krb5 commit [krb5-1.12]: Try to scan_ccache() after leash picks a cache
Tom Yu
tlyu at mit.edu
Fri Sep 12 17:28:29 EDT 2014
https://github.com/krb5/krb5/commit/e65a03cff1eee52e5132505eaacf85031670f21c
commit e65a03cff1eee52e5132505eaacf85031670f21c
Author: Ben Kaduk <kaduk at mit.edu>
Date: Thu Aug 21 12:48:39 2014 -0400
Try to scan_ccache() after leash picks a cache
We need to call scan_ccache() in order to notice that there
are credentials and read their expire time.
The call to scan_ccache() in the Leash case was inadvertently
removed as part of commit 8651f3339ccc5a623172a8edfb9cf522883acacd.
(cherry picked from commit 674f7d7abe2d4f8bc3fe791e4347a332e3ccfd41)
ticket: 8012 (new)
version_fixed: 1.12.3
subject: gssapi.dll tries to get initial creds even when some are present
status: resolved
src/lib/gssapi/krb5/acquire_cred.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c
index 57edaa3..dd19b43 100644
--- a/src/lib/gssapi/krb5/acquire_cred.c
+++ b/src/lib/gssapi/krb5/acquire_cred.c
@@ -443,7 +443,8 @@ get_cache_for_name(krb5_context context, krb5_gss_cred_id_rec *cred)
assert(cred->name != NULL && cred->ccache == NULL);
#ifdef USE_LEASH
- return get_ccache_leash(context, cred->name->princ, &cred->ccache);
+ code = get_ccache_leash(context, cred->name->princ, &cred->ccache);
+ return code ? code : scan_ccache(context, cred);
#else
/* Check first whether we can acquire tickets, to avoid overwriting the
* extended error message from krb5_cc_cache_match. */
More information about the cvs-krb5
mailing list