[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Extend Timeout for kpasswd Client?

To: heimdal-discuss@sics.se, Eric Sturdivant <sturdiva@umd.edu>
Subject: Re: Extend Timeout for kpasswd Client?
From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
Date: Tue, 4 Mar 2008 12:39:36 -0800
In-Reply-To: <Pine.GSO.4.61.0803040855530.22838@kapalua.umd.edu>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
References: <EBC9DCD7-007E-4837-B011-CCB5790EF7FE@jpl.nasa.gov> <Pine.GSO.4.61.0803040855530.22838@kapalua.umd.edu>
Reply-To: heimdal-discuss@sics.se, "Henry B. Hotz" <hotz@jpl.nasa.gov>

Thanks muchly!

It appears that we're actually using a 0.6.3 version of kpasswd in  
the problem case. ;-P  Also appears that the Solaris kpasswd has a  
sufficiently longer timeout to serve as a short term stand in until  
we have a more "correct" fix to deploy.

On Mar 4, 2008, at 5:57 AM, Eric Sturdivant wrote:

> On Thu, 28 Feb 2008, Henry B. Hotz wrote:
>
>> I've got some slow plugins in kpasswdd.  Anyone know offhand where  
>> to change the 2 second retry interval that kapsswd uses?
>>
>
> Looks like it's in src/lib/krb5/changepw.c in change_password_loop():
>
>             for (i = 0; !done && i < 5; ++i) {
>                 fd_set fdset;
>                 struct timeval tv;
>
>                 if (!replied) {
>                     replied = 0;
>
>                     ret = (*proc->send_req) (context,
>                                              &auth_context,
>                                              creds,
>                                              targprinc,
>                                              is_stream,
>                                              sock,
>                                              newpw,
>                                              hi->hostname);
>                     if (ret) {
>                         close(sock);
>                         goto out;
>                     }
>                 }
>
>                 if (sock >= FD_SETSIZE) {
>                     krb5_set_error_string(context, "fd %d too  
> large", sock);
>                     ret = ERANGE;
>                     close (sock);
>                     goto out;
>                 }
>
>                 FD_ZERO(&fdset);
>                 FD_SET(sock, &fdset);
>                 tv.tv_usec = 0;
>                 tv.tv_sec  = 1 + (1 << i);
>
>                 ret = select (sock + 1, &fdset, NULL, NULL, &tv);
>
> -- 
> Eric Sturdivant
> University of Maryland
> Office of Information Technology
> Distributed Computing Services

References:
- Re: Extend Timeout for kpasswd Client?
  - From: Eric Sturdivant <sturdiva@umd.edu>

Prev by Date: Re: Extend Timeout for kpasswd Client?
Next by Date: Re: pagsh on OSX broken?
Prev by thread: Re: Extend Timeout for kpasswd Client?
Next by thread: Re: Odd krb5_free_cred_contents problem (Heimdal 1.0.2, Solaris 9)
Index(es):
- Date
- Thread