summaryrefslogtreecommitdiffstats
path: root/src/modules/UserConfigBackendKrb5
diff options
context:
space:
mode:
authorMatthias Schiffer <matthias@gamezock.de>2009-09-03 20:16:23 +0200
committerMatthias Schiffer <matthias@gamezock.de>2009-09-03 20:16:23 +0200
commitfca6c1a831393e173706a5b5c798c35dc5f7d3e6 (patch)
tree38b4b6f59a10736e869eaf460020bf28b4bc8c3d /src/modules/UserConfigBackendKrb5
parent23d4cc1dfa5602c266f2f3d71f845f9ef0789b89 (diff)
downloadmad-fca6c1a831393e173706a5b5c798c35dc5f7d3e6.tar
mad-fca6c1a831393e173706a5b5c798c35dc5f7d3e6.zip
Thread-Sicherheit verbessert
Diffstat (limited to 'src/modules/UserConfigBackendKrb5')
-rw-r--r--src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp53
-rw-r--r--src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.h11
2 files changed, 43 insertions, 21 deletions
diff --git a/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp b/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp
index 94e3506..b10dbcf 100644
--- a/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp
+++ b/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp
@@ -21,13 +21,15 @@
#include <Core/ConfigEntry.h>
#include <Core/ThreadManager.h>
+#include <boost/thread/locks.hpp>
+
#include <cstring>
namespace Mad {
namespace Modules {
namespace UserConfigBackendKrb5 {
-void UserConfigBackendKrb5::connect() {
+void UserConfigBackendKrb5::_connect() {
if(principal.empty()) {
application->log(Core::Logger::LOG_USER, Core::Logger::LOG_ERROR, "UserConfigBackendKrb5: no principal given");
return;
@@ -96,6 +98,8 @@ bool UserConfigBackendKrb5::handleConfigEntry(const Core::ConfigEntry &entry, bo
if(!entry[1].getKey().matches("Krb5"))
return false;
+ boost::lock_guard<boost::mutex> lock(mutex);
+
if(entry[2].getKey().matches("Realm")) {
if(entry[3].empty())
realm = entry[2][0];
@@ -122,6 +126,11 @@ bool UserConfigBackendKrb5::handleConfigEntry(const Core::ConfigEntry &entry, bo
return true;
}
+void UserConfigBackendKrb5::configFinished() {
+ boost::lock_guard<boost::mutex> lock(mutex);
+ _connect();
+}
+
void UserConfigBackendKrb5::checkUserInfo(const Common::UserInfo &userInfo) throw(Core::Exception) {
if(std::strcspn(userInfo.getUsername().c_str(), "/@") != userInfo.getUsername().length())
@@ -129,11 +138,13 @@ void UserConfigBackendKrb5::checkUserInfo(const Common::UserInfo &userInfo) thro
}
void UserConfigBackendKrb5::addUser(const Common::UserInfo &userInfo) throw(Core::Exception) {
+ application->getThreadManager()->detach();
+
+ boost::lock_guard<boost::mutex> lock(mutex);
+
if(!context || !handle)
throw Core::Exception(Core::Exception::NOT_AVAILABLE);
- application->getThreadManager()->detach();
-
std::string princStr = userInfo.getUsername() + "@" + realm;
kadm5_principal_ent_rec princ;
@@ -154,7 +165,7 @@ void UserConfigBackendKrb5::addUser(const Common::UserInfo &userInfo) throw(Core
err = kadm5_create_principal(handle, &princ, KADM5_PRINCIPAL|KADM5_ATTRIBUTES, dummybuf);
if(err == KADM5_RPC_ERROR && retryCount > 0) {
application->log(Core::Logger::LOG_USER, Core::Logger::LOG_VERBOSE, "Connection to kerberos admin server lost. Reconnecting...");
- connect();
+ _connect();
--retryCount;
}
} while(err == KADM5_RPC_ERROR && retryCount >= 0);
@@ -167,7 +178,7 @@ void UserConfigBackendKrb5::addUser(const Common::UserInfo &userInfo) throw(Core
err = kadm5_randkey_principal(handle, princ.principal, 0, 0);
if(err == KADM5_RPC_ERROR && retryCount > 0) {
application->log(Core::Logger::LOG_USER, Core::Logger::LOG_VERBOSE, "Connection to kerberos admin server lost. Reconnecting...");
- connect();
+ _connect();
--retryCount;
}
} while(err == KADM5_RPC_ERROR && retryCount >= 0);
@@ -181,7 +192,7 @@ void UserConfigBackendKrb5::addUser(const Common::UserInfo &userInfo) throw(Core
err = kadm5_modify_principal(handle, &princ, KADM5_ATTRIBUTES);
