GSSAPI contexts used in multiple threads
Nicolas Williams
Nicolas.Williams at sun.com
Tue Mar 4 16:34:18 EST 2008
On Tue, Mar 04, 2008 at 04:12:12PM -0500, Ken Raeburn wrote:
> On Mar 4, 2008, at 14:13, Russ Allbery wrote:
> > It's quite possible that it does and that I'd just misunderstood the
> > guarantees. OpenLDAP had trouble in the past but I think it was
> > stable
> > (if slow due to the replay cache) under load with a recent MIT
> > Kerberos,
> > but threading bugs can be hard to find even under heavy load.
>
> Perhaps we should check if it's safe to not do replay caches in
> certain cases (i.e., server-provided subkey always used in all known
> protocols using a given service principal name) and make them default
> to not using a replay cache.
If the app protocol doesn't need replay protection, then the app
shouldn't ask for it. Otherwise I don't think you can easily and
reliably decide at the GSS level when replay protection is or is not
required.
> It wouldn't surprise me if changing the krb5.conf config file while
> the program is running could cause races, as several functions in our
> library will re-read the config file when it changes, re-parse it,
> etc., but I haven't reviewed if any of those functions are likely to
> get called in the OpenLDAP case.
I suspect it's not safe to change krb5.conf while apps are running, but
I'd love to have confirmation. If that's the case then we may need an
enhancement to make it safe (but I'm not sure that will be simple
either).
Nico
--
More information about the krbdev
mailing list