krb5 commit: Match ccache functions in krb5.h with export list
Greg Hudson
ghudson at mit.edu
Wed Jan 23 13:07:51 EST 2019
https://github.com/krb5/krb5/commit/1f128e43056b470e19f1059fac6f5d725841d296
commit 1f128e43056b470e19f1059fac6f5d725841d296
Author: Robbie Harwood <rharwood at redhat.com>
Date: Fri Jul 13 16:23:45 2018 -0400
Match ccache functions in krb5.h with export list
Commit 6e83d0bd31721ac86003530dd2450221dd05d0c2 (part of release 1.7)
added new ccache functions to krb5.h, but not to either export list.
Though commit ad5aa12f13aad7ec4cafcffeec4f2e84e56c9c78 exported
krb5_cc_move(), the rest remain unexported.
krb5_cc_lock(), krb5_cc_unlock(), krb5_cccol_lock(), and
krb5_cccol_unlock() are used internally, so remove them from krb5.h
and rename them to k5_cc_lock(), k5_cc_unlock(), k5_cccol_lock(), and
k5_cccol_unlock() respectively.
krb5_cccol_last_change_time() is not used, so remove it.
krb5_cc_last_change_time() is also not used, so remove it as well.
Update ccache interface to reflect removal. Of particular note, this
function didn't behave as documented for KCM or KEYRING ccaches at
time of removal.
ticket: 7765
doc/appdev/h5l_mit_apidiff.rst | 5 +--
doc/appdev/refs/api/index.rst | 6 ---
src/include/krb5/krb5.hin | 85 -------------------------------------
src/lib/krb5/ccache/cc-int.h | 14 +++++-
src/lib/krb5/ccache/cc_dir.c | 10 ----
src/lib/krb5/ccache/cc_file.c | 25 -----------
src/lib/krb5/ccache/cc_kcm.c | 50 ++++++----------------
src/lib/krb5/ccache/cc_keyring.c | 41 ------------------
src/lib/krb5/ccache/cc_memory.c | 38 ----------------
src/lib/krb5/ccache/cc_mslsa.c | 1 -
src/lib/krb5/ccache/ccapi/stdcc.c | 25 -----------
src/lib/krb5/ccache/ccapi/stdcc.h | 4 --
src/lib/krb5/ccache/ccbase.c | 26 ++++++------
src/lib/krb5/ccache/cccursor.c | 35 ---------------
src/lib/krb5/ccache/ccfns.c | 15 ++-----
15 files changed, 43 insertions(+), 337 deletions(-)
diff --git a/doc/appdev/h5l_mit_apidiff.rst b/doc/appdev/h5l_mit_apidiff.rst
index 0ea5e32..b721b57 100644
--- a/doc/appdev/h5l_mit_apidiff.rst
+++ b/doc/appdev/h5l_mit_apidiff.rst
@@ -19,10 +19,7 @@ Differences between Heimdal and MIT Kerberos API
:c:func:`krb5_auth_con_setsendsubkey()` H5l: Not implemented as of version 1.3.3
:c:func:`krb5_cc_set_config()` MIT: Before version 1.10 it was assumed that
the last argument *data* is ALWAYS non-zero.
- :c:func:`krb5_cccol_last_change_time()` H5l takes 3 arguments: krb5_context context,
- const char \*type, krb5_timestamp \*change_time
- MIT takes two arguments: krb5_context context,
- krb5_timestamp \*change_time
+ :c:func:`krb5_cccol_last_change_time()` MIT: not implemented
:c:func:`krb5_set_default_realm()` H5l: Caches the computed default realm context
field. If the second argument is NULL,
it tries to retrieve it from libdefaults or DNS.
diff --git a/doc/appdev/refs/api/index.rst b/doc/appdev/refs/api/index.rst
index f8a5aa5..70efc3e 100644
--- a/doc/appdev/refs/api/index.rst
+++ b/doc/appdev/refs/api/index.rst
@@ -157,8 +157,6 @@ Rarely used public interfaces
krb5_cc_get_config.rst
krb5_cc_get_flags.rst
krb5_cc_get_full_name.rst
- krb5_cc_last_change_time.rst
- krb5_cc_lock.rst
krb5_cc_move.rst
krb5_cc_next_cred.rst
krb5_cc_remove_cred.rst
@@ -171,14 +169,10 @@ Rarely used public interfaces
krb5_cc_store_cred.rst
krb5_cc_support_switch.rst
krb5_cc_switch.rst
- krb5_cc_unlock.rst
krb5_cccol_cursor_free.rst
krb5_cccol_cursor_new.rst
krb5_cccol_cursor_next.rst
krb5_cccol_have_content.rst
- krb5_cccol_last_change_time.rst
- krb5_cccol_lock.rst
- krb5_cccol_unlock.rst
krb5_clear_error_message.rst
krb5_check_clockskew.rst
krb5_copy_addresses.rst
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index c40a6cc..15b7677 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -2611,45 +2611,6 @@ krb5_error_code KRB5_CALLCONV
krb5_cc_move(krb5_context context, krb5_ccache src, krb5_ccache dst);
/**
- * Return a timestamp of the last modification to a credential cache.
