Adam Williamson
parent
460a59ec3d
commit
4e675b1715
49
0001-SSS_CLIENT-got-rid-of-using-PRNG.patch
Normal file
49
0001-SSS_CLIENT-got-rid-of-using-PRNG.patch
Normal file
@ -0,0 +1,49 @@
|
||||
From e47f143bcb86d04aa053c17373f9d9991fc63913 Mon Sep 17 00:00:00 2001
|
||||
From: Alexey Tikhonov <atikhono@redhat.com>
|
||||
Date: Mon, 14 Oct 2019 11:38:06 +0200
|
||||
Subject: [PATCH] SSS_CLIENT: got rid of using PRNG
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
1) no reason to expect "thundering herd issue"
|
||||
2) randomization as it was done (strictly 1 or 2 secs)
|
||||
would not help much anyway
|
||||
3) usage of PRNG might break app that depends on deterministic
|
||||
PRNG behaviour
|
||||
|
||||
Resolves: https://pagure.io/SSSD/sssd/issue/4094
|
||||
|
||||
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
||||
---
|
||||
src/sss_client/common.c | 7 +------
|
||||
1 file changed, 1 insertion(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/sss_client/common.c b/src/sss_client/common.c
|
||||
index 930efe4a1..270ca8b54 100644
|
||||
--- a/src/sss_client/common.c
|
||||
+++ b/src/sss_client/common.c
|
||||
@@ -566,11 +566,6 @@ static int sss_cli_open_socket(int *errnop, const char *socket_name, int timeout
|
||||
/* this piece is adapted from winbind client code */
|
||||
wait_time = 0;
|
||||
sleep_time = 0;
|
||||
- /* This is not security relevant functionality and
|
||||
- * it is undesirable to pull unnecessary dependency (util/crypto)
|
||||
- * so plain srand() & rand() are used here.
|
||||
- */
|
||||
- srand(time(NULL) * getpid());
|
||||
while (inprogress) {
|
||||
int connect_errno = 0;
|
||||
socklen_t errnosize;
|
||||
@@ -605,7 +600,7 @@ static int sss_cli_open_socket(int *errnop, const char *socket_name, int timeout
|
||||
break;
|
||||
case EAGAIN:
|
||||
if (wait_time < timeout) {
|
||||
- sleep_time = rand() % 2 + 1;
|
||||
+ sleep_time = 1;
|
||||
sleep(sleep_time);
|
||||
}
|
||||
break;
|
||||
--
|
||||
2.23.0
|
||||
|
||||
10
sssd.spec
10
sssd.spec
@ -36,7 +36,7 @@
|
||||
|
||||
Name: sssd
|
||||
Version: 2.2.2
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: System Security Services Daemon
|
||||
License: GPLv3+
|
||||
URL: https://pagure.io/SSSD/sssd/
|
||||
@ -48,6 +48,10 @@ Source0: https://releases.pagure.org/SSSD/sssd/%{name}-%{version}.tar.gz
|
||||
# https://github.com/SSSD/sssd/pull/904
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1757224
|
||||
Patch0: 0001-KCM-Set-kdc_offset-to-zero-initially.patch
|
||||
# Workaround a problem setting up replica in containers
|
||||
# https://github.com/SSSD/sssd/pull/900
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1755643
|
||||
Patch1: 0001-SSS_CLIENT-got-rid-of-using-PRNG.patch
|
||||
|
||||
### Downstream only patches ###
|
||||
Patch0502: 0502-SYSTEMD-Use-capabilities.patch
|
||||
@ -1072,6 +1076,10 @@ fi
|
||||
%{_libdir}/%{name}/modules/libwbclient.so
|
||||
|
||||
%changelog
|
||||
* Tue Oct 22 2019 Adam Williamson <awilliam@redhat.com> - 2.2.2-3
|
||||
- Resolves: rhbz#1755643 - Upgrade to sssd 2.2.2-1.fc30 breaks setting
|
||||
up FreeIPA replica in containers
|
||||
|
||||
* Tue Oct 22 2019 Adam Williamson <awilliam@redhat.com> - 2.2.2-2
|
||||
- Resolves: rhbz#1757224 - Tickets act like they're expiring prematurely
|
||||
when using KCM cache
|
||||
|
||||
Loading…
Reference in New Issue
Block a user