Enhancing the The Keytab read routines

Ken Raeburn raeburn at MIT.EDU
Thu Aug 14 15:10:25 EDT 2003

Yes, we've noticed that performance problem before, though I don't
think most sites have such large keytab files on most systems.

Brian <brianslist at apple.com> writes:
>  Now my question is was the earlier byte by byte read done
> for a  reason?

My guess is that the reasoning was something like this: "We don't want
to risk any keytab data sticking around in 'uninitialized' data to
accidentally be used by other routines or exposed in a core file if
the application server crashes.  So let's tell stdio not to use a

> will the change that I did have any other effect etc ?

Well, as far as I know using the _file field of a FILE object isn't
terribly portable, but I don't expect it'll break things for you.  The
file position probably isn't being cached anywhere by stdio, and
there's no buffer used, so it wouldn't matter that you change it
without stdio knowing about it.

It would've been better, I think, to allocate a buffer, use it, and
explicitly zap the contents when closing the file.  In fact, since
it's more straightforward than I thought (I assumed, without looking,
that we were using read() directly), I think I'll give that a try.

If you run into other performance problems, I'd like to know....


More information about the krbdev mailing list