summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/providers/krb5/krb5_common.c40
-rw-r--r--src/providers/krb5/krb5_common.h7
-rw-r--r--src/providers/krb5/krb5_init.c12
-rw-r--r--src/util/server.c2
-rw-r--r--src/util/util.h1
5 files changed, 59 insertions, 3 deletions
diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c
index 2b3331ed..746b3f3c 100644
--- a/src/providers/krb5/krb5_common.c
+++ b/src/providers/krb5/krb5_common.c
@@ -413,3 +413,43 @@ done:
return ret;
}
+void krb5_finalize(struct tevent_context *ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ void *private_data)
+{
+ char *realm = (char *)private_data;
+ int ret;
+ errno_t err;
+ char *file;
+
+ file = talloc_asprintf(se, KDCINFO_TMPL, realm);
+ if(file == NULL) {
+ sig_term(signum);
+ }
+ errno = 0;
+ ret = unlink(file);
+ if (ret == -1) {
+ err = errno;
+ DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file,
+ err, strerror(err)));
+ }
+
+ errno = 0;
+ file = talloc_asprintf(se, KPASSWDINFO_TMPL, realm);
+ if(file == NULL) {
+ sig_term(signum);
+ }
+
+ errno = 0;
+ ret = unlink(file);
+ if (ret == -1) {
+ err = errno;
+ DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file,
+ err, strerror(err)));
+ }
+
+ sig_term(signum);
+}
diff --git a/src/providers/krb5/krb5_common.h b/src/providers/krb5/krb5_common.h
index 0b0da31f..51afa0c6 100644
--- a/src/providers/krb5/krb5_common.h
+++ b/src/providers/krb5/krb5_common.h
@@ -75,4 +75,11 @@ errno_t write_krb5info_file(const char *realm, const char *kdc,
int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx,
const char *service_name, const char *servers,
const char *realm, struct krb5_service **_service);
+
+void krb5_finalize(struct tevent_context *ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ void *private_data);
#endif /* __KRB5_COMMON_H__ */
diff --git a/src/providers/krb5/krb5_init.c b/src/providers/krb5/krb5_init.c
index 83129d9c..0bacb3f8 100644
--- a/src/providers/krb5/krb5_init.c
+++ b/src/providers/krb5/krb5_init.c
@@ -55,6 +55,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx,
const char *krb5_kpasswd_servers;
const char *krb5_realm;
const char *errstr;
+ char *sig_realm;
int errval;
int errpos;
@@ -126,13 +127,20 @@ int sssm_krb5_auth_init(struct be_ctx *bectx,
goto fail;
}
- sige = tevent_add_signal(bectx->ev, ctx, SIGCHLD, SA_SIGINFO,
- child_sig_handler, NULL);
+ BlockSignals(false, SIGTERM);
+ sig_realm = talloc_strdup(ctx, krb5_realm);
+ if (sig_realm == NULL) {
+ ret = ENOMEM;
+ goto fail;
+ }
+ sige = tevent_add_signal(bectx->ev, ctx, SIGTERM, SA_SIGINFO,
+ krb5_finalize, sig_realm);
if (sige == NULL) {
DEBUG(1, ("tevent_add_signal failed.\n"));
ret = ENOMEM;
goto fail;
}
+ talloc_steal(sige, sig_realm);
if (debug_to_file != 0) {
ret = open_debug_file_ex("krb5_child", &debug_filep);
diff --git a/src/util/server.c b/src/util/server.c
index a0ec2a26..007b3624 100644
--- a/src/util/server.c
+++ b/src/util/server.c
@@ -178,7 +178,7 @@ static void sig_hup(int sig)
return;
}
-static void sig_term(int sig)
+void sig_term(int sig)
{
#if HAVE_GETPGRP
static int done_sigterm;
diff --git a/src/util/util.h b/src/util/util.h
index 0b691a7e..25e7b6c2 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -218,6 +218,7 @@ int server_setup(const char *name, int flags,
const char *conf_entry,
struct main_context **main_ctx);
void server_loop(struct main_context *main_ctx);
+void sig_term(int sig);
/* from signal.c */
#include <signal.h>