Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix race condition with global _gsskrb5_keytab
gsskrb5_acceptor_start() was making a copy of the global pointer _gsskrb5_keytab to use later. This invites a race condition where another thread could call gsskrb5_register_acceptor_identity() (thus invalidating the target of the copied pointer) before it is used by gsskrb5_acceptor_start(). So instead, clone the keytab to a new one while protected by the mutex lock (similar to get_keytab() in acquire_cred.c). Signed-off-by: Nicolas Williams <nico@twosigma.com>
- Loading branch information