[2627] in Kerberos_V5_Development
Re: Kerberos NT source code
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Wed Oct 22 14:50:25 1997
Date: Wed, 22 Oct 1997 14:49:34 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Cc: Assar Westerlund <assar@sics.se>, krbdev@MIT.EDU
In-Reply-To: Ken Hornstein's message of Tue, 21 Oct 1997 23:54:12 -0400,
<199710220354.XAA27549@ginger.cmf.nrl.navy.mil>
One other problem with dealing with thread support:
File locking (for ccache and keytab files) are per-process, not
per-thread, at least under Unix. (I don't know about NT). So the
library would have to know about threads so you don't have a problem
with multiple threads trying to lock the ccache at the same time, and
trashing the ccache file as a result.
In general, it'd be much more useful to analyze exactly what kind of
requirements a real threaded-application would use before we try to do
more design on this, I think, since making the whole library thread safe
would be very hard and very expensive. I also rather suspect it isn't
completely necessary. For many cases you can simply put in a subsystem
lock before calling the krb5 library, and this would work for most
applications.
- Ted
