Mercurial Mercurial > upstream > oracle > userland-gate / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
23587748 The overwrite arg to gss_store_cred() is not respected
authorWill Fiveash <will.fiveash@oracle.com>
Tue, 28 Jun 2016 20:27:10 -0500
changeset 6303 f5e952fa0abd
parent 6302 78e32c666cb4
child 6304 e7b24f04ddd3
23587748 The overwrite arg to gss_store_cred() is not respected
components/krb5/patches/070-gss_store_cred-fix.patch file | annotate | diff | comparison | revisions 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/krb5/patches/070-gss_store_cred-fix.patch	Tue Jun 28 20:27:10 2016 -0500
@@ -0,0 +1,31 @@
+#
+# This patch fixes an issue where gss_store_cred(), when called with
+# overwrite_creds is 1, is not overwriting the ccache file which causes
+# problems when trying to get service tickets and there is an expired tgt cred
+# in that ccache.
+#
+# This problem has been reported to MIT via this ticket: 8010 gss_store_cred
+# should initialize ccache and work with collections
+#
+# Patch source: in-house
+#
+
+diff -ur krb5-1.14.2/src/lib/gssapi/krb5/store_cred.c krb5-1.14.2-23587748/src/lib/gssapi/krb5/store_cred.c
+--- krb5-1.14.2/src/lib/gssapi/krb5/store_cred.c
++++ krb5-1.14.2-23587748/src/lib/gssapi/krb5/store_cred.c
+@@ -144,6 +144,15 @@
+             major_status = GSS_S_FAILURE;
+             goto cleanup;
+         }
++        if (overwrite_cred) {
++            code = krb5_cc_initialize(context, ccache,
++                                      kcred->name->princ);
++            if (code != 0) {
++                *minor_status = code;
++                major_status = GSS_S_CRED_UNAVAIL;
++                goto cleanup;
++            }
++        }
+     }
+ 
+     code = krb5_cc_copy_creds(context, kcred->ccache, ccache);
upstream/oracle/userland-gate