Branch: refs/heads/main
Home: https://github.com/gssapi/gssproxy
Commit: 325869a33cb923ab2123ab4179399a37503ed3b5
https://github.com/gssapi/gssproxy/commit/325869a33cb923ab2123ab4179399a375…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-31 (Tue, 31 May 2022)
Changed paths:
M configure.ac
Log Message:
-----------
Move some configure checks out of a condition
I was too aggressive in moving all systemd checks, some of them need to
be performed at all times because there are conditionals ependent on the
detection.
The actual build for gss-only module is controlled by the BUILD_PROXY
guard anyway, so the checking unconditionally should not cause any
change for that configuration even when unused.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Branch: refs/heads/main
Home: https://github.com/gssapi/gssproxy
Commit: 72ef228833e747569ee4b579015c808e677dcb17
https://github.com/gssapi/gssproxy/commit/72ef228833e747569ee4b579015c808e6…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-27 (Fri, 27 May 2022)
Changed paths:
M src/gp_init.c
M src/gp_socket.c
M src/gp_workers.c
Log Message:
-----------
Minor correctness fixes found while reviewing
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Commit: 88bfaa1b67de29ebb84b7c385938b2411a2801df
https://github.com/gssapi/gssproxy/commit/88bfaa1b67de29ebb84b7c385938b2411…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-27 (Fri, 27 May 2022)
Changed paths:
M src/gp_debug.c
M src/gp_debug.h
M src/gp_init.c
M src/gp_mgmt.c
M src/gp_proxy.h
M src/gssproxy.c
Log Message:
-----------
Add a wait to redirect Krb5 tracing to our stderr
The proccess stderr may be redirected to a socket or a pipe by the
parent process (which is what systemd does for example).
When that happen we can't simply pass a valid path to stderr so
that libkrb5 can send the tracing via the KRB5_TRACE environment
variable to a our stderr, passing /dev/stderr in this case will
just result in an open error and tracing output going nowhere.
To handle this we create our own fifo to pass to libkrb5 and
then we create a thread that reads the incoming data and pipes
it back to the stderr we've been given by our parent.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Compare: https://github.com/gssapi/gssproxy/compare/a3d215e24237...88bfaa1b67de
Branch: refs/heads/main
Home: https://github.com/gssapi/gssproxy
Commit: db71ef93d714163beefcb1a28046188a6642cb6c
https://github.com/gssapi/gssproxy/commit/db71ef93d714163beefcb1a28046188a6…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-26 (Thu, 26 May 2022)
Changed paths:
M src/gp_init.c
M src/gp_proxy.h
M src/gssproxy.c
Log Message:
-----------
Revert break_loop changes
The event loop cycles too often to use verto_run_once() as a way
to deal with marking activity. So revert to using verto_run() and
set the termination handler once for now.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Commit: 7d771bd6dd8bef4b7b5f4b4f29c9a8834ec49b25
https://github.com/gssapi/gssproxy/commit/7d771bd6dd8bef4b7b5f4b4f29c9a8834…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-26 (Thu, 26 May 2022)
Changed paths:
M src/gp_init.c
M src/gp_proxy.h
M src/gssproxy.c
Log Message:
-----------
Move initialization functions into gp_init
Refactor init functions and move them in the appropriate file.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Commit: f48f8c6b92bdbbc2ea7ce8b8d9050e2a2195579e
https://github.com/gssapi/gssproxy/commit/f48f8c6b92bdbbc2ea7ce8b8d9050e2a2…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-26 (Thu, 26 May 2022)
Changed paths:
M Makefile.am
M src/gp_init.c
A src/gp_mgmt.c
M src/gp_proxy.h
M src/gssproxy.c
Log Message:
-----------
Move runtime management function to gp_mgmt.c
These are functions that are used to manage the proxy own main process
after initialization. Store in their own file so the scope is clear.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Commit: 0400a19aefe6d19d4d187bc6f3038591e5bde77e
https://github.com/gssapi/gssproxy/commit/0400a19aefe6d19d4d187bc6f3038591e…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-26 (Thu, 26 May 2022)
Changed paths:
M src/gp_debug.h
M src/gp_mgmt.c
M src/gp_proxy.h
M src/gp_socket.c
Log Message:
-----------
Fix self termination and add some accounting
Self termination need to happen only when gssproxy is idle for a certina
amount of time.