- *
- * @param [in] context Library context
- * @param [in] ccache Credential cache handle
- * @param [out] change_time The last change time of @a ccache
- *
- * If an error occurs, @a change_time is set to 0.
- */
-krb5_error_code KRB5_CALLCONV
-krb5_cc_last_change_time(krb5_context context, krb5_ccache ccache,
- krb5_timestamp *change_time);
-
-/**
- * Lock a credential cache.
- *
- * @param [in] context Library context
- * @param [in] ccache Credential cache handle
- *
- * Use krb5_cc_unlock() to unlock the lock.
- *
- * @retval 0 Success; otherwise - Kerberos error codes
- */
-krb5_error_code KRB5_CALLCONV
-krb5_cc_lock(krb5_context context, krb5_ccache ccache);
-
-/**
- * Unlock a credential cache.
- *
- * @param [in] context Library context
- * @param [in] ccache Credential cache handle
- *
- * This function unlocks the @a ccache locked by krb5_cc_lock().
- *
- * @retval 0 Success; otherwise - Kerberos error codes
- */
-krb5_error_code KRB5_CALLCONV
-krb5_cc_unlock(krb5_context context, krb5_ccache ccache);
-
-/**
* Prepare to iterate over the collection of known credential caches.
*
* @param [in] context Library context
@@ -2715,52 +2676,6 @@ krb5_error_code KRB5_CALLCONV
krb5_cccol_have_content(krb5_context context);
/**
- * Return a timestamp of the last modification of any known credential cache.
- *
- * @param [in] context Library context
- * @param [out] change_time Last modification timestamp
- *
- * This function returns the most recent modification time of any known
- * credential cache, ignoring any caches which cannot supply a last
- * modification time.
- *
- * If there are no known credential caches, @a change_time is set to 0.
- *
- * @retval 0 Success; otherwise - Kerberos error codes
- */
-krb5_error_code KRB5_CALLCONV
-krb5_cccol_last_change_time(krb5_context context, krb5_timestamp *change_time);
-
-/**
- * Acquire a global lock for credential caches.
- *
- * @param [in] context Library context
- *
- * This function locks the global credential cache collection, ensuring
- * that no ccaches are added to or removed from it until the collection
- * lock is released.
- *
- * Use krb5_cccol_unlock() to unlock the lock.
- *
- * @retval 0 Success; otherwise - Kerberos error codes
- */
-
-krb5_error_code KRB5_CALLCONV
-krb5_cccol_lock(krb5_context context);
-
-/**
- * Release a global lock for credential caches.
- *
- * @param [in] context Library context
- *
- * This function unlocks the lock from krb5_cccol_lock().
- *
- * @retval 0 Success; otherwise - Kerberos error codes
- */
-krb5_error_code KRB5_CALLCONV
-krb5_cccol_unlock(krb5_context context);
-
-/**
* Create a new credential cache of the specified type with a unique name.
