rcache question
Joakim Tjernlund
Joakim.Tjernlund at infinera.com
Thu Aug 13 08:45:50 EDT 2020
I got this old module(mod_auth_kerb) that don't build with version >= 18.2 due to missing krb5_rc_resolve_full()
Looking at the kode I got:
static int
have_rcache_type(const char *type)
{
krb5_error_code ret;
krb5_context context;
krb5_rcache id = NULL;
int found;
ret = krb5_init_context(&context);
if (ret)
return 0;
ret = krb5_rc_resolve_full(context, &id, "none:");
found = (ret == 0);
if (ret == 0)
krb5_rc_destroy(context, id);
krb5_free_context(context);
return found;
}
and this is used like so:
/* Suppress the MIT replay cache. Requires MIT Kerberos 1.4.0 or later.
1.3.x are covered by the hack overiding the replay calls */
if (getenv("KRB5RCACHETYPE") == NULL && have_rcache_type("none"))
putenv(strdup("KRB5RCACHETYPE=none"));
Looking at the mit-krb5 code is seems to me that rcache type "none" always
returns true so I could just make :
have_rcache_type(const char *type) { return 1; }
Is that a correct assumption ?
Jocke
More information about the krbdev
mailing list