From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 19 Oct 2009 03:22:42 +0000 (+0000)
Subject: Clarify that krb5_keys are logically immutable but may not be shared
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c74d9795f47782fad6c478745317d9e305a8b4d0;p=thirdparty%2Fkrb5.git

Clarify that krb5_keys are logically immutable but may not be shared
between threads due to mutable internal state.

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/enc-perf@22929 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index b5294a458d..346e04dc11 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -351,7 +351,10 @@ typedef struct _krb5_keyblock {
 
 /*
  * Opaque identifier for a key.  Use with the krb5_k APIs for better
- * performance for repeated operations with the same key usage.
+ * performance for repeated operations with the same key usage.  Key
+ * identifiers must not be used simultaneously within multiple
+ * threads, as they may contain mutable internal state and are not
+ * mutex-protected.
  */
 struct krb5_key_st;
 typedef struct krb5_key_st *krb5_key;
@@ -713,17 +716,11 @@ krb5_error_code KRB5_CALLCONV
     (krb5_context context, krb5_enctype enctype,
 		    size_t data_length, unsigned int *size);
 
-/*
- * krb5_k_* functions use opaque key identifiers and should perform
- * better for repeated operations with the same key usage.  krb5_keys
- * are immutable once created.
- */
-
 krb5_error_code KRB5_CALLCONV
 krb5_k_create_key(krb5_context context, const krb5_keyblock *key_data,
 		  krb5_key *out);
 
-/* Since keys are immutable, they can be "copied" by reference count. */
+/* Keys are logically immutable and can be "copied" by reference count. */
 void KRB5_CALLCONV krb5_k_reference_key(krb5_context context, krb5_key key);
 
 /* Decrement the reference count on a key and free it if it hits zero. */