[2420] in Kerberos_V5_Development
Re: Kerberos V4 Re-entrancy Question and a Solaris threaded server.
daemon@ATHENA.MIT.EDU (Ezra Peisach)
Wed Jul 9 21:25:02 1997
To: jdj@busstop.jpl.nasa.gov (Jeffery D. Jacobson)
Cc: krbdev@MIT.EDU, tytso@MIT.EDU
In-Reply-To: Your message of "Wed, 09 Jul 1997 17:56:11 PDT."
<199707100056.RAA22170@busstop.Jpl.Nasa.Gov>
Date: Wed, 09 Jul 1997 21:23:57 EDT
From: Ezra Peisach <epeisach@MIT.EDU>
Hi there,
I have never actually done any thread based programming, but from what
little I do know, I would think that krb_rd_req was unsafe do to the
the static variables near the top of the source file. But, I may have
a solution.
Now, for efficiency, the static copy of the service key, server realm,
etc is stored. This is to ensure that if the same realm, service name
and instance is used, the cached service key can be used. (without
taking the time to read it from the srvtab file).
Now, as I am reading the code, if the last argument to krb_rd_req is
NULL, then krb_rd_req assumes that the servers key has been set by
krb_set_key. I am assuming that you are always using the same
service/instance/realm for all requests.
So, in the initialization of your server, you would need to more or less:
if (read_service_key(service,instance,realm,(int) s_kvno,
fn,(char *)skey))
return(RD_AP_UNDEC);
if (status = krb_set_key((char *)skey,0))
return(status);
before you start serving requests. Then from there on use krb_rd_req
with the last argument NULL.
Assuming that debugging has not been compiled into the library, I
believe the above scenario would then be thread safe,
Does anyone else have an opinion?
Ezra
