[20519] in Kerberos_V5_Development
is krb5_cc_initialize() thread safe
daemon@ATHENA.MIT.EDU (Olga Kornievskaia)
Thu Feb 20 17:48:34 2025
MIME-Version: 1.0
From: Olga Kornievskaia <aglo@umich.edu>
Date: Thu, 20 Feb 2025 16:47:50 -0500
Message-ID: <CAN-5tyHTcjhDV4FRjh2kknJvMec=bgKwzct53tNMvxB7j+N7jQ@mail.gmail.com>
To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Hi folks,
I haven't been able to find in documentation whether or not
krb5_cc_initialize() is thread safe? From a practical point of view, I
believe it is not. But a call to "krb5_is_thread_safe() returns true".
In NFS's gssd implementation, while trying to refresh credentials, the
code tries to store creds and as part of calls into
krb5_cc_initialize() to initial credential cache (of either FILE or
MEMORY type). We've observed that if two threads try to update the
same cache and thus call into krb5_cc_initialize(), one succeeds and
the other fails with "Internal credentials cache error". Is that
unexpected?
Thank you.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
