|
 |
4be148 |
commit 123c14fd8862ee8f11f6084d25958cb380655f35
|
|
|
4be148 |
Author: Günther Deschner <gdeschner@redhat.com>
|
|
|
4be148 |
Date: Wed Mar 5 16:21:55 2014 +0100
|
|
|
4be148 |
|
|
|
4be148 |
Remove dead code from the mechglue initialization
|
|
|
4be148 |
|
|
|
4be148 |
The stat check in gss_indicate_mechs had no consequent and would have
|
|
|
4be148 |
been redundant with logic in updateMechList if it did.
|
|
|
4be148 |
|
|
|
4be148 |
[ghudson@mit.edu: elaborated commit message; removed unused
|
|
|
4be148 |
g_mechSetTime and now-irrelevant comment]
|
|
|
4be148 |
|
|
|
4be148 |
diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
|
|
|
4be148 |
index 48a825e..c6904e0 100644
|
|
|
4be148 |
--- a/src/lib/gssapi/mechglue/g_initialize.c
|
|
|
4be148 |
+++ b/src/lib/gssapi/mechglue/g_initialize.c
|
|
|
4be148 |
@@ -91,7 +91,6 @@ static gss_mech_info g_mechListTail = NULL;
|
|
|
4be148 |
static k5_mutex_t g_mechListLock = K5_MUTEX_PARTIAL_INITIALIZER;
|
|
|
4be148 |
static time_t g_confFileModTime = (time_t)0;
|
|
|
4be148 |
|
|
|
4be148 |
-static time_t g_mechSetTime = (time_t)0;
|
|
|
4be148 |
static gss_OID_set_desc g_mechSet = { 0, NULL };
|
|
|
4be148 |
static k5_mutex_t g_mechSetLock = K5_MUTEX_PARTIAL_INITIALIZER;
|
|
|
4be148 |
|
|
|
4be148 |
@@ -213,8 +212,6 @@ gss_indicate_mechs(minorStatus, mechSet_out)
|
|
|
4be148 |
OM_uint32 *minorStatus;
|
|
|
4be148 |
gss_OID_set *mechSet_out;
|
|
|
4be148 |
{
|
|
|
4be148 |
- char *fileName;
|
|
|
4be148 |
- struct stat fileInfo;
|
|
|
4be148 |
OM_uint32 status;
|
|
|
4be148 |
|
|
|
4be148 |
/* Initialize outputs. */
|
|
|
4be148 |
@@ -233,16 +230,6 @@ gss_OID_set *mechSet_out;
|
|
|
4be148 |
if (*minorStatus != 0)
|
|
|
4be148 |
return (GSS_S_FAILURE);
|
|
|
4be148 |
|
|
|
4be148 |
- fileName = MECH_CONF;
|
|
|
4be148 |
-
|
|
|
4be148 |
- /*
|
|
|
4be148 |
- * If we have already computed the mechanisms supported and if it
|
|
|
4be148 |
- * is still valid; make a copy and return to caller,
|
|
|
4be148 |
- * otherwise build it first.
|
|
|
4be148 |
- */
|
|
|
4be148 |
- if ((stat(fileName, &fileInfo) == 0 &&
|
|
|
4be148 |
- fileInfo.st_mtime > g_mechSetTime)) {
|
|
|
4be148 |
- } /* if g_mechSet is out of date or not initialized */
|
|
|
4be148 |
if (build_mechSet())
|
|
|
4be148 |
return GSS_S_FAILURE;
|
|
|
4be148 |
|
|
|
4be148 |
@@ -289,20 +276,6 @@ build_mechSet(void)
|
|
|
4be148 |
*/
|
|
|
4be148 |
k5_mutex_lock(&g_mechListLock);
|
|
|
4be148 |
|
|
|
4be148 |
-#if 0
|
|
|
4be148 |
- /*
|
|
|
4be148 |
- * this checks for the case when we need to re-construct the
|
|
|
4be148 |
- * g_mechSet structure, but the mechanism list is upto date
|
|
|
4be148 |
- * (because it has been read by someone calling
|
|
|
4be148 |
- * gssint_get_mechanism)
|
|
|
4be148 |
- */
|
|
|
4be148 |
- if (fileInfo.st_mtime > g_confFileModTime)
|
|
|
4be148 |
- {
|
|
|
4be148 |
- g_confFileModTime = fileInfo.st_mtime;
|
|
|
4be148 |
- loadConfigFile(fileName);
|
|
|
4be148 |
- }
|
|
|
4be148 |
-#endif
|
|
|
4be148 |
-
|
|
|
4be148 |
updateMechList();
|
|
|
4be148 |
|
|
|
4be148 |
/*
|
|
|
4be148 |
|
|
|
4be148 |
commit 05cbef80d53f49d30a5d0563501226dc173734d4
|
|
|
4be148 |
Author: Günther Deschner <gdeschner@redhat.com>
|
|
|
4be148 |
Date: Wed Mar 5 15:25:43 2014 +0100
|
|
|
4be148 |
|
|
|
4be148 |
Load mechglue config files from /etc/gss/mech.d
|
|
|
4be148 |
|
|
|
4be148 |
In addition to loading /etc/gss/mech, glob for *.conf files in
|
|
|
4be148 |
/etc/gss/mech.d. Load only config files which have changed since the
|
|
|
4be148 |
highest mtime we saw in the previous scan. Scan at most once per
|
|
|
4be148 |
second to avoid excessive numbers of filesystem syscalls for busy
|
|
|
4be148 |
GSSAPI applications.
