summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--proxy/src/gp_creds.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/proxy/src/gp_creds.c b/proxy/src/gp_creds.c
index 162caf6..35d66af 100644
--- a/proxy/src/gp_creds.c
+++ b/proxy/src/gp_creds.c
@@ -193,6 +193,7 @@ static int gp_get_cred_environment(struct gp_service *svc,
char *ccache = NULL;
char *client_keytab = NULL;
char *keytab = NULL;
+ bool user_requested = false;
int ret = 0;
target_uid = svc->euid;
@@ -204,6 +205,7 @@ static int gp_get_cred_environment(struct gp_service *svc,
(gss_oid_equal(&name_type, GSS_C_NT_STRING_UID_NAME) ||
gss_oid_equal(&name_type, GSS_C_NT_MACHINE_UID_NAME))) {
target_uid = atol(desired_name->display_name.octet_string_val);
+ user_requested = true;
} else {
ret_maj = gp_conv_gssx_to_name(&ret_min, desired_name, &name);
if (ret_maj) {
@@ -225,11 +227,14 @@ static int gp_get_cred_environment(struct gp_service *svc,
goto done;
}
- if (svc->krb5.client_keytab == NULL) {
- fmtstr = DEFAULT_CLIENT_KEYTAB;
+ if ((target_uid == 0) && (!user_requested)) {
+ fmtstr = svc->krb5.keytab;
} else {
fmtstr = svc->krb5.client_keytab;
}
+ if (fmtstr == NULL) {
+ fmtstr = DEFAULT_CLIENT_KEYTAB;
+ }
client_keytab = get_formatted_string(fmtstr, target_uid);
if (!client_keytab) {
GPDEBUG("Failed to construct client_keytab string.\n");
generated by cgit (git 2.34.1) at 2024-05-19 13:31:29 +0000