rpms/sssd
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Backport PR #900 to fix RHBZ #1755643

Browse Source
This commit is contained in:
Adam Williamson 2019-10-22 11:27:01 -07:00
parent 460a59ec3d
commit 4e675b1715
2 changed files with 58 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
0001-SSS_CLIENT-got-rid-of-using-PRNG.patch Normal file
View File

@ -0,0 +1,49 @@
From e47f143bcb86d04aa053c17373f9d9991fc63913 Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Mon, 14 Oct 2019 11:38:06 +0200
Subject: [PATCH] SSS_CLIENT: got rid of using PRNG
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
1) no reason to expect "thundering herd issue"
2) randomization as it was done (strictly 1 or 2 secs)
would not help much anyway
3) usage of PRNG might break app that depends on deterministic
PRNG behaviour
Resolves: https://pagure.io/SSSD/sssd/issue/4094
Reviewed-by: Michal Židek <mzidek@redhat.com>
---
src/sss_client/common.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/src/sss_client/common.c b/src/sss_client/common.c
index 930efe4a1..270ca8b54 100644
--- a/src/sss_client/common.c
+++ b/src/sss_client/common.c
@@ -566,11 +566,6 @@ static int sss_cli_open_socket(int *errnop, const char *socket_name, int timeout
/* this piece is adapted from winbind client code */
wait_time = 0;
sleep_time = 0;
- /* This is not security relevant functionality and
- * it is undesirable to pull unnecessary dependency (util/crypto)
- * so plain srand() & rand() are used here.
- */
- srand(time(NULL) * getpid());
while (inprogress) {
int connect_errno = 0;
socklen_t errnosize;
@@ -605,7 +600,7 @@ static int sss_cli_open_socket(int *errnop, const char *socket_name, int timeout
break;
case EAGAIN:
if (wait_time < timeout) {
- sleep_time = rand() % 2 + 1;
+ sleep_time = 1;
sleep(sleep_time);
}
break;
--
2.23.0

10
sssd.spec
View File

@ -36,7 +36,7 @@
Name: sssd Name: sssd
Version: 2.2.2 Version: 2.2.2
Release: 2%{?dist} Release: 3%{?dist}
Summary: System Security Services Daemon Summary: System Security Services Daemon
License: GPLv3+ License: GPLv3+
URL: https://pagure.io/SSSD/sssd/ URL: https://pagure.io/SSSD/sssd/
@ -48,6 +48,10 @@ Source0: https://releases.pagure.org/SSSD/sssd/%{name}-%{version}.tar.gz
# https://github.com/SSSD/sssd/pull/904 # https://github.com/SSSD/sssd/pull/904
# https://bugzilla.redhat.com/show_bug.cgi?id=1757224 # https://bugzilla.redhat.com/show_bug.cgi?id=1757224
Patch0: 0001-KCM-Set-kdc_offset-to-zero-initially.patch Patch0: 0001-KCM-Set-kdc_offset-to-zero-initially.patch
# Workaround a problem setting up replica in containers
# https://github.com/SSSD/sssd/pull/900
# https://bugzilla.redhat.com/show_bug.cgi?id=1755643
Patch1: 0001-SSS_CLIENT-got-rid-of-using-PRNG.patch
### Downstream only patches ### ### Downstream only patches ###
Patch0502: 0502-SYSTEMD-Use-capabilities.patch Patch0502: 0502-SYSTEMD-Use-capabilities.patch
@ -1072,6 +1076,10 @@ fi
%{_libdir}/%{name}/modules/libwbclient.so %{_libdir}/%{name}/modules/libwbclient.so
%changelog %changelog
* Tue Oct 22 2019 Adam Williamson <awilliam@redhat.com> - 2.2.2-3
- Resolves: rhbz#1755643 - Upgrade to sssd 2.2.2-1.fc30 breaks setting
up FreeIPA replica in containers
* Tue Oct 22 2019 Adam Williamson <awilliam@redhat.com> - 2.2.2-2 * Tue Oct 22 2019 Adam Williamson <awilliam@redhat.com> - 2.2.2-2
- Resolves: rhbz#1757224 - Tickets act like they're expiring prematurely - Resolves: rhbz#1757224 - Tickets act like they're expiring prematurely
when using KCM cache when using KCM cache