svn rev #23909: trunk/src/lib/krb5/krb/
ghudson@MIT.EDU
ghudson at MIT.EDU
Tue Apr 20 03:56:58 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=23909
Commit By: ghudson
Log Message:
When setting up to get a TGT for the service realm in the TGS code,
get the cached local TGT before setting up the realm path.
Prior to this change, calling krb5_get_credentials() with an empty
ccache would result in KRB5_CC_NOTFOUND for a foreign server
principal, but would result in KRB5_NO_TKT_IN_REALM (generated by
krb5_walk_realm_tree) for a local server principal. With this change,
KRB5_CC_NOTFOUND is returned in both cases.
Changed Files:
U trunk/src/lib/krb5/krb/get_creds.c
Modified: trunk/src/lib/krb5/krb/get_creds.c
===================================================================
--- trunk/src/lib/krb5/krb/get_creds.c 2010-04-20 07:42:57 UTC (rev 23908)
+++ trunk/src/lib/krb5/krb/get_creds.c 2010-04-20 07:56:58 UTC (rev 23909)
@@ -941,11 +941,6 @@
return end_get_tgt(context, ctx);
}
- /* Initialize the realm path. */
- code = init_realm_path(context, ctx);
- if (code != 0)
- return code;
-
/* Start with the local tgt. */
krb5_free_creds(context, ctx->cur_tgt);
ctx->cur_tgt = NULL;
@@ -955,6 +950,11 @@
if (ctx->cur_tgt == NULL)
return ctx->cache_code;
+ /* Initialize the realm path. */
+ code = init_realm_path(context, ctx);
+ if (code != 0)
+ return code;
+
/* Empty out the realms-seen list for loop checking. */
krb5int_free_data_list(context, ctx->realms_seen);
ctx->realms_seen = NULL;
More information about the cvs-krb5
mailing list