svn rev #25520: branches/krb5-1-10/src/lib/krb5/ccache/
tlyu@MIT.EDU
tlyu at MIT.EDU
Mon Dec 5 18:43:23 EST 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=25520
Commit By: tlyu
Log Message:
ticket: 7035
version_fixed: 1.10
status: resolved
pull up r25497 from trunk
------------------------------------------------------------------------
r25497 | hartmans | 2011-12-02 13:52:19 -0500 (Fri, 02 Dec 2011) | 7 lines
ticket: 7035
subject: krb5_lcc_store() now ignores config credentials
target_version: 1.10
tags: pullup
Signed-off-by: Kevin Wasserman <kevin.wasserman at painless-security.com>
Changed Files:
U branches/krb5-1-10/src/lib/krb5/ccache/cc_mslsa.c
Modified: branches/krb5-1-10/src/lib/krb5/ccache/cc_mslsa.c
===================================================================
--- branches/krb5-1-10/src/lib/krb5/ccache/cc_mslsa.c 2011-12-05 23:43:17 UTC (rev 25519)
+++ branches/krb5-1-10/src/lib/krb5/ccache/cc_mslsa.c 2011-12-05 23:43:23 UTC (rev 25520)
@@ -2648,6 +2648,15 @@
if (!is_windows_2000())
return KRB5_FCC_NOFILE;
+ if (krb5_is_config_principal(context, creds->server)) {
+ /* mslsa cannot store config creds, so we have to bail.
+ * The 'right' thing to do would be to return an appropriate error,
+ * but that would require modifying the calling code to check
+ * for that error and ignore it.
+ */
+ return KRB5_OK;
+ }
+
#ifdef KERB_SUBMIT_TICKET
/* we can use the new KerbSubmitTicketMessage to store the ticket */
if (KerbSubmitTicket( data->LogonHandle, data->PackageId, context, creds ))
More information about the cvs-krb5
mailing list