From 67607dda05e36c4d0be4647160ad376b89d89c51 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 5 May 2010 07:35:56 -0400 Subject: Clean up kdcinfo and kpasswdinfo files when exiting --- src/providers/krb5/krb5_common.c | 40 ++++++++++++++++++++++++++++++++++++++++ src/providers/krb5/krb5_common.h | 7 +++++++ src/providers/krb5/krb5_init.c | 12 ++++++++++-- src/util/server.c | 2 +- src/util/util.h | 1 + 5 files changed, 59 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c index 2b3331ed..746b3f3c 100644 --- a/src/providers/krb5/krb5_common.c +++ b/src/providers/krb5/krb5_common.c @@ -413,3 +413,43 @@ done: return ret; } +void krb5_finalize(struct tevent_context *ev, + struct tevent_signal *se, + int signum, + int count, + void *siginfo, + void *private_data) +{ + char *realm = (char *)private_data; + int ret; + errno_t err; + char *file; + + file = talloc_asprintf(se, KDCINFO_TMPL, realm); + if(file == NULL) { + sig_term(signum); + } + errno = 0; + ret = unlink(file); + if (ret == -1) { + err = errno; + DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file, + err, strerror(err))); + } + + errno = 0; + file = talloc_asprintf(se, KPASSWDINFO_TMPL, realm); + if(file == NULL) { + sig_term(signum); + } + + errno = 0; + ret = unlink(file); + if (ret == -1) { + err = errno; + DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file, + err, strerror(err))); + } + + sig_term(signum); +} diff --git a/src/providers/krb5/krb5_common.h b/src/providers/krb5/krb5_common.h index 0b0da31f..51afa0c6 100644 --- a/src/providers/krb5/krb5_common.h +++ b/src/providers/krb5/krb5_common.h @@ -75,4 +75,11 @@ errno_t write_krb5info_file(const char *realm, const char *kdc, int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, const char *service_name, const char *servers, const char *realm, struct krb5_service **_service); + +void krb5_finalize(struct tevent_context *ev, + struct tevent_signal *se, + int signum, + int count, + void *siginfo, + void *private_data); #endif /* __KRB5_COMMON_H__ */ diff --git a/src/providers/krb5/krb5_init.c b/src/providers/krb5/krb5_init.c index 83129d9c..0bacb3f8 100644 --- a/src/providers/krb5/krb5_init.c +++ b/src/providers/krb5/krb5_init.c @@ -55,6 +55,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, const char *krb5_kpasswd_servers; const char *krb5_realm; const char *errstr; + char *sig_realm; int errval; int errpos; @@ -126,13 +127,20 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, goto fail; } - sige = tevent_add_signal(bectx->ev, ctx, SIGCHLD, SA_SIGINFO, - child_sig_handler, NULL); + BlockSignals(false, SIGTERM); + sig_realm = talloc_strdup(ctx, krb5_realm); + if (sig_realm == NULL) { + ret = ENOMEM; + goto fail; + } + sige = tevent_add_signal(bectx->ev, ctx, SIGTERM, SA_SIGINFO, + krb5_finalize, sig_realm); if (sige == NULL) { DEBUG(1, ("tevent_add_signal failed.\n")); ret = ENOMEM; goto fail; } + talloc_steal(sige, sig_realm); if (debug_to_file != 0) { ret = open_debug_file_ex("krb5_child", &debug_filep); diff --git a/src/util/server.c b/src/util/server.c index a0ec2a26..007b3624 100644 --- a/src/util/server.c +++ b/src/util/server.c @@ -178,7 +178,7 @@ static void sig_hup(int sig) return; } -static void sig_term(int sig) +void sig_term(int sig) { #if HAVE_GETPGRP static int done_sigterm; diff --git a/src/util/util.h b/src/util/util.h index 0b691a7e..25e7b6c2 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -218,6 +218,7 @@ int server_setup(const char *name, int flags, const char *conf_entry, struct main_context **main_ctx); void server_loop(struct main_context *main_ctx); +void sig_term(int sig); /* from signal.c */ #include -- cgit