URL:
https://github.com/SSSD/sssd/pull/389
Author: sumit-bose
Title: #389: sssd_client: add mutex protected call to the PAC responder
Action: opened
PR body:
"""
SSSD's plugin for MIT Kerberos to send the PAC to the PAC responder
currently uses sss_pac_make_request() which does not protect the
communication with the PAC responder with a mutex as e.g. the NSS and
PAM clients.
If an application using threads loads this plugin via libkrb5 in
different threads and is heavily processing Kerberos tickets with PACs
chances are that two threads try to communicate with SSSD at once. In
this case one of the threads will miss a reply and will wait for it
until the default client timeout of 300s is passed.
This patch adds a call which uses a mutex to protect the communication
which will avoid the 300s delay mentioned above.
Resolves
https://pagure.io/SSSD/sssd/issue/3518
"""
To pull the PR as Git branch:
git remote add ghsssd
https://github.com/SSSD/sssd
git fetch ghsssd pull/389/head:pr389
git checkout pr389