if(err == KADM5_RPC_ERROR && retryCount > 0) {
application->log(Core::Logger::LOG_USER, Core::Logger::LOG_VERBOSE, "Connection to kerberos admin server lost. Reconnecting...");
- connect();
+ _connect();
--retryCount;
}
} while(err == KADM5_RPC_ERROR && retryCount >= 0);
@@ -193,22 +204,30 @@ void UserConfigBackendKrb5::addUser(const Common::UserInfo &userInfo) throw(Core
}
void UserConfigBackendKrb5::updateUser(const Common::UserInfo &oldUserInfo, const Common::UserInfo &userInfo) throw(Core::Exception) {
- if(!context || !handle)
- throw Core::Exception(Core::Exception::NOT_AVAILABLE);
+ application->getThreadManager()->detach();
- if(oldUserInfo.getUsername() == userInfo.getUsername())
- return;
+ {
+ boost::lock_guard<boost::mutex> lock(mutex);
+
+ if(!context || !handle)
+ throw Core::Exception(Core::Exception::NOT_AVAILABLE);
+
+ if(oldUserInfo.getUsername() == userInfo.getUsername())
+ return;
+ }
deleteUser(oldUserInfo);
addUser(userInfo);
}
void UserConfigBackendKrb5::deleteUser(const Common::UserInfo &userInfo) throw(Core::Exception) {
+ application->getThreadManager()->detach();
+
+ boost::lock_guard<boost::mutex> lock(mutex);
+
if(!context || !handle)
throw Core::Exception(Core::Exception::NOT_AVAILABLE);
- application->getThreadManager()->detach();
-
std::string princStr = userInfo.getUsername() + "@" + realm;
krb5_principal princ;
@@ -223,7 +242,7 @@ void UserConfigBackendKrb5::deleteUser(const Common::UserInfo &userInfo) throw(C
err = kadm5_delete_principal(handle, princ);
if(err == KADM5_RPC_ERROR && retryCount > 0) {
application->log(Core::Logger::LOG_USER, Core::Logger::LOG_VERBOSE, "Connection to kerberos admin server lost. Reconnecting...");
- connect();
+ _connect();
--retryCount;
}
} while(err == KADM5_RPC_ERROR && retryCount >= 0);
@@ -235,11 +254,13 @@ void UserConfigBackendKrb5::deleteUser(const Common::UserInfo &userInfo) throw(C
}
void UserConfigBackendKrb5::setPassword(const Common::UserInfo &userInfo, const std::string &password) throw(Core::Exception) {
+ application->getThreadManager()->detach();
+
+ boost::lock_guard<boost::mutex> lock(mutex);
+
if(!context || !handle)
throw Core::Exception(Core::Exception::NOT_AVAILABLE);
- application->getThreadManager()->detach();
-
std::string princStr = userInfo.getUsername() + "@" + realm;
krb5_principal princ;
@@ -253,7 +274,7 @@ void UserConfigBackendKrb5::setPassword(const Common::UserInfo &userInfo, const
err = kadm5_chpass_principal(handle, princ, const_cast<char*>(password.c_str()));
if(err == KADM5_RPC_ERROR && retryCount > 0) {
application->log(Core::Logger::LOG_USER, Core::Logger::LOG_VERBOSE, "Connection to kerberos admin server lost. Reconnecting...");
- connect();
+ _connect();
--retryCount;
}
} while(err == KADM5_RPC_ERROR && retryCount >= 0);
diff --git a/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.h b/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.h
index 11c7187..c2b35fe 100644
--- a/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.h
+++ b/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.h
@@ -26,6 +26,8 @@
#include <Core/Configurable.h>
#include <Core/ConfigManager.h>
+#include <boost/thread/mutex.hpp>
+
#define USE_KADM5_API_VERSION 2
#include <kadm5/admin.h>
@@ -37,20 +39,19 @@ class UserConfigBackendKrb5 : public Common::UserConfigBackend, private Core::Co
private:
Common::Application *application;
+ boost::mutex mutex;
+
std::string realm, principal, server;
std::string password, keytab;
krb5_context context;
void *handle;
- void connect();
+ void _connect();
protected:
virtual bool handleConfigEntry(const Core::ConfigEntry &entry, bool handled);
-
- virtual void configFinished() {
- connect();
- }
+ virtual void configFinished();
virtual void checkUserInfo(const Common::UserInfo &userInfo) throw(Core::Exception);