rpms/krb5/devel krb5-1.7-create_on_load.patch, NONE, 1.1 krb5.spec, 1.226, 1.227

Nalin Dahyabhai nalin at fedoraproject.org
Tue Jan 5 22:55:55 UTC 2010 

Author: nalin

Update of /cvs/extras/rpms/krb5/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12099

Modified Files:
	krb5.spec 
Added Files:
	krb5-1.7-create_on_load.patch 
Log Message:
- pull up proposed patch for creating previously-not-there lock files for
  kdb databases when 'kdb5_util' is called to 'load' (#551764)


krb5-1.7-create_on_load.patch:
 adb_openclose.c |   14 +++++++++++---
 kdb_db2.c       |   19 +++++++++++++------
 policy_db.h     |    2 ++
 3 files changed, 26 insertions(+), 9 deletions(-)

--- NEW FILE krb5-1.7-create_on_load.patch ---
Modify the kdb_db2 backend so that an attempt to "load" a database will
successfully create it if it didn't already exist.  The internal promotion
code appears to be built for this to happen, but doesn't always ensure
that lock files are in place before it attempts to lock them.  We add
modified interfaces which allow O_CREAT to be passed in and applied in the
right paths, and change the function which promotes a temporary database
to a "real" database to do so.  Other code paths shouldn't be affected.

diff -up krb5-1.7/src/plugins/kdb/db2/adb_openclose.c krb5-1.7/src/plugins/kdb/db2/adb_openclose.c
--- krb5-1.7/src/plugins/kdb/db2/adb_openclose.c	2010-01-05 17:31:01.000000000 -0500
+++ krb5-1.7/src/plugins/kdb/db2/adb_openclose.c	2010-01-05 17:42:11.000000000 -0500
@@ -110,8 +110,8 @@ krb5_error_code osa_adb_rename_db(char *
      return 0;
 }
 
-krb5_error_code osa_adb_init_db(osa_adb_db_t *dbp, char *filename,
-			      char *lockfilename, int magic)
+krb5_error_code osa_adb_init_db_flags(osa_adb_db_t *dbp, char *filename,
+				      char *lockfilename, int magic, int flags)
 {
      osa_adb_db_t db;
      static struct _locklist *locklist = NULL;
@@ -198,7 +198,9 @@ krb5_error_code osa_adb_init_db(osa_adb_
 	   * POSIX systems
 	   */
 	  lockp->lockinfo.filename = strdup(lockfilename);
-	  if ((lockp->lockinfo.lockfile = WRITABLEFOPEN(lockfilename, "r+")) == NULL) {
+	  if ((((flags & O_CREAT) == 0) ||
+	       ((lockp->lockinfo.lockfile = WRITABLEFOPEN(lockfilename, "w+")) == NULL)) &&
+	     ((lockp->lockinfo.lockfile = WRITABLEFOPEN(lockfilename, "r+")) == NULL)) {
 	       /*
 		* maybe someone took away write permission so we could only
 		* get shared locks?
@@ -226,6 +228,12 @@ krb5_error_code osa_adb_init_db(osa_adb_
      return OSA_ADB_OK;
 }
 
+krb5_error_code osa_adb_init_db(osa_adb_db_t *dbp, char *filename,
+				char *lockfilename, int magic)
+{
+     return osa_adb_init_db_flags(dbp, filename, lockfilename, magic, 0);
+}
+
 krb5_error_code osa_adb_fini_db(osa_adb_db_t db, int magic)
 {
      if (db->magic != magic)
diff -up krb5-1.7/src/plugins/kdb/db2/kdb_db2.c krb5-1.7/src/plugins/kdb/db2/kdb_db2.c
--- krb5-1.7/src/plugins/kdb/db2/kdb_db2.c	2010-01-05 15:49:47.000000000 -0500
+++ krb5-1.7/src/plugins/kdb/db2/kdb_db2.c	2010-01-05 17:45:33.000000000 -0500
@@ -298,8 +298,8 @@ krb5_db2_db_set_hashfirst(krb5_context c
  * initialization for data base routines.
  */
 