|
|
|
4be148 |
|
|
|
4be148 |
[ghudson@mit.edu: rewrote commit message; style changes; added
|
|
|
4be148 |
once-per-second throttle on glob/stat calls]
|
|
|
4be148 |
|
|
|
4be148 |
ticket: 7882 (new)
|
|
|
4be148 |
|
|
|
4be148 |
diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
|
|
|
4be148 |
index c6904e0..f0acf1a 100644
|
|
|
4be148 |
--- a/src/lib/gssapi/mechglue/g_initialize.c
|
|
|
4be148 |
+++ b/src/lib/gssapi/mechglue/g_initialize.c
|
|
|
4be148 |
@@ -41,6 +41,7 @@
|
|
|
4be148 |
#include <string.h>
|
|
|
4be148 |
#include <ctype.h>
|
|
|
4be148 |
#include <errno.h>
|
|
|
4be148 |
+#include <glob.h>
|
|
|
4be148 |
|
|
|
4be148 |
#define M_DEFAULT "default"
|
|
|
4be148 |
|
|
|
4be148 |
@@ -58,6 +59,7 @@
|
|
|
4be148 |
#ifndef MECH_CONF
|
|
|
4be148 |
#define MECH_CONF "/etc/gss/mech"
|
|
|
4be148 |
#endif
|
|
|
4be148 |
+#define MECH_CONF_PATTERN MECH_CONF ".d/*.conf"
|
|
|
4be148 |
|
|
|
4be148 |
/* Local functions */
|
|
|
4be148 |
static void addConfigEntry(const char *oidStr, const char *oid,
|
|
|
4be148 |
@@ -90,6 +92,7 @@ static gss_mech_info g_mechList = NULL;
|
|
|
4be148 |
static gss_mech_info g_mechListTail = NULL;
|
|
|
4be148 |
static k5_mutex_t g_mechListLock = K5_MUTEX_PARTIAL_INITIALIZER;
|
|
|
4be148 |
static time_t g_confFileModTime = (time_t)0;
|
|
|
4be148 |
+static time_t g_confLastCall = (time_t)0;
|
|
|
4be148 |
|
|
|
4be148 |
static gss_OID_set_desc g_mechSet = { 0, NULL };
|
|
|
4be148 |
static k5_mutex_t g_mechSetLock = K5_MUTEX_PARTIAL_INITIALIZER;
|
|
|
4be148 |
@@ -383,6 +386,56 @@ const gss_OID oid;
|
|
|
4be148 |
return (modOptions);
|
|
|
4be148 |
} /* gssint_get_modOptions */
|
|
|
4be148 |
|
|
|
4be148 |
+/* Return the mtime of filename or its eventual symlink target (if it is a
|
|
|
4be148 |
+ * symlink), whichever is larger. Return (time_t)-1 if lstat or stat fails. */
|
|
|
4be148 |
+static time_t
|
|
|
4be148 |
+check_link_mtime(const char *filename, time_t *mtime_out)
|
|
|
4be148 |
+{
|
|
|
4be148 |
+ struct stat st1, st2;
|
|
|
4be148 |
+
|
|
|
4be148 |
+ if (lstat(filename, &st1) != 0)
|
|
|
4be148 |
+ return (time_t)-1;
|
|
|
4be148 |
+ if (!S_ISLNK(st1.st_mode))
|
|
|
4be148 |
+ return st1.st_mtime;
|
|
|
4be148 |
+ if (stat(filename, &st2) != 0)
|
|
|
4be148 |
+ return (time_t)-1;
|
|
|
4be148 |
+ return (st1.st_mtime > st2.st_mtime) ? st1.st_mtime : st2.st_mtime;
|
|
|
4be148 |
+}
|
|
|
4be148 |
+
|
|
|
4be148 |
+/* Try to load any config files which have changed since the last call. Config
|
|
|
4be148 |
+ * files are MECH_CONF and any files matching MECH_CONF_PATTERN. */
|
|
|
4be148 |
+static void
|
|
|
4be148 |
+loadConfigFiles()
|
|
|
4be148 |
+{
|
|
|
4be148 |
+ glob_t globbuf;
|
|
|
4be148 |
+ time_t highest_mtime = 0, mtime, now;