However due to non material activity the gssproxy performs through the
verto event handler we need to actively measure ideling rather than
depend on things like verto_idle.
Ad an accounting function to our socket handler.
This now allows us to collect some interesting statistics as well as
reset the idle handler when there is actual activity ongoing.
We reset the handler only upon receiving data from a client, as that
indicates a requested activity. Writes happen only as reposnses and are
considered part of a single activity event together with the read that
caused the idel handler reset.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Commit: a3d215e24237778681965eacaa42a596cd3842df
https://github.com/gssapi/gssproxy/commit/a3d215e24237778681965eacaa42a596c…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-26 (Thu, 26 May 2022)
Changed paths:
M tests/userproxytest.c
Log Message:
-----------
Extend userproxy test to check outputs
Currently just checks that initialization and self termination
actually happened.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Compare: https://github.com/gssapi/gssproxy/compare/c8b9107288f9...a3d215e24237
Branch: refs/heads/main
Home: https://github.com/gssapi/gssproxy
Commit: c8b9107288f9de4650612074efcca592eb6a2f0c
https://github.com/gssapi/gssproxy/commit/c8b9107288f9de4650612074efcca592e…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-24 (Tue, 24 May 2022)
Changed paths:
M src/gp_config.c
M src/gp_proxy.h
M src/gp_socket.c
M src/gssproxy.c
M systemd/gssuserproxy.service.in
Log Message:
-----------
Fix issues with socket activation.
Adjust systemd's service file for usermode.
Socket activation requires that we used the interactive mode (-i)
so that gssproxy does not fork on startup.
Forking causes sd_listen_fds() to fail as that function checks that
the pid of the process calling it is the same process systemd forked
via the internal envvar LISTEN_PID.
Additionally make sure to set the socket name for the artificial
config service in usermode as well as the socket set up during socket
activation to all use the same string (the usermode socket) so that
the checks in gp_creds_match_conn() work properly in the socket
activation case too.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Branch: refs/heads/main
Home: https://github.com/gssapi/gssproxy
Commit: b8f5f4ac78cb94dfc76580689053fcfe1ba40c69
https://github.com/gssapi/gssproxy/commit/b8f5f4ac78cb94dfc76580689053fcfe1…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-23 (Mon, 23 May 2022)
Changed paths:
M src/gp_init.c
M src/gp_proxy.h
M src/gp_socket.c
M src/gssproxy.c
Log Message:
-----------
Add self-termination for user mode.
Self termination kicks in only if the daemon is socket activated, so
that the user daemon eventually turns itself off when not used.
The default timeout is 1000 seconds but can be changed via the command
line switch --idle-timeout
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Commit: 6cdb6296d1eeacfae90109f72a6ea6b402849721
https://github.com/gssapi/gssproxy/commit/6cdb6296d1eeacfae90109f72a6ea6b40…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-23 (Mon, 23 May 2022)
Changed paths:
M .gitignore
M Makefile.am
M external/systemd.m4
M tests/Makefile.am
A tests/userproxytest.c
Log Message:
-----------
Add test for userproxy mode
This is a very basic test that checks the gssproxy can start,
and that socket activation works.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Compare: https://github.com/gssapi/gssproxy/compare/b9b888462498...6cdb6296d1ee
Branch: refs/heads/main
Home: https://github.com/gssapi/gssproxy
Commit: b9b88846249832c6ded5addf2871faced28735a3
https://github.com/gssapi/gssproxy/commit/b9b88846249832c6ded5addf2871faced…
Author: Simo Sorce <simo(a)redhat.com>
Date: 2022-05-23 (Mon, 23 May 2022)
Changed paths:
M contrib/gssproxy.spec.in
Log Message:
-----------
Fix spec file to build
2 files were now missing and caused a rpm build to fail at the final
step.
Signed-off-by: Simo Sorce <simo(a)redhat.com>