[krbdev.mit.edu #6416] kinit and krb5_get_init_creds_password discard error message state
Sam Hartman via RT
rt-comment at krbdev.mit.edu
Thu Mar 12 23:27:33 EDT 2009
There is a lot of code behind krb5_get_init_creds (and significantly
more with FAST) that calls krb5_set_error_message. Unfortunately,
this interacts badly with the use_master loop in routines like
krb5_get_init_creds_password, particularly if no master KDC is
available. What ends up happening is that the error message is
overwritten indicating what KDC cannot be contacted. The code
correctly returns the original error code but does not restore the
error state.
--Sam
More information about the krb5-bugs
mailing list