MEMORY keytabs - how should they be destroyed?
Jeffrey Altman
jaltman at secure-endpoints.com
Thu Jan 25 19:51:51 EST 2007
Nicolas Williams wrote:
> On Thu, Jan 25, 2007 at 08:48:42AM +0100, Jeffrey Altman wrote:
>> I wonder if it should take a flag indicating whether the keytab should
>> have the automatic destroy when refcount hits zero behavior.
>
> That implies a function to take references.
In the current Heimdal implementation the krb5_kt_resolve function
obtains a reference and the reference is removed when the krb5_kt_close
function is called.
At this point we have agreed that keytabs should work like ccaches.
Therefore, we will add destroy and gen_new functions.
Heimdal will change its implementation to match the agreed upon
behavior. Applications that rely on the existing Heimdal behavior will
have to be updated.
Jeffrey Altman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20070126/4d8d9be1/attachment.bin
More information about the krbdev
mailing list