Add keytab kinit test cases

[krb5.git] / doc / threads.txt

Thread safety in the MIT Kerberos libraries

The return value from krb5_cc_default_name is a handle on internal
storage from the krb5_context.  It is valid only until
krb5_cc_set_default_name or krb5_free_context is called.  If
krb5_cc_set_default_name may be called, the calling code must ensure
that the storage returned by krb5_cc_default_name is no longer in use
by that time.

Any use of krb5_context must be confined to one thread at a time by
the application code.

Uses of credentials caches, replay caches, and keytabs may happen in
multiple threads simultaneously as long as none of them destroys the
object while other threads may still be using it.  (Any internal data
modification in those objects will be protected by mutexes or other
means, within the krb5 library.)

The simple, exposed data structures in krb5.h like krb5_principal are
not protected; they should not be used in one thread while another
thread might be modifying them.  (TO DO: Build a list of which calls
keep references to supplied data or return references to
otherwise-referenced data, as opposed to everything making copies.)



[ This part is a little outdated already. ]

   // Between these two, we should be able to do pure compile-time
   // and pure run-time initialization.
   //   POSIX: partial initializer is PTHREAD_MUTEX_INITIALIZER,
   //          finish does nothing
   //   Windows: partial initializer is zero/empty,
   //            finish does the actual work and runs at load time
   //   debug: partial initializer sets one magic value,
   //          finish verifies, sets a new magic value
   k5_mutex_t foo_mutex = K5_MUTEX_PARTIAL_INITIALIZER;
   int k5_mutex_finish_init(k5_mutex_t *);
   // for dynamic allocation
   int k5_mutex_init(k5_mutex_t *);
   // Must work for both kinds of allocation, even if it means adding
   // a flag.
   int k5_mutex_destroy(k5_mutex_t *);
   //
   // Per library, one function to finish the static mutex
   // initialization.
   //
   // A second function called at various possible "first" entry
   // points which either calls pthread_once on the first function
   // (POSIX), or checks some flag set by the first function (Windows,
   // debug support), and possibly returns an error.
   //
   // A third function for library termination calls mutex_destroy on
   // each mutex for the library.
   //
   // 
   int k5_mutex_lock(k5_mutex_t *);
   int k5_mutex_unlock(k5_mutex_t *);
   // Optional (always defined, but need not do anything):
   void k5_mutex_assert_locked(k5_mutex_t *);
   void k5_mutex_assert_unlocked(k5_mutex_t *);


   k5_key_t key;
   int k5_key_create(k5_key_t *, void (*destructor)(void *));
   void *k5_getspecific(k5_key_t);
   int k5_setspecific(k5_key_t, const void *);
   ... stuff to signal library termination ...

This is **NOT** an exported interface, and is subject to change.

On many platforms with weak reference support, we can declare certain
symbols to be weak, and test the addresses before calling them.  The
references generally will be non-null if the application pulls in the
pthread support.  Sometimes stubs are present in the C library for
some of these routines, and sometimes they're not functional; if so,
we need to figure out which ones, and check for the presence of some
*other* routines.

AIX 4.3.3 doesn't support weak references.  However, it looks like
calling dlsym(NULL) causes the pthread library to get loaded, so we're
going to just go ahead and link against it anyways.

On Tru64 we also link against the thread library always.


For now, the basic model is:

  If weak references are supported, use them.
  Else, assume support is present; if that means explicitly pulling in
  the thread library, so be it.



The locking described above may not be sufficient, at least for good
performance.  At some point we may want to switch to read/write locks,
so multiple threads can grovel over a data structure at once as long
as they don't change it.


See also notes in src/include/k5-thread.h.