summaryrefslogtreecommitdiffstats
path: root/src/providers
diff options
context:
space:
mode:
Diffstat (limited to 'src/providers')
-rw-r--r--src/providers/krb5/krb5_common.c40
-rw-r--r--src/providers/krb5/krb5_common.h7
-rw-r--r--src/providers/krb5/krb5_init.c12
3 files changed, 57 insertions, 2 deletions
diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c
index 2b3331ed3..746b3f3c6 100644
--- a/src/providers/krb5/krb5_common.c
+++ b/src/providers/krb5/krb5_common.c
@@ -413,3 +413,43 @@ done:
return ret;
}
+void krb5_finalize(struct tevent_context *ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ void *private_data)
+{
+ char *realm = (char *)private_data;
+ int ret;
+ errno_t err;
+ char *file;
+
+ file = talloc_asprintf(se, KDCINFO_TMPL, realm);
+ if(file == NULL) {
+ sig_term(signum);
+ }
+ errno = 0;
+ ret = unlink(file);
+ if (ret == -1) {
+ err = errno;
+ DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file,
+ err, strerror(err)));
+ }
+
+ errno = 0;
+ file = talloc_asprintf(se, KPASSWDINFO_TMPL, realm);
+ if(file == NULL) {
+ sig_term(signum);
+ }
+
+ errno = 0;
+ ret = unlink(file);
+ if (ret == -1) {
+ err = errno;
+ DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file,
+ err, strerror(err)));
+ }
+
+ sig_term(signum);
+}
diff --git a/src/providers/krb5/krb5_common.h b/src/providers/krb5/krb5_common.h
index 0b0da31f2..51afa0c65 100644
--- a/src/providers/krb5/krb5_common.h
+++ b/src/providers/krb5/krb5_common.h
@@ -75,4 +75,11 @@ errno_t write_krb5info_file(const char *realm, const char *kdc,
int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx,
const char *service_name, const char *servers,
const char *realm, struct krb5_service **_service);
+
+void krb5_finalize(struct tevent_context *ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ void *private_data);
#endif /* __KRB5_COMMON_H__ */
diff --git a/src/providers/krb5/krb5_init.c b/src/providers/krb5/krb5_init.c
index 83129d9c5..0bacb3f8f 100644
--- a/src/providers/krb5/krb5_init.c
+++ b/src/providers/krb5/krb5_init.c
@@ -55,6 +55,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx,
const char *krb5_kpasswd_servers;
const char *krb5_realm;
const char *errstr;
+ char *sig_realm;
int errval;
int errpos;
@@ -126,13 +127,20 @@ int sssm_krb5_auth_init(struct be_ctx *bectx,
goto fail;
}
- sige = tevent_add_signal(bectx->ev, ctx, SIGCHLD, SA_SIGINFO,
- child_sig_handler, NULL);
+ BlockSignals(false, SIGTERM);
+ sig_realm = talloc_strdup(ctx, krb5_realm);
+ if (sig_realm == NULL) {
+ ret = ENOMEM;
+ goto fail;
+ }
+ sige = tevent_add_signal(bectx->ev, ctx, SIGTERM, SA_SIGINFO,
+ krb5_finalize, sig_realm);
if (sige == NULL) {
DEBUG(1, ("tevent_add_signal failed.\n"));
ret = ENOMEM;
goto fail;
}
+ talloc_steal(sige, sig_realm);
if (debug_to_file != 0) {
ret = open_debug_file_ex("krb5_child", &debug_filep);