#include <afsconfig.h>
#include <afs/param.h>
#include <afs/stds.h>
+#include <afs/dirpath.h>
#include <rx/rx.h>
#include <rx/rxkad.h>
#include <string.h>
#include <errno.h>
+#include <sys/stat.h>
#include <krb5.h>
krb5_keytab_entry kte;
int i, n_nkeys, o_nkeys;
krb5_keytab_entry *n_ktent = NULL, *o_ktent;
+ struct stat tstat;
+
+ if (stat(AFSDIR_SERVER_CELLSERVDB_FILEPATH, &tstat) == 0) {
+ if (have_keytab_keys && tstat.st_mtime == last_reload) {
+ /* We haven't changed since the last time we loaded our keys, so
+ * there's nothing to do. */
+ ret = 0;
+ goto cleanup;
+ }
+ last_reload = tstat.st_mtime;
+ } else if (have_keytab_keys) {
+ /* stat() failed, but we already have keys, so don't do anything. */
+ ret = 0;
+ goto cleanup;
+ }
- time(&last_reload);
if (keytab_name != NULL)
ret = krb5_kt_resolve(k5ctx, keytab_name, &fkeytab);
else
krb5_enc_data ind;
#endif
krb5_data outd;
- int retried, i, foundkey;
+ int i, foundkey;
MUTEX_ENTER(&krb5_lock);
+ reload_keys();
if (have_keytab_keys == 0) {
- if (time(NULL) - last_reload > 600) {
- reload_keys();
- }
- if (have_keytab_keys == 0) {
- MUTEX_EXIT(&krb5_lock);
- return RXKADUNKNOWNKEY;
- }
+ MUTEX_EXIT(&krb5_lock);
+ return RXKADUNKNOWNKEY;
}
foundkey = 0;
code = -1;
- retried = 0;
-retry:
for (i = 0; i < nkeys; i++) {
/* foundkey determines what error code we return for failure */
if (ktent[i].vno == kvno)
#endif
}
}
- if (code != 0 && time(NULL) - last_reload > 600 && !retried) {
- reload_keys();
- retried = 1;
- goto retry;
- }
MUTEX_EXIT(&krb5_lock);
if (code == 0)
return 0;
projects / packages / o / openafs.git / commitdiff