*
* @param [in] context Library context
diff --git a/src/lib/krb5/ccache/cc-int.h b/src/lib/krb5/ccache/cc-int.h
index d920367..9fe6e1b 100644
--- a/src/lib/krb5/ccache/cc-int.h
+++ b/src/lib/krb5/ccache/cc-int.h
@@ -114,6 +114,18 @@ extern krb5_error_code KRB5_CALLCONV krb5_stdccv3_context_unlock
(krb5_context context);
#endif
+krb5_error_code
+k5_cc_lock(krb5_context context, krb5_ccache ccache);
+
+krb5_error_code
+k5_cc_unlock(krb5_context context, krb5_ccache ccache);
+
+krb5_error_code
+k5_cccol_lock(krb5_context context);
+
+krb5_error_code
+k5_cccol_unlock(krb5_context context);
+
void
k5_cc_mutex_force_unlock(k5_cc_mutex *m);
@@ -200,8 +212,6 @@ struct _krb5_cc_ops {
krb5_cc_ptcursor *);
krb5_error_code (KRB5_CALLCONV *move)(krb5_context, krb5_ccache,
krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *lastchange)(krb5_context,
- krb5_ccache, krb5_timestamp *);
krb5_error_code (KRB5_CALLCONV *wasdefault)(krb5_context, krb5_ccache,
krb5_timestamp *);
krb5_error_code (KRB5_CALLCONV *lock)(krb5_context, krb5_ccache);
diff --git a/src/lib/krb5/ccache/cc_dir.c b/src/lib/krb5/ccache/cc_dir.c
index bba64e5..7b100a0 100644
--- a/src/lib/krb5/ccache/cc_dir.c
+++ b/src/lib/krb5/ccache/cc_dir.c
@@ -692,15 +692,6 @@ dcc_ptcursor_free(krb5_context context, krb5_cc_ptcursor *cursor)
}
static krb5_error_code KRB5_CALLCONV
-dcc_lastchange(krb5_context context, krb5_ccache cache,
- krb5_timestamp *time_out)
-{
- dcc_data *data = cache->data;
-
- return krb5_fcc_ops.lastchange(context, data->fcc, time_out);
-}
-
-static krb5_error_code KRB5_CALLCONV
dcc_lock(krb5_context context, krb5_ccache cache)
{
dcc_data *data = cache->data;
@@ -762,7 +753,6 @@ const krb5_cc_ops krb5_dcc_ops = {
dcc_ptcursor_next,
dcc_ptcursor_free,
NULL, /* move */
- dcc_lastchange,
NULL, /* wasdefault */
dcc_lock,
dcc_unlock,
diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c
index 9263a00..b7c96d3 100644
--- a/src/lib/krb5/ccache/cc_file.c
+++ b/src/lib/krb5/ccache/cc_file.c
@@ -1099,29 +1099,6 @@ fcc_ptcursor_free(krb5_context context, krb5_cc_ptcursor *cursor)
return 0;
}
-/* Get the cache file's last modification time. */
-static krb5_error_code KRB5_CALLCONV
-fcc_last_change_time(krb5_context context, krb5_ccache id,
- krb5_timestamp *change_time)
-{
- krb5_error_code ret = 0;
- fcc_data *data = id->data;
- struct stat buf;
-
- *change_time = 0;
-
- k5_cc_mutex_lock(context, &data->lock);
-
- if (stat(data->filename, &buf) == -1)
- ret = interpret_errno(context, errno);
- else
- *change_time = (krb5_timestamp)buf.st_mtime;
-
- k5_cc_mutex_unlock(context, &data->lock);
-
- return set_errmsg_filename(context, ret, data->filename);
-}
-
/* Lock the cache handle against other threads. (This does not lock the cache
* file against other processes.) */
static krb5_error_code KRB5_CALLCONV
@@ -1217,7 +1194,6 @@ const krb5_cc_ops krb5_fcc_ops = {
fcc_ptcursor_next,
fcc_ptcursor_free,
NULL, /* move */
- fcc_last_change_time,
NULL, /* wasdefault */
fcc_lock,
fcc_unlock,
@@ -1288,7 +1264,6 @@ const krb5_cc_ops krb5_cc_file_ops = {
fcc_ptcursor_next,
fcc_ptcursor_free,
NULL, /* move */
- fcc_last_change_time,
NULL, /* wasdefault */
fcc_lock,
fcc_unlock,
diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c
index 092ab7d..103cd98 100644
--- a/src/lib/krb5/ccache/cc_kcm.c
+++ b/src/lib/krb5/ccache/cc_kcm.c
@@ -79,9 +79,8 @@ struct kcmreq {
struct kcm_cache_data {
char *residual; /* immutable; may be accessed without lock */
- k5_cc_mutex lock; /* protects io and changetime */
+ k5_cc_mutex lock; /* protects io */
struct kcmio *io;
- krb5_timestamp changetime;
};
struct kcm_ptcursor {
@@ -540,7 +539,6 @@ make_cache(krb5_context context, const char *residual, struct kcmio *io,
data->residual = residual_copy;
data->io = io;
- data->changetime = 0;
cache->ops = &krb5_kcm_ops;
cache->data = data;
cache->magic = KV5M_CCACHE;
@@ -555,19 +553,15 @@ oom:
return ENOMEM;
}
-/* Lock cache's I/O structure and use it to call the KCM daemon. If modify is
