diff options
| author | Jeffrey Altman <jaltman@secure-endpoints.com> | 2004-02-01 01:48:22 +0000 |
|---|---|---|
| committer | Jeffrey Altman <jaltman@secure-endpoints.com> | 2004-02-01 01:48:22 +0000 |
| commit | 084b351bb4d2fe665423e5232530bc1aa4b70fa3 (patch) | |
| tree | a10ebfe6c1bd2496e30b78e64bec6248892048ce /src | |
| parent | 10454c23a28f9f7c549346dc5e5024f763f65897 (diff) | |
| download | krb5-084b351bb4d2fe665423e5232530bc1aa4b70fa3.tar.gz krb5-084b351bb4d2fe665423e5232530bc1aa4b70fa3.tar.xz krb5-084b351bb4d2fe665423e5232530bc1aa4b70fa3.zip | |
* cc_mslsa.c: optimize the get_next logic by storing a handle to the
MS TGT in the lcc_cursor data structure
ticket:new
tags: pullup
target_version: 1.3.2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15993 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/krb5/ccache/ChangeLog | 5 | ||||
| -rw-r--r-- | src/lib/krb5/ccache/cc_mslsa.c | 43 |
2 files changed, 30 insertions, 18 deletions
diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog index f9e7d5254f..c7ba3ac6a1 100644 --- a/src/lib/krb5/ccache/ChangeLog +++ b/src/lib/krb5/ccache/ChangeLog @@ -1,5 +1,10 @@ 2004-01-31 Jeffrey Altman <jaltman@mit.edu> + * cc_mslsa.c: Optimize the get next logic by storing a handle to + the MS TGT in the lcc_cursor data structure + +2004-01-31 Jeffrey Altman <jaltman@mit.edu> + * cc_mslsa.c: Do not return tickets to the caller if they contain NULL session keys. This is to prevent useless TGTs from being placed into the MIT credential cache. diff --git a/src/lib/krb5/ccache/cc_mslsa.c b/src/lib/krb5/ccache/cc_mslsa.c index d5b9ce6698..c0df862f52 100644 --- a/src/lib/krb5/ccache/cc_mslsa.c +++ b/src/lib/krb5/ccache/cc_mslsa.c @@ -1057,6 +1057,7 @@ typedef struct _krb5_lcc_data { typedef struct _krb5_lcc_cursor { PKERB_QUERY_TKT_CACHE_RESPONSE response; int index; + PKERB_EXTERNAL_TICKET mstgt; } krb5_lcc_cursor; @@ -1214,24 +1215,29 @@ krb5_lcc_start_seq_get(krb5_context context, krb5_ccache id, krb5_cc_cursor *cur krb5_lcc_data *data = (krb5_lcc_data *)id->data; KERB_EXTERNAL_TICKET *msticket; + lcursor = (krb5_lcc_cursor *) malloc(sizeof(krb5_lcc_cursor)); + if (lcursor == NULL) { + *cursor = 0; + return KRB5_CC_NOMEM; + } + /* * obtain a tgt to refresh the ccache in case the ticket is expired */ - if (GetMSTGT(data->LogonHandle, data->PackageId, &msticket)) { - LsaFreeReturnBuffer(msticket); + if (!GetMSTGT(data->LogonHandle, data->PackageId, &lcursor->mstgt)) { + free(lcursor); + *cursor = 0; + KRB5_FCC_INTERNAL; } - lcursor = (krb5_lcc_cursor *) malloc(sizeof(krb5_lcc_cursor)); - if (lcursor == NULL) - return KRB5_CC_NOMEM; - if ( !GetQueryTktCacheResponse(data->LogonHandle, data->PackageId, &lcursor->response) ) { + LsaFreeReturnBuffer(lcursor->mstgt); free(lcursor); + *cursor = 0; KRB5_FCC_INTERNAL; } lcursor->index = 0; *cursor = (krb5_cc_cursor) lcursor; - return KRB5_OK; } @@ -1258,15 +1264,20 @@ krb5_lcc_next_cred(krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor, { krb5_lcc_cursor *lcursor = (krb5_lcc_cursor *) *cursor; krb5_lcc_data *data = (krb5_lcc_data *)id->data; - KERB_EXTERNAL_TICKET *msticket, * mstgt; + KERB_EXTERNAL_TICKET *msticket; next_cred: if ( lcursor->index >= lcursor->response->CountOfTickets ) return KRB5_CC_END; if (!GetMSCacheTicketFromCacheInfo(data->LogonHandle, data->PackageId, - &lcursor->response->Tickets[lcursor->index++],&msticket)) + &lcursor->response->Tickets[lcursor->index++],&msticket)) { + LsaFreeReturnBuffer(lcursor->mstgt); + LsaFreeReturnBuffer(lcursor->response); + free(*cursor); + *cursor = 0; return KRB5_FCC_INTERNAL; + } /* Don't return tickets with NULL Session Keys */ if ( msticket->SessionKey.KeyType == KERB_ETYPE_NULL) { @@ -1275,15 +1286,9 @@ krb5_lcc_next_cred(krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor, } /* convert the ticket */ - if (GetMSTGT(data->LogonHandle, data->PackageId, &mstgt)) { - MSCredToMITCred(msticket, mstgt->DomainName, context, creds); - LsaFreeReturnBuffer(mstgt); - LsaFreeReturnBuffer(msticket); - return KRB5_OK; - } else { - LsaFreeReturnBuffer(msticket); - return KRB5_FCC_INTERNAL; - } + MSCredToMITCred(msticket, lcursor->mstgt->DomainName, context, creds); + LsaFreeReturnBuffer(msticket); + return KRB5_OK; } /* @@ -1304,8 +1309,10 @@ krb5_lcc_end_seq_get(krb5_context context, krb5_ccache id, krb5_cc_cursor *curso { krb5_lcc_cursor *lcursor = (krb5_lcc_cursor *) *cursor; + LsaFreeReturnBuffer(lcursor->mstgt); LsaFreeReturnBuffer(lcursor->response); free(*cursor); + *cursor = 0; return KRB5_OK; } |