From 1e1c7be98749fff054beec4bf67b436b58f6edac Mon Sep 17 00:00:00 2001 From: Lukas Hejtmanek Date: Tue, 15 Jul 2008 10:07:45 -0400 Subject: [PATCH] The default expiration of kernel gss contexts is the expiration of the Kerberos ticket used in its creation. (For contexts created using the Kerberos mechanism.) Thus kdestroy has no effect in nullifying the kernel context. This patch adds -t option to rpc.gssd so that the client's administrator may specify a timeout for expiration of contexts in kernel. After this timeout, rpc.gssd is consulted to create a new context. By default, timeout is 0 (i.e., no timeout at all) which follows the previous behavior. Signed-off-by: Lukas Hejtmanek Signed-off-by: Kevin Coffman Signed-off-by: Steve Dickson --- utils/gssd/gssd.c | 8 ++++++-- utils/gssd/gssd.h | 1 + utils/gssd/gssd.man | 8 ++++++++ utils/gssd/gssd_proc.c | 3 +-- 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c index e8612a5..2e6f316 100644 --- a/utils/gssd/gssd.c +++ b/utils/gssd/gssd.c @@ -60,6 +60,7 @@ char ccachedir[PATH_MAX] = GSSD_DEFAULT_CRED_DIR; char *ccachesearch[GSSD_MAX_CCACHE_SEARCH + 1]; int use_memcache = 0; int root_uses_machine_creds = 1; +unsigned int context_timeout = 0; void sig_die(int signal) @@ -82,7 +83,7 @@ sig_hup(int signal) static void usage(char *progname) { - fprintf(stderr, "usage: %s [-f] [-M] [-n] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir]\n", + fprintf(stderr, "usage: %s [-f] [-M] [-n] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir] [-t timeout]\n", progname); exit(1); } @@ -99,7 +100,7 @@ main(int argc, char *argv[]) char *progname; memset(ccachesearch, 0, sizeof(ccachesearch)); - while ((opt = getopt(argc, argv, "fvrmnMp:k:d:")) != -1) { + while ((opt = getopt(argc, argv, "fvrmnMp:k:d:t:")) != -1) { switch (opt) { case 'f': fg = 1; @@ -134,6 +135,9 @@ main(int argc, char *argv[]) if (ccachedir[sizeof(ccachedir)-1] != '\0') errx(1, "ccachedir path name too long"); break; + case 't': + context_timeout = atoi(optarg); + break; default: usage(argv[0]); break; diff --git a/utils/gssd/gssd.h b/utils/gssd/gssd.h index 0f9f428..aef14cf 100644 --- a/utils/gssd/gssd.h +++ b/utils/gssd/gssd.h @@ -65,6 +65,7 @@ extern char keytabfile[PATH_MAX]; extern char *ccachesearch[]; extern int use_memcache; extern int root_uses_machine_creds; +extern unsigned int context_timeout; TAILQ_HEAD(clnt_list_head, clnt_info) clnt_list; diff --git a/utils/gssd/gssd.man b/utils/gssd/gssd.man index 8fa4f4a..e4f68f9 100644 --- a/utils/gssd/gssd.man +++ b/utils/gssd/gssd.man @@ -86,6 +86,14 @@ Increases the verbosity of the output (can be specified multiple times). .B -r If the rpcsec_gss library supports setting debug level, increases the verbosity of the output (can be specified multiple times). +.TP +.B -t timeout +Timeout, in seconds, for kernel gss contexts. This option allows you to force +new kernel contexts to be negotiated after +.I timeout +seconds, which allows changing Kerberos tickets and identities frequently. +The default is no explicit timeout, which means the kernel context will live +the lifetime of the Kerberos service ticket used in its creation. .SH SEE ALSO .BR rpc.svcgssd(8) .SH AUTHORS diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c index a145081..f415a10 100644 --- a/utils/gssd/gssd_proc.c +++ b/utils/gssd/gssd_proc.c @@ -427,7 +427,7 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd, gss_buffer_desc *context_token) { char *buf = NULL, *p = NULL, *end = NULL; - unsigned int timeout = 0; /* XXX decide on a reasonable value */ + unsigned int timeout = context_timeout; unsigned int buf_size = 0; printerr(1, "doing downcall\n"); @@ -438,7 +438,6 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd, end = buf + buf_size; if (WRITE_BYTES(&p, end, uid)) goto out_err; - /* Not setting any timeout for now: */ if (WRITE_BYTES(&p, end, timeout)) goto out_err; if (WRITE_BYTES(&p, end, pd->pd_seq_win)) goto out_err; if (write_buffer(&p, end, &pd->pd_ctx_hndl)) goto out_err; -- 2.39.2