Add a mutex to the GSSAPI krb5 mechanism credential structure. Lock it while
authorKen Raeburn <raeburn@mit.edu>
Thu, 29 Jul 2004 02:26:43 +0000 (02:26 +0000)
committerKen Raeburn <raeburn@mit.edu>
Thu, 29 Jul 2004 02:26:43 +0000 (02:26 +0000)
commit36c54e9dca26bc1b304933a8db387eff0c361717
tree97a2da6304879ae700c253dc8d4f859198ab6c3e
parentd098bf854cae9c011f9c3b070adc918d2cd06158
Add a mutex to the GSSAPI krb5 mechanism credential structure.  Lock it while
frobbing the contents.

Also added krb5_gss_validate_cred_1, which is like krb5_gss_validate_cred but
for internal use.  It lets the caller supply the krb5_context instead of
creating yet another one locally, and leaves the new credential mutex locked on
a successful return so that the caller doesn't have to reacquire it.  More
functions should be changed to use this internally, but it's a performance
issue; I don't think it's a correctness or thread-safety issue.

* gssapiP_krb5.h (struct _krb5_gss_cred_id_rec): Add a mutex.
(krb5_gss_validate_cred_1): Declare.
* accept_sec_context.c (rd_and_store_for_creds): Initialize mutex.
* acquire_cred.c (krb5_gss_acquire_cred): Initialize mutex.
* add_cred.c (krb5_gss_add_cred): Create the krb5 context earlier.  Call
krb5_gss_validate_cred_1.  Make sure the mutex is locked.
* copy_ccache.c (gss_krb5_copy_ccache): Lock the mutex in the source
credential.
* init_sec_context.c (get_credentials, new_connection): Check that the mutex is
locked.
(mutual_auth): Delete unused credential argument.
(krb5_gss_init_sec_context): Lock the mutex.
* inq_cred.c (krb5_gss_inquire_cred): Lock the mutex.
* rel_cred.c (krb5_gss_release_cred): Destroy the mutex.
* set_allowable_enctypes.c (gss_krb5_set_allowable_enctypes): Lock the mutex.
* val_cred.c (krb5_gss_validate_cred_1): New function.
(krb5_gss_validate_cred): Use it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16630 dc483132-0cff-0310-8789-dd5450dbe970
src/lib/gssapi/krb5/ChangeLog
src/lib/gssapi/krb5/accept_sec_context.c
src/lib/gssapi/krb5/acquire_cred.c
src/lib/gssapi/krb5/add_cred.c
src/lib/gssapi/krb5/copy_ccache.c
src/lib/gssapi/krb5/gssapiP_krb5.h
src/lib/gssapi/krb5/init_sec_context.c
src/lib/gssapi/krb5/inq_cred.c
src/lib/gssapi/krb5/rel_cred.c
src/lib/gssapi/krb5/set_allowable_enctypes.c
src/lib/gssapi/krb5/val_cred.c