Ticket History #210: minor improvement to gss_acquire

# Mon Aug 19 14:19:55 2002 The RT System itself - Default: Import/ changed from (no value) to (no value)

Download (untitled) / with headers
text/plain 3.6KiB

From bjaspan@MIT.EDU Wed Nov 20 14:56:45 1996
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id OAA26957 for <bugs@RT-11.MIT.EDU>; Wed, 20 Nov 1996 14:56:45 -0500
Received: from BEEBLEBROX.MIT.EDU by MIT.EDU with SMTP
id AA17052; Wed, 20 Nov 96 14:56:44 EST
Received: by beeblebrox.MIT.EDU (940816.SGI.8.6.9/4.7) id TAA29480; Wed, 20 Nov 1996 19:56:43 GMT
Message-Id: <199611201956.TAA29480@beeblebrox.MIT.EDU>
Date: Wed, 20 Nov 1996 19:56:43 GMT
From: bjaspan@MIT.EDU
Reply-To: bjaspan@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: minor improvement to gss_acquire_cred
X-Send-Pr-Version: 3.99

Show quoted text

>Number: 210
>Category: krb5-libs
>Synopsis: minor improvement to gss_acquire_cred
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Wed Nov 20 14:57:01 EST 1996
>Last-Modified: Wed Dec 04 13:07:28 EST 1996
>Originator: Barry Jaspan
>Organization:

mit

Show quoted text

>Release: 1.0-development
>Environment:

System: IRIX beeblebrox 5.3 11091812 IP22 mips

Show quoted text

>Description:

The following patch changes the krb5 gss_acquire_cred to use
krb5_kt_get_entry instead of iterating through the entire keytab
looking for a matching principal. The latter is more efficient. This
is not a necessary fix for 1.0.

Index: acquire_cred.c
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/lib/gssapi/krb5/acquire_cred.c,v
retrieving revision 1.18
diff -c -r1.18 acquire_cred.c
*** acquire_cred.c 1996/10/10 17:51:42 1.18
--- acquire_cred.c 1996/11/20 17:43:02
***************
*** 77,119 ****
princ = (krb5_principal) desired_name;
}

! /* iterate over the keytab searching for the principal */
!
! if (code = krb5_kt_start_seq_get(context, kt, &cur)) {
! (void) krb5_kt_close(context, kt);
! *minor_status = code;
! return(GSS_S_FAILURE);
! }
!
! while (!(code = krb5_kt_next_entry(context, kt, &entry, &cur))) {
! if (krb5_principal_compare(context, entry.principal, princ)) {
! code = 0;
! krb5_kt_free_entry(context, &entry);
! break;
! }
! krb5_kt_free_entry(context, &entry);
! }
!
! if (code == KRB5_KT_END) {
! /* this means that the principal wasn't in the keytab */
! (void)krb5_kt_end_seq_get(context, kt, &cur);
! (void) krb5_kt_close(context, kt);
! *minor_status = KG_KEYTAB_NOMATCH;
! return(GSS_S_CRED_UNAVAIL);
! } else if (code) {
! /* this means some error occurred reading the keytab */
! (void)krb5_kt_end_seq_get(context, kt, &cur);
! (void) krb5_kt_close(context, kt);
! *minor_status = code;
! return(GSS_S_FAILURE);
! } else {
! /* this means that we found a matching entry */
! if (code = krb5_kt_end_seq_get(context, kt, &cur)) {
! (void) krb5_kt_close(context, kt);
! *minor_status = code;
! return(GSS_S_FAILURE);
! }
}

/* hooray. we made it */

--- 77,91 ----
princ = (krb5_principal) desired_name;
}

! if (code = krb5_kt_get_entry(context, kt, princ, 0, 0, &entry)) {
! (void) krb5_kt_close(context, kt);
! if (code == KRB5_KT_NOTFOUND)
! *minor_status = KG_KEYTAB_NOMATCH;
! else
! *minor_status = code;
! return(GSS_S_CRED_UNAVAIL);
}
+ krb5_kt_free_entry(context, &entry);

/* hooray. we made it */

Show quoted text

>How-To-Repeat:

Show quoted text

>Fix:

Show quoted text

>Audit-Trail:

State-Changed-From-To: open-closed
State-Changed-By: bjaspan
State-Changed-When: Wed Dec 4 13:07:16 1996
State-Changed-Why:

Fixed. Files:

lib/gssapi/krb5/ChangeLog
lib/gssapi/krb5/acquire_cred.c

Show quoted text

>Unformatted:

# Mon Aug 19 14:19:56 2002 The RT System itself - Component krb5-libs added

# Wed Mar 12 00:30:37 2003 tlyu (Taylor Yu) - Version_Fixed 1.2 added

Ticket History #210: minor improvement to gss_acquire_cred