diff options
| author | Greg Hudson <ghudson@mit.edu> | 2012-03-21 16:57:05 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-03-21 16:57:05 +0000 |
| commit | 57a0c5e6c3c3af0eeed0487d56b53311752a8930 (patch) | |
| tree | 887daeb4dcec0cdb6d1885327eacaacdf6ca46e0 /src/kdc | |
| parent | fd3a2c5a467a42bbb864e1ddc7fc7f5bda93e339 (diff) | |
| download | krb5-57a0c5e6c3c3af0eeed0487d56b53311752a8930.tar.gz krb5-57a0c5e6c3c3af0eeed0487d56b53311752a8930.tar.xz krb5-57a0c5e6c3c3af0eeed0487d56b53311752a8930.zip | |
Only store master mey list in DAL handle
r24314 (#6778) created a hybrid owernship model for the master key
list, with one virtual copy stored in the DAL handle and one provided
to the caller of krb5_db_fetch_mkey_list. Replace this with a model
where only the DAL handle owns the list, and a caller can get access
to an alias pointer with a new function krb5_db_mkey_list_alias().
Functions which previously accepted the master key list as an input
parameter now expect to find it in the DAL handle.
Patch by Will Fiveash <will.fiveash@oracle.com>.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25781 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc')
| -rw-r--r-- | src/kdc/extern.h | 4 | ||||
| -rw-r--r-- | src/kdc/main.c | 4 |
2 files changed, 2 insertions, 6 deletions
diff --git a/src/kdc/extern.h b/src/kdc/extern.h index f7a2053fc..3866c6c1f 100644 --- a/src/kdc/extern.h +++ b/src/kdc/extern.h @@ -51,10 +51,9 @@ typedef struct __kdc_realm_data { krb5_principal realm_mprinc; /* Master principal for realm */ /* * Note realm_mkey is mkey read from stash or keyboard and may not be the - * latest. The mkey_list will have all the mkeys in use. + * latest. */ krb5_keyblock realm_mkey; /* Master key for this realm */ - krb5_keylist_node * mkey_list; /* list of mkeys in use for this realm */ /* * TGS per-realm data. */ @@ -88,7 +87,6 @@ kdc_realm_t *find_realm_data (char *, krb5_ui_4); #define max_life_for_realm kdc_active_realm->realm_maxlife #define max_renewable_life_for_realm kdc_active_realm->realm_maxrlife #define master_keyblock kdc_active_realm->realm_mkey -#define master_keylist kdc_active_realm->mkey_list #define master_princ kdc_active_realm->realm_mprinc #define tgs_server kdc_active_realm->realm_tgsprinc #define reject_bad_transit kdc_active_realm->realm_reject_bad_transit diff --git a/src/kdc/main.c b/src/kdc/main.c index 8d4df8762..c2c3e4e0e 100644 --- a/src/kdc/main.c +++ b/src/kdc/main.c @@ -179,8 +179,6 @@ finish_realm(kdc_realm_t *rdp) memset(rdp->realm_mkey.contents, 0, rdp->realm_mkey.length); free(rdp->realm_mkey.contents); } - if (rdp->mkey_list) - krb5_dbe_free_key_list(rdp->realm_context, rdp->mkey_list); krb5_db_fini(rdp->realm_context); if (rdp->realm_tgsprinc) krb5_free_principal(rdp->realm_context, rdp->realm_tgsprinc); @@ -427,7 +425,7 @@ init_realm(kdc_realm_t *rdp, char *realm, char *def_mpname, } if ((kret = krb5_db_fetch_mkey_list(rdp->realm_context, rdp->realm_mprinc, - &rdp->realm_mkey, mkvno, &rdp->mkey_list))) { + &rdp->realm_mkey))) { kdc_err(rdp->realm_context, kret, _("while fetching master keys list for realm %s"), realm); goto whoops; |