Assume mutex locking cannot fail

Locking and unlocking a non-recursive mutex is a simple memory operation and should not fail on any reasonable platform with correct usage. A pthread mutex can return EDEADLK on lock or EPERM on unlock, or EINVAL if the mutex is uninitialized, but all of these conditions would reflect serious bugs in the calling code. Change the k5_mutex_lock and k5_mutex_unlock wrappers to return void and adjust all call sites. Propagate this change through k5_cc_mutex_lock and k5_cc_mutex_unlock as well.
author: Greg Hudson <ghudson@mit.edu> 2013-05-10 14:01:48 -0400
committer: Greg Hudson <ghudson@mit.edu> 2013-05-14 13:31:41 -0400
commit: 6350fd0c909d84c00200885e722cc902049ada05 (patch)
tree: a880eae4b875d2b94747048a7092f619c79d33c2 /src/lib/gssapi/krb5
parent: 1799f7b5d9cf4390148248d603d99a3695ddfafe (diff)
download: krb5-6350fd0c909d84c00200885e722cc902049ada05.tar.gz
krb5-6350fd0c909d84c00200885e722cc902049ada05.tar.xz
krb5-6350fd0c909d84c00200885e722cc902049ada05.zip
7 files changed, 17 insertions, 89 deletions
diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c
index dbc5a701aa..0efcad4fe9 100644
--- a/src/lib/gssapi/krb5/acquire_cred.c
+++ b/src/lib/gssapi/krb5/acquire_cred.c
@@ -112,11 +112,7 @@ gss_krb5int_register_acceptor_identity(OM_uint32 *minor_status,
             return GSS_S_FAILURE;
     }
 
-    err = k5_mutex_lock(&gssint_krb5_keytab_lock);
-    if (err) {
-        free(new);
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&gssint_krb5_keytab_lock);
     old = krb5_gss_keytab;
     krb5_gss_keytab = new;
     k5_mutex_unlock(&gssint_krb5_keytab_lock);
@@ -196,11 +192,7 @@ acquire_accept_cred(krb5_context context,
     if (req_keytab != NULL) {
         code = krb5_kt_dup(context, req_keytab, &kt);
     } else {
-        code = k5_mutex_lock(&gssint_krb5_keytab_lock);
-        if (code) {
-            *minor_status = code;
-            return GSS_S_FAILURE;
-        }
+        k5_mutex_lock(&gssint_krb5_keytab_lock);
         if (krb5_gss_keytab != NULL) {
             code = krb5_kt_resolve(context, krb5_gss_keytab, &kt);
             k5_mutex_unlock(&gssint_krb5_keytab_lock);
diff --git a/src/lib/gssapi/krb5/copy_ccache.c b/src/lib/gssapi/krb5/copy_ccache.c
index fbb7a48a19..f3d7666135 100644
--- a/src/lib/gssapi/krb5/copy_ccache.c
+++ b/src/lib/gssapi/krb5/copy_ccache.c
@@ -23,11 +23,7 @@ gss_krb5int_copy_ccache(OM_uint32 *minor_status,
 
     /* cred handle will have been validated by gssspi_set_cred_option() */
     k5creds = (krb5_gss_cred_id_t) *cred_handle;
-    code = k5_mutex_lock(&k5creds->lock);
-    if (code) {
-        *minor_status = code;
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&k5creds->lock);
     if (k5creds->usage == GSS_C_ACCEPT) {
         k5_mutex_unlock(&k5creds->lock);
         *minor_status = (OM_uint32) G_BAD_USAGE;
diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c
index d4c987a09a..1bc69ca31b 100644
--- a/src/lib/gssapi/krb5/init_sec_context.c
+++ b/src/lib/gssapi/krb5/init_sec_context.c
@@ -1014,9 +1014,7 @@ krb5_gss_init_context (krb5_context *ctxp)
     if (err)
         return err;
 #ifndef _WIN32
-    err = k5_mutex_lock(&kg_kdc_flag_mutex);
-    if (err)
-        return err;
+    k5_mutex_lock(&kg_kdc_flag_mutex);
     is_kdc = kdc_flag;
     k5_mutex_unlock(&kg_kdc_flag_mutex);
 
