From: gsu@UU.NET
Date: Tue, 6 Jan 2004 15:58:55 -0500 (EST)
To: Sam Hartman via RT <rt-comment@krbdev.mit.edu>
Cc: gsu@UU.NET, krb5-prs@mit.edu
Subject: Re: [krbdev.mit.edu #2106] bug in krb5_cc_remove_cred API?
In-Reply-To: <rt-2106-9067.0.362638267497033@krbdev.mit.edu>
Message-Id: <Pine.GSO.4.58.0401061547040.29313@galaxy.argfrp.us.uu.net>
References: <rt-2106-9067.0.362638267497033@krbdev.mit.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
RT-Send-Cc: 
Content-Length: 886


Returning an error would certainly be much cleaner than a null pointer
reference.  I was so puzzled that I checked the API guide and my code
repeatly.  If no implementation is intended, why advertise it in the
guide?

So there is no way that I can remove any expired credential?


On Tue, 6 Jan 2004, Sam Hartman via RT wrote:

> Well, it is not really clear to me if this is a bug or missing code.
> We certainly don't implement remove_cred, so there is no way your test
> program could successfully remove a credential.
>
> Clearly we should eventually implement that code and its absence is a
> bug.
>
> Having the unimplemented API segfault definitely does draw the missing
> functionality to one's attention.  It's true that an assertion would
> be cleaner than a null pointer dereference.
> The alternative would be to return an error indicating the API is
> unimplemented.
>
>