|
|
|
4be148 |
+ char **pathptr;
|
|
|
4be148 |
+
|
|
|
4be148 |
+ /* Don't glob and stat more than once per second. */
|
|
|
4be148 |
+ if (time(&now) == (time_t)-1 || now == g_confLastCall)
|
|
|
4be148 |
+ return;
|
|
|
4be148 |
+ g_confLastCall = now;
|
|
|
4be148 |
+
|
|
|
4be148 |
+ globbuf.gl_offs = 1;
|
|
|
4be148 |
+ if (glob(MECH_CONF_PATTERN, GLOB_DOOFFS, NULL, &globbuf) != 0)
|
|
|
4be148 |
+ return;
|
|
|
4be148 |
+ globbuf.gl_pathv[0] = MECH_CONF;
|
|
|
4be148 |
+
|
|
|
4be148 |
+ for (pathptr = globbuf.gl_pathv; *pathptr != NULL; pathptr++) {
|
|
|
4be148 |
+ mtime = check_link_mtime(*pathptr, &mtime);
|
|
|
4be148 |
+ if (mtime == (time_t)-1)
|
|
|
4be148 |
+ continue;
|
|
|
4be148 |
+ if (mtime > highest_mtime)
|
|
|
4be148 |
+ highest_mtime = mtime;
|
|
|
4be148 |
+ if (mtime > g_confFileModTime)
|
|
|
4be148 |
+ loadConfigFile(*pathptr);
|
|
|
4be148 |
+ }
|
|
|
4be148 |
+ g_confFileModTime = highest_mtime;
|
|
|
4be148 |
+
|
|
|
4be148 |
+ globbuf.gl_pathv[0] = NULL;
|
|
|
4be148 |
+ globfree(&globbuf);
|
|
|
4be148 |
+}
|
|
|
4be148 |
+
|
|
|
4be148 |
/*
|
|
|
4be148 |
* determines if the mechList needs to be updated from file
|
|
|
4be148 |
* and performs the update.
|
|
|
4be148 |
@@ -401,17 +454,7 @@ updateMechList(void)
|
|
|
4be148 |
loadConfigFromRegistry(HKEY_CURRENT_USER, MECH_KEY);
|
|
|
4be148 |
loadConfigFromRegistry(HKEY_LOCAL_MACHINE, MECH_KEY);
|
|
|
4be148 |
#else /* _WIN32 */
|
|
|
4be148 |
- char *fileName;
|
|
|
4be148 |
- struct stat fileInfo;
|
|
|
4be148 |
-
|
|
|
4be148 |
- fileName = MECH_CONF;
|
|
|
4be148 |
-
|
|
|
4be148 |
- /* check if mechList needs updating */
|
|
|
4be148 |
- if (stat(fileName, &fileInfo) != 0 ||
|
|
|
4be148 |
- g_confFileModTime >= fileInfo.st_mtime)
|
|
|
4be148 |
- return;
|
|
|
4be148 |
- g_confFileModTime = fileInfo.st_mtime;
|
|
|
4be148 |
- loadConfigFile(fileName);
|
|
|
4be148 |
+ loadConfigFiles();
|
|
|
4be148 |
#endif /* !_WIN32 */
|
|
|
4be148 |
|
|
|
4be148 |
/* Load any unloaded interposer mechanisms immediately, to make sure we
|
|
|
4be148 |
|
|
|
4be148 |
commit ac98187641f6943ae571606c0b6a97f236f9b60c
|
|
|
4be148 |
Author: Greg Hudson <ghudson@mit.edu>
|
|
|
4be148 |
Date: Wed May 28 23:51:49 2014 -0400
|
|
|
4be148 |
|
|
|
4be148 |
Read /etc/gss/mech if no mech.d/*.conf found
|
|
|
4be148 |
|
|
|
4be148 |
Always read /etc/gss/mech, even if globbing /etc/gss/mech.d/*.conf
|
|
|
4be148 |
doesn't work. Doing this using GLOB_DOOFFS proved error-prone, so use
|
|
|
4be148 |
a simpler approach: factor out the per-pathname handling into a helper
|
|
|
4be148 |
function load_if_changed, call it with MECH_CONF before the glob, then
|
|
|
4be148 |
pass each glob result through the helper.