- * true, update the last change time. */
+/* Lock cache's I/O structure and use it to call the KCM daemon. */
static krb5_error_code
-cache_call(krb5_context context, krb5_ccache cache, struct kcmreq *req,
- krb5_boolean modify)
+cache_call(krb5_context context, krb5_ccache cache, struct kcmreq *req)
{
krb5_error_code ret;
struct kcm_cache_data *data = cache->data;
k5_cc_mutex_lock(context, &data->lock);
ret = kcmio_call(context, data->io, req);
- if (modify && !ret)
- data->changetime = time(NULL);
k5_cc_mutex_unlock(context, &data->lock);
return ret;
}
@@ -580,7 +574,7 @@ get_kdc_offset(krb5_context context, krb5_ccache cache)
int32_t time_offset;
kcmreq_init(&req, KCM_OP_GET_KDC_OFFSET, cache);
- if (cache_call(context, cache, &req, FALSE) != 0)
+ if (cache_call(context, cache, &req) != 0)
goto cleanup;
time_offset = k5_input_get_uint32_be(&req.reply);
if (!req.reply.status)
@@ -603,7 +597,7 @@ set_kdc_offset(krb5_context context, krb5_ccache cache)
if (context->os_context.os_flags & KRB5_OS_TOFFSET_VALID) {
kcmreq_init(&req, KCM_OP_SET_KDC_OFFSET, cache);
kcmreq_put32(&req, context->os_context.time_offset);
- (void)cache_call(context, cache, &req, TRUE);
+ (void)cache_call(context, cache, &req);
kcmreq_free(&req);
}
}
@@ -685,7 +679,7 @@ kcm_initialize(krb5_context context, krb5_ccache cache, krb5_principal princ)
kcmreq_init(&req, KCM_OP_INITIALIZE, cache);
k5_marshal_princ(&req.reqbuf, 4, princ);
- ret = cache_call(context, cache, &req, TRUE);
+ ret = cache_call(context, cache, &req);
kcmreq_free(&req);
set_kdc_offset(context, cache);
return ret;
@@ -711,7 +705,7 @@ kcm_destroy(krb5_context context, krb5_ccache cache)
struct kcmreq req;
kcmreq_init(&req, KCM_OP_DESTROY, cache);
- ret = cache_call(context, cache, &req, TRUE);
+ ret = cache_call(context, cache, &req);
kcmreq_free(&req);
(void)kcm_close(context, cache);
return ret;
@@ -725,7 +719,7 @@ kcm_store(krb5_context context, krb5_ccache cache, krb5_creds *cred)
kcmreq_init(&req, KCM_OP_STORE, cache);
k5_marshal_cred(&req.reqbuf, 4, cred);
- ret = cache_call(context, cache, &req, TRUE);
+ ret = cache_call(context, cache, &req);
kcmreq_free(&req);
return ret;
}
@@ -748,7 +742,7 @@ kcm_get_princ(krb5_context context, krb5_ccache cache,
struct kcm_cache_data *data = cache->data;
kcmreq_init(&req, KCM_OP_GET_PRINCIPAL, cache);
- ret = cache_call(context, cache, &req, FALSE);
+ ret = cache_call(context, cache, &req);
/* Heimdal KCM can respond with code 0 and no principal. */
if (!ret && req.reply.len == 0)
ret = KRB5_FCC_NOFILE;
@@ -776,7 +770,7 @@ kcm_start_seq_get(krb5_context context, krb5_ccache cache,
get_kdc_offset(context, cache);
kcmreq_init(&req, KCM_OP_GET_CRED_UUID_LIST, cache);
- ret = cache_call(context, cache, &req, FALSE);
+ ret = cache_call(context, cache, &req);
if (ret)
goto cleanup;
ret = kcmreq_get_uuid_list(&req, &uuids);
@@ -806,7 +800,7 @@ kcm_next_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor,
k5_buf_add_len(&req.reqbuf, uuids->uuidbytes + (uuids->pos * KCM_UUID_LEN),
KCM_UUID_LEN);
uuids->pos++;
- ret = cache_call(context, cache, &req, FALSE);
+ ret = cache_call(context, cache, &req);
if (!ret)
ret = k5_unmarshal_cred(req.reply.ptr, req.reply.len, 4, cred_out);
kcmreq_free(&req);
@@ -832,7 +826,7 @@ kcm_remove_cred(krb5_context context, krb5_ccache cache, krb5_flags flags,
kcmreq_init(&req, KCM_OP_REMOVE_CRED, cache);
kcmreq_put32(&req, flags);
k5_marshal_mcred(&req.reqbuf, mcred);
- ret = cache_call(context, cache, &req, TRUE);
+ ret = cache_call(context, cache, &req);
kcmreq_free(&req);
return ret;
}
@@ -1033,23 +1027,6 @@ kcm_ptcursor_free(krb5_context context, krb5_cc_ptcursor *cursor)
}
static krb5_error_code KRB5_CALLCONV
-kcm_lastchange(krb5_context context, krb5_ccache cache,
- krb5_timestamp *time_out)
-{
- struct kcm_cache_data *data = cache->data;
-
- /*
- * KCM has no support for retrieving the last change time. Return the time
- * of the last change made through this handle, which isn't very useful,
- * but is the best we can do for now.
