Lookaside mechanism in KDC -- shared between processes?
Greg Hudson
ghudson at mit.edu
Thu Nov 10 11:30:04 EST 2016
On 11/10/2016 11:04 AM, Rick van Rein wrote:
> I found that the hash table is a static array, so it will be shared
> among processes, but the entries are simply allocated with calloc() and
> would therefore be specific to each process. So how can process A
> detect that dispatch.c is active for a given KDC-REQ packet if that
> packet is being dispatched from process B?
static arrays are not shared between processes. The KDC lookaside cache
is entirely specific to one process. It is intended as an optimization,
not as a guarantee that a request is only processed once.
(We have at times considered removing the lookaside cache, on the
grounds that its overhead may cost more than the optimization is worth
in typical scenarios. But so far we have not.)
More information about the krbdev
mailing list