@@ -1041,10 +1039,7 @@ krb5int_gss_use_kdc_context(OM_uint32 *minor_status,
     err = gss_krb5int_initialize_library();
     if (err)
         return err;
-    *minor_status = k5_mutex_lock(&kg_kdc_flag_mutex);
-    if (*minor_status) {
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&kg_kdc_flag_mutex);
     kdc_flag = 1;
     k5_mutex_unlock(&kg_kdc_flag_mutex);
     return GSS_S_COMPLETE;
diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c
index f44f0d2cf9..10dbe321a1 100644
--- a/src/lib/gssapi/krb5/naming_exts.c
+++ b/src/lib/gssapi/krb5/naming_exts.c
@@ -119,15 +119,10 @@ kg_duplicate_name(krb5_context context,
 {
     krb5_error_code code;
 
-    code = k5_mutex_lock(&src->lock);
-    if (code != 0)
-        return code;
-
+    k5_mutex_lock(&src->lock);
     code = kg_init_name(context, src->princ, src->service, src->host,
                         src->ad_context, 0, dst);
-
     k5_mutex_unlock(&src->lock);
-
     return code;
 }
 
@@ -282,11 +277,7 @@ krb5_gss_inquire_name(OM_uint32 *minor_status,
 
     kname = (krb5_gss_name_t)name;
 
-    code = k5_mutex_lock(&kname->lock);
-    if (code != 0) {
-        *minor_status = code;
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&kname->lock);
 
     if (kname->ad_context == NULL) {
         code = krb5_authdata_context_init(context, &kname->ad_context);
@@ -343,13 +334,7 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status,
     }
 
     kname = (krb5_gss_name_t)name;
-
-    code = k5_mutex_lock(&kname->lock);
-    if (code != 0) {
-        *minor_status = code;
-        krb5_free_context(context);
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&kname->lock);
 
     if (kname->ad_context == NULL) {
         code = krb5_authdata_context_init(context, &kname->ad_context);
@@ -421,12 +406,7 @@ krb5_gss_set_name_attribute(OM_uint32 *minor_status,
     }
 
     kname = (krb5_gss_name_t)name;
-
-    code = k5_mutex_lock(&kname->lock);
-    if (code != 0) {
-        *minor_status = code;
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&kname->lock);
 
     if (kname->ad_context == NULL) {
         code = krb5_authdata_context_init(context, &kname->ad_context);
@@ -476,12 +456,7 @@ krb5_gss_delete_name_attribute(OM_uint32 *minor_status,
     }
 
     kname = (krb5_gss_name_t)name;
-
-    code = k5_mutex_lock(&kname->lock);
-    if (code != 0) {
-        *minor_status = code;
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&kname->lock);
 
     if (kname->ad_context == NULL) {
         code = krb5_authdata_context_init(context, &kname->ad_context);
@@ -528,12 +503,7 @@ krb5_gss_map_name_to_any(OM_uint32 *minor_status,
     }
 
     kname = (krb5_gss_name_t)name;
-
-    code = k5_mutex_lock(&kname->lock);
-    if (code != 0) {
-        *minor_status = code;
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&kname->lock);
 
     if (kname->ad_context == NULL) {
         code = krb5_authdata_context_init(context, &kname->ad_context);
@@ -585,12 +555,7 @@ krb5_gss_release_any_name_mapping(OM_uint32 *minor_status,
     }
 
     kname = (krb5_gss_name_t)name;
-
-    code = k5_mutex_lock(&kname->lock);
-    if (code != 0) {
-        *minor_status = code;
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&kname->lock);
 
     if (kname->ad_context == NULL) {
         code = krb5_authdata_context_init(context, &kname->ad_context);
@@ -646,12 +611,7 @@ krb5_gss_export_name_composite(OM_uint32 *minor_status,
     }
 
