[Freeipa-devel] [PATCH] 1058 clear session key
Martin Kosek
mkosek at redhat.com
Wed Oct 3 17:24:00 UTC 2012
----- Original Message -----
> From: "Rob Crittenden" <rcritten at redhat.com>
> To: "Martin Kosek" <mkosek at redhat.com>
> Cc: "freeipa-devel" <freeipa-devel at redhat.com>
> Sent: Wednesday, October 3, 2012 5:49:52 PM
> Subject: Re: [Freeipa-devel] [PATCH] 1058 clear session key
>
> Martin Kosek wrote:
> > On 10/02/2012 08:23 PM, Rob Crittenden wrote:
> >> Clear the host session key when enrolling a client.
> >>
> >> Make sure dbdir is preserved when a new connection is created.
> >>
> >> rob
> >>
> >
> > I tested repeatedly installing, uninstalling client and unlike
> > previously, I
> > did not receive any NSS initialization error. Other test were also
> > OK for me,
> > so generally I agree with the patch.
> >
> > I just see one potential issue in this section:
> >
> >
> > + if (current_conn is not None and
> > +
> > hasattr(current_conn.conn._ServerProxy__transport,
> > 'dbdir')):
> > + dbdir =
> > current_conn.conn._ServerProxy__transport.dbdir
> > + self.debug('Using dbdir %s' % dbdir)
> >
> > If I understand that correctly, dbdir attribute in
> > current_conn.conn._ServerProxy__transport may be changed by other
> > thread, i.e.
> > I would rather do something like that:
> >
> > if current_conn is not None:
> > dbdir = getattr(current_conn.conn._ServerProxy__transport,
> > 'dbdir', None)
> > if dbdir is not None:
> > self.debug('Using dbdir %s' % dbdir)
> >
> > I did not reproduce that, but I'd be afraid that some other thread
> > may remove
> > 'dbdir' right after our hasattr check, so the next statement would
> > fail.
> >
> > Martin
>
> Good idea, can't be too safe.
>
> rob
>
ACK. Pushed to master, ipa-3-0.
Martin
More information about the Freeipa-devel
mailing list