Blob Blame History Raw
From 6e29836f794abdd91aa03d334b72b7a7f4800e92 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Sat, 4 Aug 2018 23:55:18 -0400
Subject: [PATCH] Use a hash table for MEMORY ccache resolution

In cc_memory.c, replace the linked list of caches with a hash table,
for better performance with large numbers of memory caches.

ticket: 8722 (new)
(cherry picked from commit 088ba228acce4fd55bbb7c30122fe2703b8beeb8)
---
 src/lib/krb5/ccache/cc_memory.c | 77 +++++++++++++++------------------
 1 file changed, 34 insertions(+), 43 deletions(-)

diff --git a/src/lib/krb5/ccache/cc_memory.c b/src/lib/krb5/ccache/cc_memory.c
index cfd5c6389..114ef6913 100644
--- a/src/lib/krb5/ccache/cc_memory.c
+++ b/src/lib/krb5/ccache/cc_memory.c
@@ -26,6 +26,7 @@
 
 #include "cc-int.h"
 #include "../krb/int-proto.h"
+#include "k5-hashtab.h"
 #include <errno.h>
 
 static krb5_error_code KRB5_CALLCONV krb5_mcc_close
@@ -118,12 +119,6 @@ typedef struct _krb5_mcc_data {
     int generation;             /* Incremented at each initialize */
 } krb5_mcc_data;
 
-/* List of memory caches.  */
-typedef struct krb5_mcc_list_node {
-    struct krb5_mcc_list_node *next;
-    krb5_mcc_data *cache;
-} krb5_mcc_list_node;
-
 /* Iterator over credentials in a memory cache. */
 struct mcc_cursor {
     int generation;
@@ -136,10 +131,27 @@ struct krb5_mcc_ptcursor_data {
 };
 
 k5_cc_mutex krb5int_mcc_mutex = K5_CC_MUTEX_PARTIAL_INITIALIZER;
-static krb5_mcc_list_node *mcc_head = 0;
+static struct k5_hashtab *mcc_hashtab = NULL;
 
 static void update_mcc_change_time(krb5_mcc_data *);
 
+/* Ensure that mcc_hashtab is initialized.  Call with krb5int_mcc_mutex
+ * locked. */
+static krb5_error_code
+init_table(krb5_context context)
+{
+    krb5_error_code ret;
+    uint8_t seed[K5_HASH_SEED_LEN];
+    krb5_data d = make_data(seed, sizeof(seed));
+
+    if (mcc_hashtab != NULL)
+        return 0;
+    ret = krb5_c_random_make_octets(context, &d);
+    if (ret)
+        return ret;
+    return k5_hashtab_create(seed, 64, &mcc_hashtab);
+}
+
 /* Remove creds from d, invalidate any existing cursors, and unset the client
  * principal.  The caller is responsible for locking. */
 static void
@@ -230,21 +242,13 @@ krb5_mcc_close(krb5_context context, krb5_ccache id)
 krb5_error_code KRB5_CALLCONV
 krb5_mcc_destroy(krb5_context context, krb5_ccache id)
 {
-    krb5_mcc_list_node **curr, *node;
     krb5_mcc_data *d = id->data;
     krb5_boolean removed_from_table = FALSE;
 
+    /* Remove this node from the table if it is still present. */
     k5_cc_mutex_lock(context, &krb5int_mcc_mutex);
-
-    for (curr = &mcc_head; *curr; curr = &(*curr)->next) {
-        if ((*curr)->cache == d) {
-            node = *curr;
-            *curr = node->next;
-            free(node);
-            removed_from_table = TRUE;
-            break;
-        }
-    }
+    if (k5_hashtab_remove(mcc_hashtab, d->name, strlen(d->name)))
+        removed_from_table = TRUE;
     k5_cc_mutex_unlock(context, &krb5int_mcc_mutex);
 
     /* Empty the cache and remove the reference for the table slot.  There will
@@ -289,16 +293,13 @@ krb5_mcc_resolve (krb5_context context, krb5_ccache *id, const char *residual)
 {
     krb5_os_context os_ctx = &context->os_context;
     krb5_ccache lid;
-    krb5_mcc_list_node *ptr;
     krb5_error_code err;
     krb5_mcc_data *d;
 
     k5_cc_mutex_lock(context, &krb5int_mcc_mutex);
-    for (ptr = mcc_head; ptr; ptr=ptr->next)
-        if (!strcmp(ptr->cache->name, residual))
-            break;
-    if (ptr != NULL) {
-        d = ptr->cache;
+    init_table(context);
+    d = k5_hashtab_get(mcc_hashtab, residual, strlen(residual));
+    if (d != NULL) {
         k5_cc_mutex_lock(context, &d->lock);
         d->refcount++;
         k5_cc_mutex_unlock(context, &d->lock);
@@ -438,18 +439,17 @@ krb5_mcc_end_seq_get(krb5_context context, krb5_ccache id, krb5_cc_cursor *curso
 }
 
 /*
- * Utility routine: Creates the back-end data for a memory cache, and threads
- * it into the global linked list.  Give the new object two references, one for
- * the table slot and one for the caller's handle.
+ * Utility routine: Creates the back-end data for a memory cache, and adds it
+ * to the global table.  Give the new object two references, one for the table
+ * slot and one for the caller's handle.
  *
- * Call with the global list lock held.
+ * Call with the global table lock held.
  */
 static krb5_error_code
 new_mcc_data (const char *name, krb5_mcc_data **dataptr)
 {
     krb5_error_code err;
     krb5_mcc_data *d;
-    krb5_mcc_list_node *n;
 
     d = malloc(sizeof(krb5_mcc_data));
     if (d == NULL)
@@ -476,18 +476,13 @@ new_mcc_data (const char *name, krb5_mcc_data **dataptr)
     d->generation = 0;
     update_mcc_change_time(d);
 
-    n = malloc(sizeof(krb5_mcc_list_node));
-    if (n == NULL) {
+    if (k5_hashtab_add(mcc_hashtab, d->name, strlen(d->name), d) != 0) {
         free(d->name);
         k5_cc_mutex_destroy(&d->lock);
         free(d);
         return KRB5_CC_NOMEM;
     }
 
-    n->cache = d;
-    n->next = mcc_head;
-    mcc_head = n;
-
     *dataptr = d;
     return 0;
 }
@@ -522,11 +517,10 @@ krb5_mcc_generate_new (krb5_context context, krb5_ccache *id)
     lid->ops = &krb5_mcc_ops;
 
     k5_cc_mutex_lock(context, &krb5int_mcc_mutex);
+    init_table(context);
 
     /* Check for uniqueness with mutex locked to avoid race conditions */
     while (1) {
-        krb5_mcc_list_node *ptr;
-
         err = krb5int_random_string (context, uniquename, sizeof (uniquename));
         if (err) {
             k5_cc_mutex_unlock(context, &krb5int_mcc_mutex);
@@ -534,12 +528,9 @@ krb5_mcc_generate_new (krb5_context context, krb5_ccache *id)
             return err;
         }
 
-        for (ptr = mcc_head; ptr; ptr=ptr->next) {
-            if (!strcmp(ptr->cache->name, uniquename)) {
-                break;  /* got a match, loop again */
-            }
-        }
-        if (!ptr) break; /* got to the end without finding a match */
+        if (k5_hashtab_get(mcc_hashtab, uniquename,
+                           strlen(uniquename)) == NULL)
+            break;
     }
 
     err = new_mcc_data(uniquename, &d);