[squid-dev] [PATCH] add memory keytab option
Amos Jeffries
squid3 at treenet.co.nz
Sun Dec 14 23:44:08 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 15/12/2014 8:31 a.m., Markus Moeller wrote:
> Hi Amos, Could you check and add the following patch please ? They
> should improve performance on high load systems by reducing disk
> access The patch does the following: [...]
>
in helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.8:
* all instances if hypen (-) in man pages must be \-escaped. If any
are missed out the mand and groff tools corrupt the page contents.
NP: you can test syntax without having to install the script by
running "man ./negotiate_kerberos_auth.8" from the helper directory.
* s/alos/also/
in helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.cc:
* check_k5_err()
- errmsg can be defined on first use rather than pre-defined.
* krb5_free_kt_list()
- call xfree() instead of free()
- lp and prev locals can be defined on first use
* rkrb5_read_keytab()
- use xcalloc() to allocate 'entry =' instead of malloc() followed by
memset().
- the other two malloc() calls should be xmalloc().
- if (entry) free(entry); pair of lines can be one xfree().
* krb5_write_keytab()
- for (krb5_kt_list lp = list; ... instead of pre-defining the loop
iterator.
- lp and retval locals can be defined on first use
* in main() (...I think)
- setting keybat_name - use xstrdup() instead of strdup()
- when using optarg, please check if its NULL first and display an
appropriate FATAL: error message if it is missing.
- any syntax validation possible should be done before accepting
optarg. eg "HTTP/" prefix on keytab names, dir path exists with stat()
etc.
in helpers/negotiate_auth/kerberos/test_negotiate_auth.sh:
* please use portable shell code.
- the "if [[ ... ]]; then" should be written "if test ... ; then"
Thats all I have today. I've probably missed lots of opportunities for
"please define on first use" for local variables, so please check and
see if you can find any more in the new code.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUjiDIAAoJELJo5wb/XPRj0wwH/3KSBxKin4X2x5FPUUP5SAcE
8PE033fEiVsT+MArR8f7OxlLb3rRmFC9FCoOCzQ+rJW0Vz6SE636Q17HsCznXsY1
qJDqraOlu6Pmu+D+eywn62LkL+HfA63juyJamQl9Uac1iUaDRTHiE5RUisnBnqK/
ZFgFdlY14Bmlug4aPZA4IZ347MO7Glp65cKLuFDImdNXR+somYHzL9NXff1PCdQD
BQl/A0CsCanw1Ayh6/DSibRQzKokBQTiMdfvo0mLwhYz5VumO551FP21C668tLmm
2vgR70G3Rd69rLojTtA/J+U4E6+K5xhTxFhgAmDq648v5SdIN1EOE3c/NGqcHCY=
=szlQ
-----END PGP SIGNATURE-----
More information about the squid-dev
mailing list