[28514] in CVS-changelog-for-Kerberos-V5
krb5 commit: Disallow unlocked iteration of hash databases
daemon@ATHENA.MIT.EDU (Tom Yu)
Thu Aug 7 16:29:50 2014
Date: Thu, 7 Aug 2014 16:29:46 -0400
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201408072029.s77KTkl9013695@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/ded6f17bbda92419a68478b822ce79406c0be1e0
commit ded6f17bbda92419a68478b822ce79406c0be1e0
Author: Tom Yu <tlyu@mit.edu>
Date: Wed Aug 6 18:45:20 2014 -0400
Disallow unlocked iteration of hash databases
It's not clear whether unlocked iteration over a hash DB2 database
will omit unaffected entries if database additions or deletions occur
concurrently with the iteration. Avoid this situation by disabling
unlocked iteration in the unlikely event that someone is still using a
hash database for their KDB.
ticket: 7977
src/plugins/kdb/db2/kdb_db2.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c
index b7cdc88..4c2292c 100644
--- a/src/plugins/kdb/db2/kdb_db2.c
+++ b/src/plugins/kdb/db2/kdb_db2.c
@@ -386,6 +386,9 @@ open_db(krb5_db2_context *dbc, int flags, int mode)
break;
}
+ /* Don't try unlocked iteration with a hash database. */
+ if (db != NULL && dbc->hashfirst)
+ dbc->unlockiter = FALSE;
done:
free(fname);
return db;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5