Thread-safe libraries
Nikola Milutinovic
Nikola.Milutinovic at ev.co.yu
Wed Feb 25 01:13:24 EST 2004
Sam Hartman wrote:
>>>>>>"Lukas" == Lukas Kubin <kubin at opf.slu.cz> writes:
>
>
> Lukas> Is there any progress in the ability of Kerberos libraries
> Lukas> on Linux to be used by threads-enabled applications? I'm
> Lukas> still having troubles using sasl kerberos authentication to
> Lukas> ldap server on Linux (Debian). It always fails when
> Lukas> parallel connection appears. Is there any solution for
> Lukas> this now? Thank you.
>
> I believe someone has written a patch to the SASL library to use
> mutexes around GSSAPI calls.
>
> MIT is working on thread safety for our libraries but has not released
> any code yet.
Some time ago, I had the same worry. Apparently, the only thread-safe Kerberos
libraries around are from Tim Aslop's company (he replied on this list),
"Cybersafe", I think.
It is also worth noting, that, while Heimdal is not thread safe (at least there
are no guarantees), it has proven to be much more thread-robust than MIT.
OpenLDAP page and a couple of users have expirienced problems with MIT and
threaded OpenLDAP server, while Heimdal performed flawlessly.
It could be that Heimdal IS thread-safe, just nobody knows for sure. :-)
Nix.
P.S. Cyrus SASL 2.1.17 recognizes MIT, Heimdal, Cybersafe and SEAM (Sun)
Kerberos implementations.
More information about the Kerberos
mailing list