[16599] in Kerberos_V5_Development
an issue relating to using current MIT krb code in kernel space
daemon@ATHENA.MIT.EDU (Will Fiveash)
Thu Jan 20 16:32:57 2011
Date: Thu, 20 Jan 2011 15:32:35 -0600
From: Will Fiveash <will.fiveash@oracle.com>
To: MIT Kerberos Dev List <krbdev@mit.edu>
Message-ID: <20110120213235.GA2602@sun.com>
Mail-Followup-To: MIT Kerberos Dev List <krbdev@MIT.EDU>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
I've been looking at newish MIT code and have discovered some changes
from the older 1.6 release that make life more difficult when using this
code for the Solaris krb mech kernel module. The issue is that in the
Solaris kernel space the function to free memory requires two parameters
(one being the address to free and the other the number of bytes to
free). In MIT 1.6 krb5_set_default_in_tkt_ktypes() was doing the
following:
context->in_tkt_ktypes = new_ktypes;
context->in_tkt_ktype_count = i;
Setting context->in_tkt_ktype_count was useful for the kernel krb mech
because in krb5_free_context() we could do this:
if (ctx->in_tkt_ktypes) {
FREE(ctx->in_tkt_ktypes, sizeof(krb5_enctype) *(ctx->in_tkt_ktype_count+1) );
^^^^^^^^^^^^^^^^^^^^^^^^^
ctx->in_tkt_ktypes = 0;
}
(FREE() is a macro that expands to the kernel kmem_free((x), (n)) when
compiling for the kernel). In the 1.8 MIT code
context->in_tkt_ktype_count has been removed so I either have to add it
back for Solaris or dynamically calculate the number of krb5_enctype
entries there are in context->in_tkt_ktypes before I call
FREE()/kmem_free().
Something to consider when providing code for platforms that provide a
kernel space krb mech like Solaris.
--
Will Fiveash
Oracle
http://opensolaris.org/os/project/kerberos/
Sent using mutt, a sweet, text based e-mail app <http://www.mutt.org/>
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
