Change in behavior for krb5_get_credentials()
Ken Raeburn
raeburn at MIT.EDU
Tue Apr 26 18:48:16 EDT 2005
On Apr 26, 2005, at 18:32, Jeffrey Altman wrote:
>> If you return a null pointer or a valid pointer for the credential
>> handle, it's easy to check independent of the specific error returned.
> Unfortunately, we can't even count on this behavior because the
> existing
> interface does not set *out_creds to NULL on failure. It is the
> responsibility of the caller to set *out_creds to NULL before the call.
>
> It is only going to be safe to return credentials on error condition if
> the caller sets a flag indicating that they are going to perform the
> necessary checks.
Hmm, yes, actually, and I think our current code can return an invalid
non-null pointer in certain error cases. Adding a flag only helps if
the application can know that it's using an updated version of the
library that won't do that.
More information about the krbdev
mailing list