[Heimdal-source-changes] [heimdal/heimdal] 545b5b: Fix race condition with global _gsskrb5_keytab
GitHub
noreply at github.com
Fre Nov 11 01:32:33 CET 2016
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: 545b5b41cedb1f76565e541c68f0562e07ec78d5
https://github.com/heimdal/heimdal/commit/545b5b41cedb1f76565e541c68f0562e07ec78d5
Author: Heath Kehoe <heath at digitalartefacts.com>
Date: 2016-11-10 (Thu, 10 Nov 2016)
Changed paths:
M lib/gssapi/krb5/accept_sec_context.c
Log Message:
-----------
Fix race condition with global _gsskrb5_keytab
gsskrb5_acceptor_start() was making a copy of the global pointer
_gsskrb5_keytab to use later. This invites a race condition where
another thread could call gsskrb5_register_acceptor_identity()
(thus invalidating the target of the copied pointer) before it is
used by gsskrb5_acceptor_start().
So instead, clone the keytab to a new one while protected by the
mutex lock (similar to get_keytab() in acquire_cred.c).
Signed-off-by: Nicolas Williams <nico at twosigma.com>
More information about the Heimdal-source-changes
mailing list