[krbdev.mit.edu #8579] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Wed Apr 26 13:28:38 EDT 2017
Don't cache referral and alternate TGT replies
During a TGS request, if we get a TGT response that we didn't directly
ask for (a referral TGT or an alternate TGT), don't cache it. It
would have limited value in the cache as similar operations won't look
for that TGT. If the overall TGS operation fails and is repeated, we
could wind up caching the same entry multiple times, which doesn't
work well with our current ccache implementations.
https://github.com/krb5/krb5/commit/1dc619624421002b1e64d3b8c7e270508381b3e6
Author: Greg Hudson <ghudson at mit.edu>
Commit: 1dc619624421002b1e64d3b8c7e270508381b3e6
Branch: master
src/lib/krb5/krb/get_creds.c | 13 +++----------
src/tests/t_crossrealm.py | 35 +++++++++++++++++++++++++++++++++++
src/tests/t_referral.py | 11 ++++++++---
3 files changed, 46 insertions(+), 13 deletions(-)
More information about the krb5-bugs
mailing list