Change in behavior for krb5_get_credentials()

Jeffrey Altman jaltman at MIT.EDU
Tue Apr 26 12:58:01 EDT 2005

John Hascall wrote:

> I have code which this could break.
> If krb5_get_credentials() returns success,
> I assume (rightly so up until now) that future calls can
> specify the KRB5_GC_CACHED option.
> John


Adding a new KRB5_GC_IGNORE_STORE_ERRORS is an API change
which I believe is worse than ignoring the return code.
I would rather add a KRB5_GC_RETURN_STORE_ERRORS to indicate
that the caller really wants to get them and is prepared to
handle them.

Of course, if we are going to differentiate a class of errors
there must also be some way for the application to test whether
or not an error is a STORE_ERROR or not according to get_credentials.

krb5_bool krb5_get_credentials_is_store_error(krb5_error_code code)

- Jeff

More information about the krbdev mailing list