Lookaside mechanism in KDC -- shared between processes?
Rick van Rein
rick at openfortress.nl
Thu Nov 10 11:04:04 EST 2016
For a project on the KDC code  I'm trying to understand how lookaside
processing in the KDC works, as implemented in kdc/replay.c --
specifically, how it reaches all the processes that run inside the KDC.
I found that the hash table is a static array, so it will be shared
among processes, but the entries are simply allocated with calloc() and
would therefore be specific to each process. So how can process A
detect that dispatch.c is active for a given KDC-REQ packet if that
packet is being dispatched from process B?
 I'm trying to insert a link to a backend that uses DNSSEC/DANE for
realm crossover; it wants to avoid replaying a request about an
already-sought remote realm.
More information about the krbdev