Change in behavior for krb5_get_credentials()

Ken Raeburn raeburn at MIT.EDU
Tue Apr 26 18:48:16 EDT 2005

On Apr 26, 2005, at 18:32, Jeffrey Altman wrote:
>> If you return a null pointer or a valid pointer for the credential
>> handle, it's easy to check independent of the specific error returned.
> Unfortunately, we can't even count on this behavior because the 
> existing
> interface does not set *out_creds to NULL on failure.   It is the
> responsibility of the caller to set *out_creds to NULL before the call.
> It is only going to be safe to return credentials on error condition if
> the caller sets a flag indicating that they are going to perform the
> necessary checks.

Hmm, yes, actually, and I think our current code can return an invalid 
non-null pointer in certain error cases.  Adding a flag only helps if 
the application can know that it's using an updated version of the 
library that won't do that.

More information about the krbdev mailing list