- */
- k5_cc_mutex_lock(context, &data->lock);
- *time_out = data->changetime;
- k5_cc_mutex_unlock(context, &data->lock);
- return 0;
-}
-
-static krb5_error_code KRB5_CALLCONV
kcm_lock(krb5_context context, krb5_ccache cache)
{
k5_cc_mutex_lock(context, &((struct kcm_cache_data *)cache->data)->lock);
@@ -1070,7 +1047,7 @@ kcm_switch_to(krb5_context context, krb5_ccache cache)
struct kcmreq req;
kcmreq_init(&req, KCM_OP_SET_DEFAULT_CACHE, cache);
- ret = cache_call(context, cache, &req, FALSE);
+ ret = cache_call(context, cache, &req);
kcmreq_free(&req);
return ret;
}
@@ -1097,7 +1074,6 @@ const krb5_cc_ops krb5_kcm_ops = {
kcm_ptcursor_next,
kcm_ptcursor_free,
NULL, /* move */
- kcm_lastchange,
NULL, /* wasdefault */
kcm_lock,
kcm_unlock,
diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c
index 8419f6e..738e3d1 100644
--- a/src/lib/krb5/ccache/cc_keyring.c
+++ b/src/lib/krb5/ccache/cc_keyring.c
@@ -230,7 +230,6 @@ typedef struct _krcc_data
key_serial_t collection_id; /* collection containing this cache keyring */
key_serial_t cache_id; /* keyring representing ccache */
key_serial_t princ_id; /* key holding principal info */
- krb5_timestamp changetime;
krb5_boolean is_legacy_type;
} krcc_data;
@@ -275,8 +274,6 @@ static krb5_error_code get_time_offsets(krb5_context context, krb5_ccache id,
int32_t *time_offset,
int32_t *usec_offset);
-static void krcc_update_change_time(krcc_data *d);
-
/* Note the following is a stub function for Linux */
extern krb5_error_code krb5_change_cache(void);
@@ -850,7 +847,6 @@ clear_cache_keyring(krb5_context context, krb5_ccache id)
return errno;
}
data->princ_id = 0;
- krcc_update_change_time(data);
return 0;
}
@@ -1113,9 +1109,7 @@ make_krcc_data(const char *anchor_name, const char *collection_name,
data->princ_id = 0;
data->cache_id = cache_id;
data->collection_id = collection_id;
- data->changetime = 0;
data->is_legacy_type = (strcmp(anchor_name, KRCC_LEGACY_ANCHOR) == 0);
- krcc_update_change_time(data);
*data_out = data;
return 0;
@@ -1309,8 +1303,6 @@ krcc_store(krb5_context context, krb5_ccache id, krb5_creds *creds)
if (ret)
goto errout;
- krcc_update_change_time(data);
-
/* Set appropriate timeouts on cache keys. */
ret = krb5_timeofday(context, &now);
if (ret)
@@ -1330,20 +1322,6 @@ errout:
return ret;
}
-/* Get the cache's last modification time. (This is currently broken; it
- * returns only the last change made using this handle.) */
-static krb5_error_code KRB5_CALLCONV
-krcc_last_change_time(krb5_context context, krb5_ccache id,
- krb5_timestamp *change_time)
-{
- krcc_data *data = id->data;
-
- k5_cc_mutex_lock(context, &data->lock);
- *change_time = data->changetime;
- k5_cc_mutex_unlock(context, &data->lock);
- return 0;
-}
-
/* Lock the cache handle against other threads. (This does not lock the cache
* keyring against other processes.) */
static krb5_error_code KRB5_CALLCONV
@@ -1403,7 +1381,6 @@ save_principal(krb5_context context, krb5_ccache id, krb5_principal princ)
} else {
data->princ_id = newkey;
ret = 0;
- krcc_update_change_time(data);
}
k5_buf_free(&buf);
@@ -1430,7 +1407,6 @@ save_time_offsets(krb5_context context, krb5_ccache id, int32_t time_offset,
data->cache_id);
if (newkey == -1)
return errno;
- krcc_update_change_time(data);
return 0;
}
@@ -1672,21 +1648,6 @@ cleanup:
}
/*
- * Utility routine: called by krcc_* functions to keep
- * result of krcc_last_change_time up to date.
