Windows CCAPI design sketch

Alexandra Ellwood lxs at MIT.EDU
Thu Dec 20 18:40:46 EST 2007 

I'm not familiar with RPC on Windows but I wrote the latest version of  
the CCAPI so I can answer a few of these questions.


On Dec 20, 2007, at 4:47 PM, Danilo Almeida wrote:

>
>> http://web.mit.edu/kpkoch/Public/CCAPI-Windows-Design.html.
>
> A few questions:
>
> 0) Is this proposal for a single CCAPI server that serves multiple  
> users?
>

On the Mac we currently run one CCacheServer per user.  I believe  
Kevin's initial port to Windows also does this.  However the cross  
platform implementation does not make adding this support difficult so  
long as the OS RPC mechanism provides a way to identify which user  
each RPC call belongs to.


> 1) IIRC, the Windows RPC implementation makes it easy to detect  
> client disconnects.  I'm pretty sure that the existing (single user)  
> ccapi implementation takes care of this.  So there should be no need  
> for the keep-alive and SST stuff.
>
> 2) What is the purpose of the CCAPI UUID endpoint?  Is it strictly  
> for keep-alive?  Otherwise, I do not see the need.  Why does the  
> CCPAI client need to act like a server?  Is it supposed to get  
> callbacks from the server?
>

We finally implemented the cache collection and ccache locks in the  
CCAPI (the APIs have existed for a while now but were never  
implemented).  They're advisory locks to avoid deadlocking older  
clients.

We also added an API which allows the client to block a thread waiting  
for the next change to the cache collection to avoid GUI applications  
polling to update their ticket lists.

Since a client can block waiting for a lock or update, the client  
needs to wait for a reply from the server while the server is handling  
other messages.


This is also the reason that the server needs to detect client  
disconnects.  If the client has acquired locks and then crashes or  
exits without releasing the lock, the server shouldn't deadlock.  Thus  
the server tracks clients internally and needs a way to tell when they  
are no longer communicating with it.


> 3) What does the server use for LSID?  This is supposed to by a  
> system-wide server, right?   Why doesn't the server just have a  
> single endpoint?  Am I missing something?
>
> 4) Why are the messages encoded and then sent over RPC?  Is this  
> because the OS-independent code does its own marshalling?
>

The implementation is cross-platform.  Because I did not want to  
depend on the functionality of any particular RPC mechanism, the  
implementation has its own marshaling layer.


> 5) I did not understand the "lock" bit in " How is the request  
> handled in the server and the reply sent to the client?"  Which  
> locks is this referring to?
>
> 6) Can we add pointer to other relevant specs?  In particular, which  
> CCAPI version does this refer to?
>

CCAPI version 7.  If you look at CredentialsCache.h, you should find  
Doxygen documentation in the header file for it.


--lxs

Alexandra Ellwood <lxs at mit.edu>
MIT Kerberos Development Team
<http://mit.edu/lxs/www>

More information about the kfwdev mailing list