[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Locking the krb5 replay cache

To: Andrew Bartlett <abartlet@samba.org>
Subject: Re: Locking the krb5 replay cache
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Sat, 26 Mar 2005 11:38:53 +0100
Cc: heimdal-discuss@sics.se
In-Reply-To: <1111103596.5344.9.camel@amy.flyaway.abartlet.net> (AndrewBartlett's message of "Fri, 18 Mar 2005 10:53:16 +1100")
References: <1111103596.5344.9.camel@amy.flyaway.abartlet.net>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)


Andrew Bartlett <abartlet@samba.org> writes:

> In my wanderings as a Samba4 developer, I've been trying to remove a
> nasty piece of code that 'locks' the krb5 replay cache.
>
> My question to the Heimdal list is 'should this be the responsibility of
> the krb5 libs?'.  Currently, as far as I can tell, standard fopen
> ()/fwrite() calls are used to manipulate the krb5 replay cache, but
> nothing is done to tell if there are concurrent writes.  Is this
> correct?

Yes, but the reply cache isn't hooked in default, and unless you do that,
you don't have any problems.

> Is it viable for krb5 to be extended to provide this locking, in a way a
> configure test could pick up (so I can at least conditionally remove
> Samba's locking), and have it consistent with other apps that Samba may
> be sharing with on a system?.

Heimdal should provide its own locking when the reply cache is enabled.

Love

PGP signature

References:
- Locking the krb5 replay cache
  - From: Andrew Bartlett <abartlet@samba.org>

Prev by Date: Re: Kerberos attributes with ldap/samba for a heimdal backend
Next by Date: Re: heimdal 0.6.2 coredumps
Prev by thread: Locking the krb5 replay cache
Next by thread: heimdal 0.6.2 coredumps
Index(es):
- Date
- Thread