svn rev #25497: trunk/src/lib/krb5/ccache/
hartmans@MIT.EDU
hartmans at MIT.EDU
Fri Dec 2 13:52:19 EST 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=25497
Commit By: hartmans
Log Message:
ticket: 7035
subject: krb5_lcc_store() now ignores config credentials
target_version: 1.10
tags: pullup
Signed-off-by: Kevin Wasserman <kevin.wasserman at painless-security.com>
Changed Files:
U trunk/src/lib/krb5/ccache/cc_mslsa.c
Modified: trunk/src/lib/krb5/ccache/cc_mslsa.c
===================================================================
--- trunk/src/lib/krb5/ccache/cc_mslsa.c 2011-12-02 18:52:12 UTC (rev 25496)
+++ trunk/src/lib/krb5/ccache/cc_mslsa.c 2011-12-02 18:52:19 UTC (rev 25497)
@@ -2648,6 +2648,15 @@
if (!is_windows_2000())
return KRB5_FCC_NOFILE;
+ if (krb5_is_config_principal(context, creds->server)) {
+ /* mslsa cannot store config creds, so we have to bail.
+ * The 'right' thing to do would be to return an appropriate error,
+ * but that would require modifying the calling code to check
+ * for that error and ignore it.
+ */
+ return KRB5_OK;
+ }
+
#ifdef KERB_SUBMIT_TICKET
/* we can use the new KerbSubmitTicketMessage to store the ticket */
if (KerbSubmitTicket( data->LogonHandle, data->PackageId, context, creds ))
More information about the cvs-krb5
mailing list