rcache question

Joakim Tjernlund Joakim.Tjernlund at infinera.com
Thu Aug 13 08:45:50 EDT 2020

I got this old module(mod_auth_kerb) that don't build with version >= 18.2 due to missing  krb5_rc_resolve_full()
Looking at the kode I got:
static int
have_rcache_type(const char *type)
   krb5_error_code ret;
   krb5_context context;
   krb5_rcache id = NULL;
   int found;

   ret = krb5_init_context(&context);
   if (ret)
      return 0;

   ret = krb5_rc_resolve_full(context, &id, "none:");
   found = (ret == 0);

   if (ret == 0)
      krb5_rc_destroy(context, id);

   return found;

and this is used like so:
   /* Suppress the MIT replay cache.  Requires MIT Kerberos 1.4.0 or later.
      1.3.x are covered by the hack overiding the replay calls */
   if (getenv("KRB5RCACHETYPE") == NULL && have_rcache_type("none"))

Looking at the mit-krb5 code is seems to me that rcache type "none" always
returns true so I could just make :
 have_rcache_type(const char *type) { return 1; }
Is that a correct assumption ?


More information about the krbdev mailing list