svn rev #25530: trunk/src/lib/gssapi/krb5/
ghudson@MIT.EDU
ghudson at MIT.EDU
Wed Dec 7 14:38:22 EST 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=25530
Commit By: ghudson
Log Message:
ticket: 7047
subject: Allow S4U2Proxy service tickets to be cached
Previous to this change, the GSS code avoids caching S4U2Proxy results
for fear of the memory cache growing without bound, but that seems
unlikely to be a serious problem. Allow these to be cached.
Changed Files:
U trunk/src/lib/gssapi/krb5/init_sec_context.c
Modified: trunk/src/lib/gssapi/krb5/init_sec_context.c
===================================================================
--- trunk/src/lib/gssapi/krb5/init_sec_context.c 2011-12-07 19:38:13 UTC (rev 25529)
+++ trunk/src/lib/gssapi/krb5/init_sec_context.c 2011-12-07 19:38:22 UTC (rev 25530)
@@ -148,9 +148,7 @@
!krb5_principal_compare(context, cred->impersonator, server->princ)) {
krb5_creds mcreds;
- flags |= KRB5_GC_CANONICALIZE |
- KRB5_GC_NO_STORE |
- KRB5_GC_CONSTRAINED_DELEGATION;
+ flags |= KRB5_GC_CANONICALIZE | KRB5_GC_CONSTRAINED_DELEGATION;
memset(&mcreds, 0, sizeof(mcreds));
More information about the cvs-krb5
mailing list