     kname = (krb5_gss_name_t)name;
-
-    code = k5_mutex_lock(&kname->lock);
-    if (code != 0) {
-        *minor_status = code;
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&kname->lock);
 
     code = krb5_unparse_name(context, kname->princ, &princstr);
     if (code != 0)
diff --git a/src/lib/gssapi/krb5/s4u_gss_glue.c b/src/lib/gssapi/krb5/s4u_gss_glue.c
index a7e720b802..4381a8442c 100644
--- a/src/lib/gssapi/krb5/s4u_gss_glue.c
+++ b/src/lib/gssapi/krb5/s4u_gss_glue.c
@@ -58,11 +58,7 @@ kg_impersonate_name(OM_uint32 *minor_status,
     if (impersonator_cred->req_enctypes != NULL)
         in_creds.keyblock.enctype = impersonator_cred->req_enctypes[0];
 
-    code = k5_mutex_lock(&user->lock);
-    if (code != 0) {
-        *minor_status = code;
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&user->lock);
 
     if (user->ad_context != NULL) {
         code = krb5_authdata_export_authdata(context,
diff --git a/src/lib/gssapi/krb5/set_allowable_enctypes.c b/src/lib/gssapi/krb5/set_allowable_enctypes.c
index 7ef4aeedb4..d9fd279ed2 100644
--- a/src/lib/gssapi/krb5/set_allowable_enctypes.c
+++ b/src/lib/gssapi/krb5/set_allowable_enctypes.c
@@ -91,9 +91,7 @@ gss_krb5int_set_allowable_enctypes(OM_uint32 *minor_status,
             }
         }
     } else {
-        kerr = k5_mutex_lock(&cred->lock);
-        if (kerr)
-            goto error_out;
+        k5_mutex_lock(&cred->lock);
         if (cred->req_enctypes)
             free(cred->req_enctypes);
         cred->req_enctypes = NULL;
@@ -110,11 +108,7 @@ gss_krb5int_set_allowable_enctypes(OM_uint32 *minor_status,
         kerr = ENOMEM;
         goto error_out;
     }
-    kerr = k5_mutex_lock(&cred->lock);
-    if (kerr) {
-        free(new_ktypes);
-        goto error_out;
-    }
+    k5_mutex_lock(&cred->lock);
     if (cred->req_enctypes)
         free(cred->req_enctypes);
     cred->req_enctypes = new_ktypes;
diff --git a/src/lib/gssapi/krb5/val_cred.c b/src/lib/gssapi/krb5/val_cred.c
index 234cf69c04..cb1cb9393a 100644
--- a/src/lib/gssapi/krb5/val_cred.c
+++ b/src/lib/gssapi/krb5/val_cred.c
@@ -37,12 +37,7 @@ krb5_gss_validate_cred_1(OM_uint32 *minor_status, gss_cred_id_t cred_handle,
     krb5_principal princ;
 
     cred = (krb5_gss_cred_id_t) cred_handle;
-
-    code = k5_mutex_lock(&cred->lock);
-    if (code) {
-        *minor_status = code;
-        return GSS_S_FAILURE;
-    }
+    k5_mutex_lock(&cred->lock);
 
     if (cred->ccache && cred->expire != 0) {
         if ((code = krb5_cc_get_principal(context, cred->ccache, &princ))) {
author	Greg Hudson <ghudson@mit.edu>	2013-05-10 14:01:48 -0400
committer	Greg Hudson <ghudson@mit.edu>	2013-05-14 13:31:41 -0400
commit	6350fd0c909d84c00200885e722cc902049ada05 (patch)
tree	a880eae4b875d2b94747048a7092f619c79d33c2 /src/lib/gssapi/krb5
parent	1799f7b5d9cf4390148248d603d99a3695ddfafe (diff)
download	krb5-6350fd0c909d84c00200885e722cc902049ada05.tar.gz krb5-6350fd0c909d84c00200885e722cc902049ada05.tar.xz krb5-6350fd0c909d84c00200885e722cc902049ada05.zip