On Fri, 8 Nov 2013, Andrew Deason wrote:
On Fri, 8 Nov 2013 11:32:42 -0500
Benjamin Kaduk <[email protected]> wrote:
I'll get to it soon :) I just had a couple of urgent things hit me
recently.
Okay, I'll look for it to review.
(*) I seem to recall a couple of places where verious ubik recovery
scenarios could lead to refreshing credentials, but I think these are
rare.
We can reinitialize the _conn_ sometimes, but ubik_CRXSecurityProc is
only ever called once, in ubeacon_InitServerListCommon.
Oh, great, this is one of those things which is different between 1.6 and
master. On master, it looks like afsconf_ClientAuth is assigned to
secLayerProc and ubik_CRXSecurityProc is unused.
ubeacon_InitSecurityClass() is called in ubeacon_ReinitServer(), which is
called in urecovery_LostServer(), which is called at two places in the
logic of ubeacon_Interact(). I didn't go and re-trace what scenarios
those call sites correspond to, though.
Looking at 1.6, ubik_CRXSecurityProc is called in
ubeacon_InitServerListCommon, which is called from ubeacon_InitServerList*
(for appropriate values of '*'). This is called from
ubik_ServerInitCommon(), called by ubik_ServerInit* (ibid). This is, in
fact, only called at startup of the individual servers (from main() or
similar), so you're right.
I have the strangest feeling of deja vu ... probably because of
https://rt.central.org/rt/Ticket/Display.html?id=131591#txn-456805 and
https://rt.central.org/rt/Ticket/Display.html?id=131591#txn-456809 .
Sigh.
-Ben
_______________________________________________
OpenAFS-devel mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-devel
