[1210] in Kerberos-V5-bugs
krb5b4pl3: slave/kpropd.c enhancement: don't return success to the client until kdb5_edit succeeds
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Sun Mar 19 21:14:51 1995
From: "Jonathan I. Kamens" <jik@cam.ov.com>
Date: Sun, 19 Mar 1995 21:18:00 -0500
To: krb5-bugs@MIT.EDU
This patch modifies the code path of kpropd, so that it only returns
an indication of success to kprop after kdb5_edit is executed and
completes successfully.
--- slave/kpropd.c 1995/03/13 21:28:02 1.7
+++ slave/kpropd.c 1995/03/13 21:53:53 1.8
@@ -93,8 +93,9 @@
void doit();
void kerberos_authenticate();
krb5_boolean authorized_principal();
-void recv_database();
+int recv_database();
void load_database();
+void send_acknowledgement();
void send_error();
void recv_error();
@@ -214,6 +215,7 @@
struct hostent *hp;
krb5_error_code retval;
int lock_fd;
+ int database_size;
fromlen = sizeof (from);
if (getpeername(fd, (struct sockaddr *) &from, &fromlen) < 0) {
@@ -300,8 +302,8 @@
temp_file_name);
exit(1);
}
- recv_database(fd, database_fd);
- if (close(fd) < 0) {
+ database_size = recv_database(fd, database_fd);
+ if (close(database_fd) < 0) {
com_err(progname, errno,
"while trying to close database file");
exit(1);
@@ -311,8 +313,13 @@
temp_file_name, file);
exit(1);
}
- load_database(kdb5_edit, file);
+ load_database(fd, kdb5_edit, file);
close(lock_fd);
+ send_acknowledgement(fd, database_size);
+ if (close(fd) < 0) {
+ com_err(progname, errno, "while closing socket from client");
+ exit(1);
+ }
exit(0);
}
@@ -558,7 +565,7 @@
return FALSE;
}
-void
+int
recv_database(fd, database_fd)
int fd;
int database_fd;
@@ -643,12 +650,16 @@
sprintf(buf,
"while writing database block starting at offset %d",
received_size);
+ com_err(progname, errno, buf);
send_error(fd, errno, buf);
+ exit(1);
} else if (n != outbuf.length) {
sprintf(buf,
"incomplete write while writing database block starting at \noffset %d (%d written, %d expected)",
received_size, n, outbuf.length);
+ com_err(progname, KRB5KRB_ERR_GENERIC, buf);
send_error(fd, KRB5KRB_ERR_GENERIC, buf);
+ exit(1);
}
received_size += outbuf.length;
}
@@ -659,8 +670,20 @@
sprintf(buf,
"Received %d bytes, expected %d bytes for database file",
received_size, database_size);
+ com_err(progname, KRB5KRB_ERR_GENERIC, buf);
send_error(fd, KRB5KRB_ERR_GENERIC, buf);
+ exit(1);
}
+ return(database_size);
+}
+
+void
+send_acknowledgement(fd, database_size)
+ int fd, database_size;
+{
+ krb5_data inbuf, outbuf;
+ krb5_error_code retval;
+
/*
* Send over acknowledgement of number of bytes receieved.
*/
@@ -677,7 +700,7 @@
0, /* no rcache when NOTIME */
&outbuf)) {
com_err(progname, retval,
- "while encoding # of receieved bytes");
+ "while encoding # of received bytes");
send_error(fd, retval,
"while encoding # of received bytes");
exit(1);
@@ -685,7 +708,7 @@
if (retval = krb5_write_message((void *) &fd, &outbuf)) {
krb5_xfree(outbuf.data);
com_err(progname, retval,
- "while sending # of receeived bytes");
+ "while sending # of received bytes");
exit(1);
}
krb5_xfree(outbuf.data);
@@ -763,7 +786,8 @@
}
void
-load_database(kdb5_edit, database_file_name)
+load_database(fd, kdb5_edit, database_file_name)
+ int fd;
char *kdb5_edit;
char *database_file_name;
{
@@ -783,6 +807,7 @@
#endif
char request[1024];
krb5_error_code retval;
+ char buf[MAXPATHLEN+50];
if (debug)
printf("calling krb5_edit to load database\n");
@@ -796,8 +821,10 @@
switch(child_pid = fork()) {
case -1:
- com_err(progname, errno, "while trying to fork %s",
- kdb5_edit);
+ (void) sprintf(buf, "while trying to fork to start %s",
+ kdb5_edit);
+ com_err(progname, errno, buf);
+ send_error(fd, errno, buf);
exit(1);
case 0:
if (!debug) {
@@ -822,15 +849,19 @@
if (debug)
printf("Child PID is %d\n", child_pid);
if (wait(&waitb) < 0) {
- com_err(progname, errno, "while waiting for %s",
- kdb5_edit);
+ (void) sprintf(buf, "while waiting for %s",
+ kdb5_edit);
+ com_err(progname, errno, buf);
+ send_error(fd, errno, buf);
exit(1);
}
}
if (error_ret = WEXITSTATUS(waitb)) {
- com_err(progname, 0, "%s returned a bad exit status (%d)",
- kdb5_edit, error_ret);
+ (void) sprintf(buf, "%s returned a bad exit status (%d)",
+ kdb5_edit, error_ret);
+ com_err(progname, 0, buf);
+ send_error(fd, 0, buf);
exit(1);
}
return;
