Return-Path: Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 2EAB73EBBB; Tue, 25 Sep 2012 17:24:01 -0400 (EDT) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id q8PLO00T019516; Tue, 25 Sep 2012 17:24:00 -0400 Received: from mailhub-dmz-1.mit.edu (MAILHUB-DMZ-1.MIT.EDU [18.9.21.41]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id q8PLKmX7019027 for ; Tue, 25 Sep 2012 17:20:48 -0400 Received: from dmz-mailsec-scanner-4.mit.edu (DMZ-MAILSEC-SCANNER-4.MIT.EDU [18.9.25.15]) by mailhub-dmz-1.mit.edu (8.13.8/8.9.2) with ESMTP id q8PLJXEP017289 for ; Tue, 25 Sep 2012 17:20:48 -0400 X-Auditid: 1209190f-b7f636d00000095b-de-5062202fffbc Authentication-Results: symauth.service.identifier Received: from homiemail-a90.g.dreamhost.com (caiajhbdccah.dreamhost.com [208.97.132.207]) by dmz-mailsec-scanner-4.mit.edu (Symantec Messaging Gateway) with SMTP id BF.94.02395.F2022605; Tue, 25 Sep 2012 17:20:48 -0400 (EDT) Received: from homiemail-a90.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a90.g.dreamhost.com (Postfix) with ESMTP id 56B392AC07A for ; Tue, 25 Sep 2012 14:20:47 -0700 (PDT) Dkim-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:date:message-id:subject:from:to:content-type; s= cryptonector.com; bh=n7LcpRBag1Qmg6YwzGEbJLoiANc=; b=uvEN/VAYtFz YeZqh8h/asbW4uzUp1WPjiElX172uRPYIix99bGRU2oVB2gaJALRqrsyLYKCKfUj Qnieu2YZcgtnitvJS66tbvJlqWXoEqWH/GRiODkynG03OFdm3H3SuoNBkXIgMv73 C2wQ1M9RTP6tfDR7gdr4/8lJP2NKbEQY= Received: from mail-pb0-f49.google.com (mail-pb0-f49.google.com [209.85.160.49]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a90.g.dreamhost.com (Postfix) with ESMTPSA id 3F1E12AC06E for ; Tue, 25 Sep 2012 14:20:47 -0700 (PDT) Received: by pbbrq8 with SMTP id rq8so818932pbb.36 for ; Tue, 25 Sep 2012 14:20:46 -0700 (PDT) MIME-Version: 1.0 Received: by 10.66.77.7 with SMTP id o7mr43852440paw.37.1348608046926; Tue, 25 Sep 2012 14:20:46 -0700 (PDT) Received: by 10.68.20.194 with HTTP; Tue, 25 Sep 2012 14:20:46 -0700 (PDT) Date: Tue, 25 Sep 2012 16:20:46 -0500 Message-ID: Subject: kpropd handling of full resyncs is racy From: Nico Williams To: krb5-bugs@mit.edu Content-Type: text/plain; charset=UTF-8 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprFKsWRWlGSWpSXmKPExsVyIbHlvK6BQlKAwbRb7BYND4+zOzB6NJ05 yhzAGMVlk5Kak1mWWqRvl8CVsWNmJ2vBWuaKWdfeszcwPmXqYuTkkBAwkThzopEVxGYUMJLY fe4VK0RcTOLCvfVsXYxcHEICjxkleh6dZAZJCAmcYZRY/TgIJMEi8J5J4vmD2UwQiYdMEhN/ 2kDYVRIfnn5jBLF5BQQlTs58wtLFyAEUz5PoeqwNUeIlcWnRY7BlLAKqEpc/H2aHKA+QeNo/ AcwWFjCQ2NUxkwmklU1AW2LzNkWQsIiAqMTLv8fAJjILqEusnyc0gVFwFpJdsxAyCxiZVjHK puRW6eYmZuYUpybrFicn5uWlFuma6OVmluilppRuYgQGoxCnJP8Oxm8HlQ4xCnAwKvHwHnie GCDEmlhWXJl7iFGSg0lJlPeRVFKAEF9SfkplRmJxRnxRaU5q8SFGCQ5mJRFeY5By3pTEyqrU onyYlDQHi5I479WUm/5CAumJJanZqakFqUUwWSYO9kOMMhwcShK8qfJAkwWLUtNTK9Iyc0qQ 1XCCCC6QNTxAa7xACnmLCxJzizPTIYpOMRpzfDy54AEjx6WPix8wCrHk5eelSonz2oKUCoCU ZpTmwY2EJZlLjLJSwryMDAwMQjxANwGDAlX+FaM4MBiEedtBpvBk5pXA7XsFdAoT0Cn8e+JA TilJREhJNTAyCcl92usqPH+fw4q1S6QUGNQyj8WeDTDYWsM/9+ZsYfXfpSbXj8yWaOZdpGXE vt5hie6G2QpTt9740VecP4F/efGV0F9r/63e2aUR/Z/XcY/XglULDscXHWr+7GCYOk1Ackpj ec5VxaAL6fm3Fhz6+1nH/P/SA8/NTNLqHzrdOm/1aU2PWE2CEktxRqKhFnNRcSIATkUagi0D AAA= X-Mailman-Approved-At: Tue, 25 Sep 2012 17:23:58 -0400 X-Beenthere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Sender: krb5-bugs-incoming-bounces@PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu Content-Length: 422 When kadmind tells kpropd that it needs a full resync kpropd then asks for the resync then sets up the listener. This can be racy, particularly if we should make kadmind share a single global iprop dumps for full resyncs. The whole thing looks very brittle, so a redesign of how kpropd handles full resyncs seems to be in order E.g., https://github.com/nicowilliams/krb5/commit/7e2cfd5c10918e286cfa4dc85dcffd0f75f9cb67