- * Value monotonically increases -- based on but not guaranteed to be actual
- * system time.
- */
-
-static void
-krcc_update_change_time(krcc_data *data)
-{
- krb5_timestamp now_time = time(NULL);
- data->changetime = ts_after(now_time, data->changetime) ?
- now_time : ts_incr(data->changetime, 1);
-}
-
-/*
* ccache implementation storing credentials in the Linux keyring facility
* The default is to put them at the session keyring level.
* If "KEYRING:process:" or "KEYRING:thread:" is specified, then they will
@@ -1714,7 +1675,6 @@ const krb5_cc_ops krb5_krcc_ops = {
krcc_ptcursor_next,
krcc_ptcursor_free,
NULL, /* move */
- krcc_last_change_time, /* lastchange */
NULL, /* wasdefault */
krcc_lock,
krcc_unlock,
@@ -1752,6 +1712,5 @@ const krb5_cc_ops krb5_krcc_ops = {
NULL,
NULL,
NULL,
- NULL,
};
#endif /* USE_KEYRING_CCACHE */
diff --git a/src/lib/krb5/ccache/cc_memory.c b/src/lib/krb5/ccache/cc_memory.c
index 114ef69..895139e 100644
--- a/src/lib/krb5/ccache/cc_memory.c
+++ b/src/lib/krb5/ccache/cc_memory.c
@@ -84,9 +84,6 @@ static krb5_error_code KRB5_CALLCONV krb5_mcc_ptcursor_next
static krb5_error_code KRB5_CALLCONV krb5_mcc_ptcursor_free
(krb5_context, krb5_cc_ptcursor *);
-static krb5_error_code KRB5_CALLCONV krb5_mcc_last_change_time
-(krb5_context, krb5_ccache, krb5_timestamp *);
-
static krb5_error_code KRB5_CALLCONV krb5_mcc_lock
(krb5_context context, krb5_ccache id);
@@ -111,7 +108,6 @@ typedef struct _krb5_mcc_data {
k5_cc_mutex lock;
krb5_principal prin;
krb5_mcc_link *link;
- krb5_timestamp changetime;
/* Time offsets for clock-skewed clients. */
krb5_int32 time_offset;
krb5_int32 usec_offset;
@@ -133,8 +129,6 @@ struct krb5_mcc_ptcursor_data {
k5_cc_mutex krb5int_mcc_mutex = K5_CC_MUTEX_PARTIAL_INITIALIZER;
static struct k5_hashtab *mcc_hashtab = NULL;
-static void update_mcc_change_time(krb5_mcc_data *);
-
/* Ensure that mcc_hashtab is initialized. Call with krb5int_mcc_mutex
* locked. */
static krb5_error_code
@@ -192,7 +186,6 @@ krb5_mcc_initialize(krb5_context context, krb5_ccache id, krb5_principal princ)
empty_mcc_cache(context, d);
ret = krb5_copy_principal(context, princ, &d->prin);
- update_mcc_change_time(d);
if (os_ctx->os_flags & KRB5_OS_TOFFSET_VALID) {
/* Store client time offsets in the cache */
@@ -469,12 +462,10 @@ new_mcc_data (const char *name, krb5_mcc_data **dataptr)
}
d->link = NULL;
d->prin = NULL;
- d->changetime = 0;
d->time_offset = 0;
d->usec_offset = 0;
d->refcount = 2;
d->generation = 0;
- update_mcc_change_time(d);
if (k5_hashtab_add(mcc_hashtab, d->name, strlen(d->name), d) != 0) {
free(d->name);
@@ -656,7 +647,6 @@ krb5_mcc_store(krb5_context ctx, krb5_ccache id, krb5_creds *creds)
k5_cc_mutex_lock(ctx, &mptr->lock);
new_node->next = mptr->link;
mptr->link = new_node;
- update_mcc_change_time(mptr);
k5_cc_mutex_unlock(ctx, &mptr->lock);
return 0;
cleanup:
@@ -726,33 +716,6 @@ krb5_mcc_ptcursor_free(
}
static krb5_error_code KRB5_CALLCONV
-krb5_mcc_last_change_time(
- krb5_context context,
- krb5_ccache id,
- krb5_timestamp *change_time)
-{
- krb5_mcc_data *data = (krb5_mcc_data *) id->data;
-
- k5_cc_mutex_lock(context, &data->lock);
- *change_time = data->changetime;
- k5_cc_mutex_unlock(context, &data->lock);
- return 0;
-}
-
-/*
- Utility routine: called by krb5_mcc_* functions to keep
- result of krb5_mcc_last_change_time up to date
-*/
-
-static void
-update_mcc_change_time(krb5_mcc_data *d)
-{
- krb5_timestamp now_time = time(NULL);
- d->changetime = ts_after(now_time, d->changetime) ?
