- ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
- "mod_waklog: mod->endtime: %u, now: %u", mod->endtime, now );
-
- /*
- ** Only one process will get into the critical region below and
- ** replace the soon-to-be-expired credential; the rest will just
- ** use the still-good credential until the new one shows up.
- **
- ** The TAS flag will stop other processes from entering the
- ** first half of the conditional above, and the critical region
- ** below will not exit until mod->endtime has been updated to
- ** reflect that of the new credentials (or fail).
- **
- ** (While it is possible for all child processes to get past the
- ** first half of the conditional above, and then for one
- ** process to get into the critical region below and run to the
- ** end (clearing the TAS flag), a fair scheduler would not
- ** do this; but even so, it really wouldn't kill us if ALL of
- ** the child processes got credentials, anyway.
- */
- if ( !test_and_set_bit( 0, &mod->getting_tgt ) ) {
-
- if (( kerror = krb5_init_context( &kcontext ))) {
- ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
- (char *)error_message( kerror ));
-
- goto cleanup1;
- }
-
- /* use the path */
- if (( kerror = krb5_cc_resolve( kcontext, K5PATH, &kccache )) != 0 ) {
- ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
- (char *)error_message( kerror ));
-
- goto cleanup2;
- }
-
- if (( kerror = krb5_parse_name( kcontext, PRINCIPAL, &kprinc ))) {
- ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
- (char *)error_message( kerror ));
-
- goto cleanup3;
- }
-
- krb5_get_init_creds_opt_init( &kopts );
- krb5_get_init_creds_opt_set_tkt_life( &kopts, 10*60*60 );
- krb5_get_init_creds_opt_set_renew_life( &kopts, 0 );
- krb5_get_init_creds_opt_set_forwardable( &kopts, 1 );
- krb5_get_init_creds_opt_set_proxiable( &kopts, 0 );
-
- /* which keytab should we use? */
- strcpy( ktbuf, keytab_path ? keytab_path : KEYTAB_PATH );
-
- if ( strlen( ktbuf ) > MAX_KEYTAB_NAME_LEN ) {
- ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
- "server configuration error" );
-
- goto cleanup4;
- }