -06:00
Nicolas Williams
d3ef0ee743 kdc: fix leaks 2019-10-03 13:09:18 -05:00
Viktor Dukhovni
7dc4481ed2 Avoid interposing pidfile(), use rk_pidfile() instead 2016-12-19 19:10:49 -05:00
Viktor Dukhovni
529a91d69a MacOS/X fixes 2016-06-09 01:13:14 -04:00
Nicolas Williams
4f87d85d65 Fix Windows build: no fork for kdc 2016-01-20 15:03:30 -06:00
Roland C. Dowdeswell
352a7e94a3 Make the KDC use a multi-process model. 
We now fork(2) a number of separate KDC processes rather than a single
process.  By default, the number is selected by asking how many CPUs
the machine has.  We also have a master process which monitors all
of the children (which do the actual work) and it will restart kids
who die for any reason.  The children will die when the parent dies.

In the case of MacOS X, we also move the bonjour code into another
separate child as it creates threads and this is known to play
rather poorly with fork(2).  We could move this logic into a
designated child at some point in the future.

We slow down the spawning to one every 25ms to prevent instant crashes
and restarts from consuming all available system time.  This approach
may want to be revisited in the future.
 2015-11-06 15:39:30 -05:00
Nicolas Williams
b48bed5f42 Daemons detach atomically to avoid having to wait 
Tests that start daemons have to "wait" for them to start.

This commit makes Heimdal daemons prep to detach (when requested) by
forking early, then having the child signal readiness to the parent when
the child really is ready.  The parent exits only which the child is
ready.  This means that tests will no longer need to wait for daemons.

However, tests will still need a pidfile or such so they can stop the
daemons.

Note that the --detach options should not be used on OS X from launchd,
only from tests.
 2015-03-24 11:49:59 -05:00
Love Hornquist Astrand
1d84562886 add HDBGET: that only supports get, iteration doesnt really make sense for the HDB keytab except when dumping 2013-10-15 12:40:39 +02:00
Love Hornquist Astrand
039b1941ea do chdir("/") after chroot() 2012-11-27 21:58:06 -08:00
Love Hörnquist Åstrand
503266c4a3 use json to drive kdc-tester 2011-11-21 20:34:35 -08:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Love Hornquist Astrand
2f9f212980 remove unused header file 2010-09-19 01:47:32 -07:00
Guido Günther
45a94f309b Use libcapng to drop all privileges 
except for CAPNG_NET_BIND_SERVICE so we can bind to ports < 1024.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-02-18 19:08:45 -08:00
Asanka Herath
b191b1e12f Make kdc build on windows 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-11-24 22:19:37 -08:00
Love Hornquist Astrand
ca6df0fffc remove sandbox for now since it also require a sandbox profile, and that is not ready yet 2009-11-22 06:46:25 -08:00
Love Hornquist Astrand
04c3fc9882 add support for sandbox 2009-11-22 00:25:56 -08:00
Love Hornquist Astrand
5d152d70eb Indent 2009-07-16 22:56:59 -07:00
Love Hornquist Astrand
3634423f36 Allow specifying runing user and chroot() enviroment 
Allow the admin to switch the user the kdc is running under and
specify the chroot() directory to run in.

Please note you need a very special setup to get this working.
 2009-07-16 22:15:26 -07:00
Love Hörnquist Åstrand
27ee616b53 wrap detach 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24413 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 00:40:04 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
7a339bab7d revert 20447, it doesnt pass the regression tests, exports too much 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20454 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-19 20:21:51 +00:00
Love Hörnquist Åstrand
0c2182a3ba Call out to Heimdal's krb5.conf processing to configure many aspects 
of KDC behaviour.  This should allow PKINIT to be turned on and
managed with reasonable sanity.

From Andrew Bartlet



git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20447 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-19 18:22:41 +00:00
Love Hörnquist Åstrand
a10e7216d6 (sigterm): don't _exit, let loop() catch the signal instead. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18095 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-09-16 17:28:05 +00:00
Love Hörnquist Åstrand
99b5923af8 Register hdb keytab operations. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17921 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-24 10:40:40 +00:00
Love Hörnquist Åstrand
de92125f9d adapt pkinit code to libkdc split 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15540 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-01 04:42:59 +00:00
Love Hörnquist Åstrand
7a3fc5e663 Don't pollute namespace, generate public headerfile 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15532 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-06-30 01:54:49 +00:00
Love Hörnquist Åstrand
7132a9b084 Merge in the libkdc/kdc configuration split from Andrew Bartlet <abartlet@samba.org> 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15529 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-06-30 01:03:35 +00:00
Love Hörnquist Åstrand
54f8d95f72 (main): catch KRB5_CONFIG_BADFORMAT from krb5_init_context 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15369 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-06-14 00:14:43 +00:00
Johan Danielsson
8b6244fb52 (sigterm) set exit_flag to signal causing exit; (main) trap SIGXCPU 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15301 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-30 11:19:23 +00:00
Love Hörnquist Åstrand
af6eb0f463 Don't test HAVE_DAEMON since roken supplies it. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15213 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-23 17:39:35 +00:00
Love Hörnquist Åstrand
9fa56507e9 (main): catch sigpipe, we don't bother select()ing for errors 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14399 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-12-13 22:24:26 +00:00
Johan Danielsson
b94f52a528 invert detach flag meaning to lessen the confusion 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11298 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-08-28 21:27:16 +00:00
Johan Danielsson
71d5ee0ce2 maybe detach from console? 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11296 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-08-28 21:12:03 +00:00
Assar Westerlund
67422a6b02 s/[gs]et_progname/[gs]etprogname/ 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9704 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-02-20 01:44:56 +00:00
Assar Westerlund
633782864b (main): handle krb5_init_context failure consistently 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9443 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-12-31 08:05:03 +00:00
Johan Danielsson
bfb5ec5f4e write a pid file 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8895 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-08-04 11:23:03 +00:00
Assar Westerlund
1f7251fa82 (main): also call sigterm on SIGTERM 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8210 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-05-12 09:58:08 +00:00
Johan Danielsson
c5b916ca6f remove advertising clause 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7464 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-02 17:05:13 +00:00
Johan Danielsson
69147acdb1 indent 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7345 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-11-11 15:19:05 +00:00
Johan Danielsson
6d36ebed76 make this work with multi-db 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7343 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-11-11 15:17:24 +00:00
Johan Danielsson
53e2cee457 update for multi-database code 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7335 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-11-09 18:04:03 +00:00
Johan Danielsson
fdce59c712 hdb_set_master_key -> hdb_set_master_keyfile 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5392 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-02-20 15:07:52 +00:00
Assar Westerlund
ae31038985 adapt to new hdb interface 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3628 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-10-16 04:14:00 +00:00
Assar Westerlund
01bf42dfe8 (main): use sigaction without SA_RESTART to break out of select when a 
signal arrives


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3418 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-09-07 23:27:12 +00:00
Johan Danielsson
7aae890bf5 use new master key functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3369 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-09-03 20:15:08 +00:00
Johan Danielsson
5dfa70dc05 remove usage 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3344 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-09-03 13:46:37 +00:00
Johan Danielsson
8e71be9037 init context before reading config file 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3136 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-24 12:34:03 +00:00
Johan Danielsson
a0464f4b20 Make context global. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2701 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-04 18:20:36 +00:00
Assar Westerlund
4586e9bb54 change order of stuff in `main' 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2692 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-01 16:25:52 +00:00