- now_time : ts_incr(d->changetime, 1);
-}
-
-static krb5_error_code KRB5_CALLCONV
krb5_mcc_lock(krb5_context context, krb5_ccache id)
{
krb5_mcc_data *data = (krb5_mcc_data *) id->data;
@@ -792,7 +755,6 @@ const krb5_cc_ops krb5_mcc_ops = {
krb5_mcc_ptcursor_next,
krb5_mcc_ptcursor_free,
NULL, /* move */
- krb5_mcc_last_change_time,
NULL, /* wasdefault */
krb5_mcc_lock,
krb5_mcc_unlock,
diff --git a/src/lib/krb5/ccache/cc_mslsa.c b/src/lib/krb5/ccache/cc_mslsa.c
index 0d00c86..a6efc46 100644
--- a/src/lib/krb5/ccache/cc_mslsa.c
+++ b/src/lib/krb5/ccache/cc_mslsa.c
@@ -2203,7 +2203,6 @@ const krb5_cc_ops krb5_lcc_ops = {
krb5_lcc_ptcursor_next,
krb5_lcc_ptcursor_free,
NULL, /* move */
- NULL, /* lastchange */
NULL, /* wasdefault */
NULL, /* lock */
NULL, /* unlock */
diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c
index db69eeb..f7a79bc 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc.c
+++ b/src/lib/krb5/ccache/ccapi/stdcc.c
@@ -92,7 +92,6 @@ krb5_cc_ops krb5_cc_stdcc_ops = {
krb5_stdccv3_ptcursor_next,
krb5_stdccv3_ptcursor_free,
NULL, /* move */
- krb5_stdccv3_last_change_time, /* lastchange */
NULL, /* wasdefault */
krb5_stdccv3_lock,
krb5_stdccv3_unlock,
@@ -118,7 +117,6 @@ krb5_cc_ops krb5_cc_stdcc_ops = {
NULL,
NULL,
NULL,
- NULL,
#endif
};
@@ -1003,29 +1001,6 @@ krb5_stdccv3_ptcursor_free(
return 0;
}
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_last_change_time
-(krb5_context context, krb5_ccache id,
- krb5_timestamp *change_time)
-{
- krb5_error_code err = 0;
- stdccCacheDataPtr ccapi_data = id->data;
- cc_time_t ccapi_change_time = 0;
-
- *change_time = 0;
-
- if (!err) {
- err = stdccv3_setup(context, ccapi_data);
- }
- if (!err) {
- err = cc_ccache_get_change_time (ccapi_data->NamedCache, &ccapi_change_time);
- }
- if (!err) {
- *change_time = ccapi_change_time;
- }
-
- return cc_err_xlate (err);
-}
-
krb5_error_code KRB5_CALLCONV krb5_stdccv3_lock
(krb5_context context, krb5_ccache id)
{
diff --git a/src/lib/krb5/ccache/ccapi/stdcc.h b/src/lib/krb5/ccache/ccapi/stdcc.h
index 1955b4f..d3b6009 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc.h
+++ b/src/lib/krb5/ccache/ccapi/stdcc.h
@@ -102,10 +102,6 @@ krb5_error_code KRB5_CALLCONV krb5_stdccv3_ptcursor_next
krb5_error_code KRB5_CALLCONV krb5_stdccv3_ptcursor_free
(krb5_context context, krb5_cc_ptcursor *cursor);
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_last_change_time
-(krb5_context context, krb5_ccache id,
- krb5_timestamp *change_time);
-
krb5_error_code KRB5_CALLCONV krb5_stdccv3_lock
(krb5_context, krb5_ccache id);
diff --git a/src/lib/krb5/ccache/ccbase.c b/src/lib/krb5/ccache/ccbase.c
index 8198f2b..6715ac9 100644
--- a/src/lib/krb5/ccache/ccbase.c
+++ b/src/lib/krb5/ccache/ccbase.c
@@ -355,14 +355,14 @@ krb5_cc_move(krb5_context context, krb5_ccache src, krb5_ccache dst)
krb5_principal princ = NULL;
TRACE_CC_MOVE(context, src, dst);
- ret = krb5_cccol_lock(context);
+ ret = k5_cccol_lock(context);
if (ret) {
return ret;
}
- ret = krb5_cc_lock(context, src);
+ ret = k5_cc_lock(context, src);
if (ret) {
- krb5_cccol_unlock(context);
+ k5_cccol_unlock(context);
return ret;
}
@@ -371,22 +371,22 @@ krb5_cc_move(krb5_context context, krb5_ccache src, krb5_ccache dst)
