How is an application supposed to know if a Kerberos library isthread safe?

Nicolas Williams Nicolas.Williams at
Wed Dec 15 17:58:30 EST 2004

On Wed, Dec 15, 2004 at 12:08:40PM -0500, Jeffrey Altman wrote:
> Now that we have thread safety in Kerberos 5, applications must decide 
> whether or not to use their own application level locking around calls 
> to the Kerberos 5 libraries.
> If I am compiling against a specific set of headers I can test for 
> things that appeared for the first time in 1.4 to determine whether
> or not to assume the application level locks are not required.
> If I am an application supposedly compiled against a fixed ABI,
> how am I supposed to know whether or not thread safety is there?
> On Windows, should I probe the module which has been loaded and
> test the file version number?  Or do we want to provide some other
> exported symbol within the library itself?
> How are applications on Unix supposed to be able to determine the
> existence of thread safety at runtime?

If the runtime linker is any good you could use a weak symbol for this
-- if it's value is NULL you don't have thread safety, else you do.

Else you can use the same approach as you mention for Windows (probe the
shared object).

More information about the krbdev mailing list