[OpenAFS-devel] Discarding tokens -- is this good?
Jeffrey Altman
jaltman@secure-endpoints.com
Sun, 12 Nov 2006 10:48:20 -0500
Robert Banz wrote:
> if ((acode == VICETOKENDEAD) || (acode == RXKADEXPIRED))
>
> Leads to the same message, I've added an extra bit to the "...expired"
> error message to tell me *which* of these is the case -- but I'm pretty
> sure that from the client's perspective it's tokens shouldn't be
> expiring for quite awhile.
VICETOKENDEAD does not mean that the client's tokens are expired.
It means that the token's associated with the RX connection are expired.
The file server sends this error when the last call received by the
file server was so long ago that the tokens associated with the
connection are no longer good. Its meant to trigger the use of a new
RX connection. It should not trigger the destruction of the tokens
held by the client.
Only an RXKADEXPIRED or RXKADBADTICKET should do that.
Jeffrey Altman