|
|
|
4be148 |
|
|
|
4be148 |
ticket: 7925
|
|
|
4be148 |
|
|
|
4be148 |
diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
|
|
|
4be148 |
index f0acf1a..8bce14c 100644
|
|
|
4be148 |
--- a/src/lib/gssapi/mechglue/g_initialize.c
|
|
|
4be148 |
+++ b/src/lib/gssapi/mechglue/g_initialize.c
|
|
|
4be148 |
@@ -402,38 +402,45 @@ check_link_mtime(const char *filename, time_t *mtime_out)
|
|
|
4be148 |
return (st1.st_mtime > st2.st_mtime) ? st1.st_mtime : st2.st_mtime;
|
|
|
4be148 |
}
|
|
|
4be148 |
|
|
|
4be148 |
+/* Load pathname if it is newer than last. Update *highest to the maximum of
|
|
|
4be148 |
+ * its current value and pathname's mod time. */
|
|
|
4be148 |
+static void
|
|
|
4be148 |
+load_if_changed(const char *pathname, time_t last, time_t *highest)
|
|
|
4be148 |
+{
|
|
|
4be148 |
+ time_t mtime;
|
|
|
4be148 |
+
|
|
|
4be148 |
+ mtime = check_link_mtime(pathname, &mtime);
|
|
|
4be148 |
+ if (mtime == (time_t)-1)
|
|
|
4be148 |
+ return;
|
|
|
4be148 |
+ if (mtime > *highest)
|
|
|
4be148 |
+ *highest = mtime;
|
|
|
4be148 |
+ if (mtime > last)
|
|
|
4be148 |
+ loadConfigFile(pathname);
|
|
|
4be148 |
+}
|
|
|
4be148 |
+
|
|
|
4be148 |
/* Try to load any config files which have changed since the last call. Config
|
|
|
4be148 |
* files are MECH_CONF and any files matching MECH_CONF_PATTERN. */
|
|
|
4be148 |
static void
|
|
|
4be148 |
loadConfigFiles()
|
|
|
4be148 |
{
|
|
|
4be148 |
glob_t globbuf;
|
|
|
4be148 |
- time_t highest_mtime = 0, mtime, now;
|
|
|
4be148 |
- char **pathptr;
|
|
|
4be148 |
+ time_t highest = 0, now;
|
|
|
4be148 |
+ char **path;
|
|
|
4be148 |
|
|
|
4be148 |
/* Don't glob and stat more than once per second. */
|
|
|
4be148 |
if (time(&now) == (time_t)-1 || now == g_confLastCall)
|
|
|
4be148 |
return;
|
|
|
4be148 |
g_confLastCall = now;
|
|
|
4be148 |
|
|
|
4be148 |
- globbuf.gl_offs = 1;
|
|
|
4be148 |
- if (glob(MECH_CONF_PATTERN, GLOB_DOOFFS, NULL, &globbuf) != 0)
|
|
|
4be148 |
- return;
|
|
|
4be148 |
- globbuf.gl_pathv[0] = MECH_CONF;
|
|
|
4be148 |
+ load_if_changed(MECH_CONF, g_confFileModTime, &highest);
|
|
|
4be148 |
|
|
|
4be148 |
- for (pathptr = globbuf.gl_pathv; *pathptr != NULL; pathptr++) {
|
|
|
4be148 |
- mtime = check_link_mtime(*pathptr, &mtime);
|
|
|
4be148 |
- if (mtime == (time_t)-1)
|
|
|
4be148 |
- continue;
|
|
|
4be148 |
- if (mtime > highest_mtime)
|
|
|
4be148 |
- highest_mtime = mtime;
|
|
|
4be148 |
- if (mtime > g_confFileModTime)
|
|
|
4be148 |
- loadConfigFile(*pathptr);
|
|
|
4be148 |
+ if (glob(MECH_CONF_PATTERN, 0, NULL, &globbuf) == 0) {
|
|
|
4be148 |
+ for (path = globbuf.gl_pathv; *path != NULL; path++)
|
|
|
4be148 |
+ load_if_changed(*path, g_confFileModTime, &highest);
|
|
|
4be148 |
+ globfree(&globbuf);
|
|
|
4be148 |
}
|
|
|
4be148 |
- g_confFileModTime = highest_mtime;
|
|
|
4be148 |
|
|
|
4be148 |
- globbuf.gl_pathv[0] = NULL;
|
|
|
4be148 |
- globfree(&globbuf);
|
|
|
4be148 |
+ g_confFileModTime = highest;
|
|
|
4be148 |
}
|
|
|
4be148 |
|
|
|
4be148 |
/*
|