diff options
| author | Greg Hudson <ghudson@mit.edu> | 2020-06-19 15:05:37 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2020-11-03 11:32:15 -0500 |
| commit | 75ae7431dbefc4b2ec082a4cfe3f65749fde0fda (patch) | |
| tree | 0d04269d8eaacff018b048ff7f064410aed0d69a /src/lib | |
| parent | 3c4075b01375c04070f991920028ce9117f2a512 (diff) | |
| download | krb5-75ae7431dbefc4b2ec082a4cfe3f65749fde0fda.zip krb5-75ae7431dbefc4b2ec082a4cfe3f65749fde0fda.tar.gz krb5-75ae7431dbefc4b2ec082a4cfe3f65749fde0fda.tar.bz2 | |
Avoid using LMDB environments across forks
In krb5kdc and kadmind, reinitialize the DB state after daemonizing,
to prevent using an LMDB environment in a different process than it
was created. Otherwise the daemon's reader table slot appears to be
stale and can be claimed by another process.
In kadmind, this change means that global_server_handle changes value
after the loop setup. Add an extra level of pointer indirection so
that the handle passed to the loop remains valid.
kdb_init_hist() is now called twice by kadmind. Change it to avoid
leaking hist_princ on the second invocation.
(cherry picked from commit 38b98a14433b8858a3ca5979a0afa194df0df1e9)
ticket: 8918
version_fixed: 1.17.2
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/kadm5/srv/server_kdb.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/lib/kadm5/srv/server_kdb.c b/src/lib/kadm5/srv/server_kdb.c index f4b8aef..eb81877 100644 --- a/src/lib/kadm5/srv/server_kdb.c +++ b/src/lib/kadm5/srv/server_kdb.c @@ -127,6 +127,8 @@ krb5_error_code kdb_init_hist(kadm5_server_handle_t handle, char *r) goto done; } + krb5_free_principal(handle->context, hist_princ); + hist_princ = NULL; if ((ret = krb5_parse_name(handle->context, hist_name, &hist_princ))) goto done; |