[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Locking the krb5 replay cache
Andrew Bartlett <abartlet@samba.org> writes:
> In my wanderings as a Samba4 developer, I've been trying to remove a
> nasty piece of code that 'locks' the krb5 replay cache.
>
> My question to the Heimdal list is 'should this be the responsibility of
> the krb5 libs?'. Currently, as far as I can tell, standard fopen
> ()/fwrite() calls are used to manipulate the krb5 replay cache, but
> nothing is done to tell if there are concurrent writes. Is this
> correct?
Yes, but the reply cache isn't hooked in default, and unless you do that,
you don't have any problems.
> Is it viable for krb5 to be extended to provide this locking, in a way a
> configure test could pick up (so I can at least conditionally remove
> Samba's locking), and have it consistent with other apps that Samba may
> be sharing with on a system?.
Heimdal should provide its own locking when the reply cache is enabled.
Love
PGP signature