-krb5_error_code
-krb5_db2_db_init(krb5_context context)
+static krb5_error_code
+krb5_db2_db_init_flags(krb5_context context, int flags)
 {
     char   *filename = NULL;
     krb5_db2_context *db_ctx;
@@ -327,7 +327,7 @@ krb5_db2_db_init(krb5_context context)
      * should be opened read/write so that write locking can work with
      * POSIX systems
      */
-    if ((db_ctx->db_lf_file = THREEPARAMOPEN(filename, O_RDWR, 0666)) < 0) {
+    if ((db_ctx->db_lf_file = THREEPARAMOPEN(filename, O_RDWR | (flags & O_CREAT), 0666)) < 0) {
 	if ((db_ctx->db_lf_file = THREEPARAMOPEN(filename, O_RDONLY, 0666)) < 0) {
 	    retval = errno;
 	    goto err_out;
@@ -345,8 +345,9 @@ krb5_db2_db_init(krb5_context context)
     snprintf(policy_lock_name, sizeof(policy_lock_name),
 	     "%s.lock", policy_db_name);
 
-    if ((retval = osa_adb_init_db(&db_ctx->policy_db, policy_db_name,
-				  policy_lock_name, OSA_ADB_POLICY_DB_MAGIC)))
+    if ((retval = osa_adb_init_db_flags(&db_ctx->policy_db, policy_db_name,
+				        policy_lock_name,
+					OSA_ADB_POLICY_DB_MAGIC, flags)))
     {
 	goto err_out;
     }
@@ -358,6 +359,12 @@ krb5_db2_db_init(krb5_context context)
     return (retval);
 }
 
+krb5_error_code
+krb5_db2_db_init(krb5_context context)
+{
+    return krb5_db2_db_init_flags(context, 0);
+}
+
 /*
  * gracefully shut down database--must be called by ANY program that does
  * a krb5_db2_db_init
@@ -1760,7 +1767,7 @@ krb5_db2_db_rename(context, from, to)
     if (retval)
 	goto errout;
 
-    retval = krb5_db2_db_init(context);
+    retval = krb5_db2_db_init_flags(context, O_CREAT);
     if (retval)
 	goto errout;
 
diff -up krb5-1.7/src/plugins/kdb/db2/policy_db.h krb5-1.7/src/plugins/kdb/db2/policy_db.h
--- krb5-1.7/src/plugins/kdb/db2/policy_db.h	2010-01-05 17:24:44.000000000 -0500
+++ krb5-1.7/src/plugins/kdb/db2/policy_db.h	2010-01-05 17:30:46.000000000 -0500
@@ -75,6 +75,8 @@ krb5_error_code   osa_adb_rename_db(char
 				  char *fileto, char *lockto, int magic);
 krb5_error_code	osa_adb_init_db(osa_adb_db_t *dbp, char *filename,
 				char *lockfile, int magic);
+krb5_error_code	osa_adb_init_db_flags(osa_adb_db_t *dbp, char *filename,
+				      char *lockfile, int magic, int flags);
 krb5_error_code	osa_adb_fini_db(osa_adb_db_t db, int magic);
 krb5_error_code	osa_adb_get_lock(osa_adb_db_t db, int mode);
 krb5_error_code	osa_adb_release_lock(osa_adb_db_t db);


Index: krb5.spec
===================================================================
RCS file: /cvs/extras/rpms/krb5/devel/krb5.spec,v
retrieving revision 1.226
retrieving revision 1.227
diff -u -p -r1.226 -r1.227
--- krb5.spec	5 Jan 2010 22:55:30 -0000	1.226
+++ krb5.spec	5 Jan 2010 22:55:55 -0000	1.227
@@ -81,6 +81,7 @@ Patch89: krb5-1.7-largefile.patch
 Patch90: krb5-1.7-openssl-1.0.patch
 Patch91: krb5-1.7-spnego-deleg.patch
 Patch92: http://web.mit.edu/kerberos/advisories/2009-003-patch.txt
+Patch93: krb5-1.7-create_on_load.patch
 
 License: MIT
 URL: http://web.mit.edu/kerberos/www/
@@ -219,6 +220,8 @@ certificate.
 %changelog
 * Tue Jan  5 2010 Nalin Dahyabhai <nalin at redhat.com> - 1.7-16
 - use %%global instead of %%define
+- pull up proposed patch for creating previously-not-there lock files for
+  kdb databases when 'kdb5_util' is called to 'load' (#551764)
 
 * Mon Jan  4 2010 Dennis Gregorovic <dgregor at redhat.com>
 - fix conditional for future RHEL
@@ -1532,6 +1535,7 @@ popd
 %patch90 -p0 -b .openssl-1.0
 %patch91 -p0 -b .spnego-deleg
 %patch92 -p1 -b .2009-003
+%patch93 -p1 -b .create_on_load
 gzip doc/*.ps
 
 sed -i -e '1s!\[twoside\]!!;s!%\(\\usepackage{hyperref}\)!\1!' doc/api/library.tex

More information about the fedora-extras-commits mailing list