ret = krb5_cc_initialize(context, dst, princ);
}
if (ret) {
- krb5_cc_unlock(context, src);
- krb5_cccol_unlock(context);
+ k5_cc_unlock(context, src);
+ k5_cccol_unlock(context);
return ret;
}
- ret = krb5_cc_lock(context, dst);
+ ret = k5_cc_lock(context, dst);
if (!ret) {
ret = krb5_cc_copy_creds(context, src, dst);
- krb5_cc_unlock(context, dst);
+ k5_cc_unlock(context, dst);
}
- krb5_cc_unlock(context, src);
+ k5_cc_unlock(context, src);
if (!ret) {
ret = krb5_cc_destroy(context, src);
}
- krb5_cccol_unlock(context);
+ k5_cccol_unlock(context);
if (princ) {
krb5_free_principal(context, princ);
princ = NULL;
@@ -497,8 +497,8 @@ k5_cc_mutex_force_unlock(k5_cc_mutex *m)
* holds on to all pertype global locks as well as typelist lock
*/
-krb5_error_code KRB5_CALLCONV
-krb5_cccol_lock(krb5_context context)
+krb5_error_code
+k5_cccol_lock(krb5_context context)
{
krb5_error_code ret = 0;
@@ -523,8 +523,8 @@ krb5_cccol_lock(krb5_context context)
return ret;
}
-krb5_error_code KRB5_CALLCONV
-krb5_cccol_unlock(krb5_context context)
+krb5_error_code
+k5_cccol_unlock(krb5_context context)
{
krb5_error_code ret = 0;
diff --git a/src/lib/krb5/ccache/cccursor.c b/src/lib/krb5/ccache/cccursor.c
index 506a27c..8f58721 100644
--- a/src/lib/krb5/ccache/cccursor.c
+++ b/src/lib/krb5/ccache/cccursor.c
@@ -142,41 +142,6 @@ krb5_cccol_cursor_free(krb5_context context,
}
krb5_error_code KRB5_CALLCONV
-krb5_cccol_last_change_time(krb5_context context,
- krb5_timestamp *change_time)
-{
- krb5_error_code ret = 0;
- krb5_cccol_cursor c = NULL;
- krb5_ccache ccache = NULL;
- krb5_timestamp last_time = 0;
- krb5_timestamp max_change_time = 0;
-
- *change_time = 0;
-
- ret = krb5_cccol_cursor_new(context, &c);
-
- while (!ret) {
- ret = krb5_cccol_cursor_next(context, c, &ccache);
- if (ccache) {
- ret = krb5_cc_last_change_time(context, ccache, &last_time);
- if (!ret && ts_after(last_time, max_change_time)) {
- max_change_time = last_time;
- }
- ret = 0;
- }
- else {
- break;
- }
- }
- *change_time = max_change_time;
- return ret;
-}
-
-/*
- * krb5_cccol_lock and krb5_cccol_unlock are defined in ccbase.c
- */
-
-krb5_error_code KRB5_CALLCONV
krb5_cc_cache_match(krb5_context context, krb5_principal client,
krb5_ccache *cache_out)
{
diff --git a/src/lib/krb5/ccache/ccfns.c b/src/lib/krb5/ccache/ccfns.c
index 1084d51..b594bdd 100644
--- a/src/lib/krb5/ccache/ccfns.c
+++ b/src/lib/krb5/ccache/ccfns.c
@@ -189,21 +189,14 @@ krb5_cc_get_type(krb5_context context, krb5_ccache cache)
return cache->ops->prefix;
}
-krb5_error_code KRB5_CALLCONV
-krb5_cc_last_change_time(krb5_context context, krb5_ccache ccache,
- krb5_timestamp *change_time)
-{
- return ccache->ops->lastchange(context, ccache, change_time);
-}
-
-krb5_error_code KRB5_CALLCONV
-krb5_cc_lock(krb5_context context, krb5_ccache ccache)
+krb5_error_code
+k5_cc_lock(krb5_context context, krb5_ccache ccache)
{
return ccache->ops->lock(context, ccache);
}
-krb5_error_code KRB5_CALLCONV
-krb5_cc_unlock(krb5_context context, krb5_ccache ccache)
+krb5_error_code
+k5_cc_unlock(krb5_context context, krb5_ccache ccache)
{
return ccache->ops->unlock(context, ccache);
}
More information about the cvs-krb5
mailing list