Question about krb5_fcc_(destroy vs. close)

Greg Hudson ghudson at MIT.EDU
Wed Aug 11 12:37:05 EDT 2010

On Wed, 2010-08-11 at 11:46 -0400, Peter Shoults wrote:
> It does not appear that either of these routines do all of this. Destroy
> looks like it clears things out completely, but does not free, close
> looks like it disassociates things, and free, but does not clear things
> out.  As a follow on, I am confused why we would have two routines that
> appear to do exactly the same thing.

To draw an analogy, this is the difference between deleting a file and
closing a file handle.  krb5_cc_destroy is used by programs like
kdestroy, while krb5_cc_close is used whenever a program loses interest
in a credential cache.

A quick read suggests that you could continue to use a ccache handle
(presumably starting with krb5_cc_initialize) after destroying it, but
I'm not certain of that.

More information about the krbdev mailing list