Thread-safe libraries

Sam Hartman hartmans at MIT.EDU
Wed Feb 25 15:14:53 EST 2004


>>>>> "Cesar" == Cesar Garcia <Cesar.Garcia at morganstanley.com> writes:

    Cesar> wrt to gssapi and 1.3.1 ...

    Cesar> Since we're pointing out lack of replay cache detection,
    Cesar> note that if acquiring creds for GSS_C_NO_NAME, then no
    Cesar> replay cache is used.  (specifically looking at 1.3.1 -
    Cesar> lib/gssapi/krb5/acquire_cred.c)

I think that's false.  I believe that krb5_rd_req will end up setting
up a rcache later.

I don't have time to go look through the code now though, but I wrote
it and at least intended that a replay cache would get used even
though it does not get stored in the GSSAPI credentials structure.



More information about the Kerberos mailing list