[squid-dev] [PATCH] add memory keytab option
Markus Moeller
huaraz at moeller.plus.com
Tue Dec 16 00:16:35 UTC 2014
Hi Amos,
Thank you for the feedback and suggestions. I did some cleanup using
cppcheck too. Regarding the optarg check I was under the impression that
getopt just makes sure optarg is never NULL. Isn't that the case ?
Thank you
Markus
"Amos Jeffries" wrote in message news:548E20C8.1030808 at treenet.co.nz...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 15/12/2014 8:31 a.m., Markus Moeller wrote:
> Hi Amos, Could you check and add the following patch please ? They
> should improve performance on high load systems by reducing disk
> access The patch does the following: [...]
>
in helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.8:
* all instances if hypen (-) in man pages must be \-escaped. If any
are missed out the mand and groff tools corrupt the page contents.
NP: you can test syntax without having to install the script by
running "man ./negotiate_kerberos_auth.8" from the helper directory.
* s/alos/also/
in helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.cc:
* check_k5_err()
- errmsg can be defined on first use rather than pre-defined.
* krb5_free_kt_list()
- call xfree() instead of free()
- lp and prev locals can be defined on first use
* rkrb5_read_keytab()
- use xcalloc() to allocate 'entry =' instead of malloc() followed by
memset().
- the other two malloc() calls should be xmalloc().
- if (entry) free(entry); pair of lines can be one xfree().
* krb5_write_keytab()
- for (krb5_kt_list lp = list; ... instead of pre-defining the loop
iterator.
- lp and retval locals can be defined on first use
* in main() (...I think)
- setting keybat_name - use xstrdup() instead of strdup()
- when using optarg, please check if its NULL first and display an
appropriate FATAL: error message if it is missing.
- any syntax validation possible should be done before accepting
optarg. eg "HTTP/" prefix on keytab names, dir path exists with stat()
etc.
in helpers/negotiate_auth/kerberos/test_negotiate_auth.sh:
* please use portable shell code.
- the "if [[ ... ]]; then" should be written "if test ... ; then"
Thats all I have today. I've probably missed lots of opportunities for
"please define on first use" for local variables, so please check and
see if you can find any more in the new code.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUjiDIAAoJELJo5wb/XPRj0wwH/3KSBxKin4X2x5FPUUP5SAcE
8PE033fEiVsT+MArR8f7OxlLb3rRmFC9FCoOCzQ+rJW0Vz6SE636Q17HsCznXsY1
qJDqraOlu6Pmu+D+eywn62LkL+HfA63juyJamQl9Uac1iUaDRTHiE5RUisnBnqK/
ZFgFdlY14Bmlug4aPZA4IZ347MO7Glp65cKLuFDImdNXR+somYHzL9NXff1PCdQD
BQl/A0CsCanw1Ayh6/DSibRQzKokBQTiMdfvo0mLwhYz5VumO551FP21C668tLmm
2vgR70G3Rd69rLojTtA/J+U4E6+K5xhTxFhgAmDq648v5SdIN1EOE3c/NGqcHCY=
=szlQ
-----END PGP SIGNATURE-----
_______________________________________________
squid-dev mailing list
squid-dev at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: trunk_kerberos_memory_keytab_2.patch
Type: application/octet-stream
Size: 23404 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20141216/3fc72de3/attachment-0001.obj>
More information about the squid-dev
mailing list