diff options
Diffstat (limited to 'src/providers')
-rw-r--r-- | src/providers/krb5/krb5_common.c | 40 | ||||
-rw-r--r-- | src/providers/krb5/krb5_common.h | 7 | ||||
-rw-r--r-- | src/providers/krb5/krb5_init.c | 12 |
3 files changed, 57 insertions, 2 deletions
diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c index 2b3331ed3..746b3f3c6 100644 --- a/src/providers/krb5/krb5_common.c +++ b/src/providers/krb5/krb5_common.c @@ -413,3 +413,43 @@ done: return ret; } +void krb5_finalize(struct tevent_context *ev, + struct tevent_signal *se, + int signum, + int count, + void *siginfo, + void *private_data) +{ + char *realm = (char *)private_data; + int ret; + errno_t err; + char *file; + + file = talloc_asprintf(se, KDCINFO_TMPL, realm); + if(file == NULL) { + sig_term(signum); + } + errno = 0; + ret = unlink(file); + if (ret == -1) { + err = errno; + DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file, + err, strerror(err))); + } + + errno = 0; + file = talloc_asprintf(se, KPASSWDINFO_TMPL, realm); + if(file == NULL) { + sig_term(signum); + } + + errno = 0; + ret = unlink(file); + if (ret == -1) { + err = errno; + DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file, + err, strerror(err))); + } + + sig_term(signum); +} diff --git a/src/providers/krb5/krb5_common.h b/src/providers/krb5/krb5_common.h index 0b0da31f2..51afa0c65 100644 --- a/src/providers/krb5/krb5_common.h +++ b/src/providers/krb5/krb5_common.h @@ -75,4 +75,11 @@ errno_t write_krb5info_file(const char *realm, const char *kdc, int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, const char *service_name, const char *servers, const char *realm, struct krb5_service **_service); + +void krb5_finalize(struct tevent_context *ev, + struct tevent_signal *se, + int signum, + int count, + void *siginfo, + void *private_data); #endif /* __KRB5_COMMON_H__ */ diff --git a/src/providers/krb5/krb5_init.c b/src/providers/krb5/krb5_init.c index 83129d9c5..0bacb3f8f 100644 --- a/src/providers/krb5/krb5_init.c +++ b/src/providers/krb5/krb5_init.c @@ -55,6 +55,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, const char *krb5_kpasswd_servers; const char *krb5_realm; const char *errstr; + char *sig_realm; int errval; int errpos; @@ -126,13 +127,20 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, goto fail; } - sige = tevent_add_signal(bectx->ev, ctx, SIGCHLD, SA_SIGINFO, - child_sig_handler, NULL); + BlockSignals(false, SIGTERM); + sig_realm = talloc_strdup(ctx, krb5_realm); + if (sig_realm == NULL) { + ret = ENOMEM; + goto fail; + } + sige = tevent_add_signal(bectx->ev, ctx, SIGTERM, SA_SIGINFO, + krb5_finalize, sig_realm); if (sige == NULL) { DEBUG(1, ("tevent_add_signal failed.\n")); ret = ENOMEM; goto fail; } + talloc_steal(sige, sig_realm); if (debug_to_file != 0) { ret = open_debug_file_ex("krb5_child", &debug_filep); |