diff options
author | Ezra Peisach <epeisach@mit.edu> | 2008-10-19 10:44:56 +0000 |
---|---|---|
committer | Ezra Peisach <epeisach@mit.edu> | 2008-10-19 10:44:56 +0000 |
commit | ab2619572165ee5badefa51e25d41604a4caac21 (patch) | |
tree | 284b96ea1226f938c5a680bed134f6d0164c8af2 /src/lib/kdb/kdb_default.c | |
parent | 451a8448222f86f3a320548b80074b8bcc082e52 (diff) | |
download | krb5-ab2619572165ee5badefa51e25d41604a4caac21.tar.gz krb5-ab2619572165ee5badefa51e25d41604a4caac21.tar.xz krb5-ab2619572165ee5badefa51e25d41604a4caac21.zip |
In krb5_def_store_mkey(), mktemp was being invoked with a string WRFILE:....
This returns an error - as it actually tries to open the file.
Move some of the logic that points to the actual filename earlier - so
mktemp works on the .... portion.
Note that the netbsd linker gives a warning on using mktemp as it may be
insecure - but there is no obvious way to avoid it.
ticket: new
subhect: netbsd mktemp actually tries to open file
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20896 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/kdb/kdb_default.c')
-rw-r--r-- | src/lib/kdb/kdb_default.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c index b792b3846a..d6f724ce0a 100644 --- a/src/lib/kdb/kdb_default.c +++ b/src/lib/kdb/kdb_default.c @@ -184,7 +184,14 @@ krb5_def_store_mkey(krb5_context context, goto out; } - if (mktemp(tmp_ktname) == NULL) { + /* + * Set tmp_ktpath to point to the keyfile path (skip WRFILE:). Subtracting + * 1 to account for NULL terminator in sizeof calculation of a string + * constant. Used further down. + */ + tmp_ktpath = tmp_ktname + (sizeof("WRFILE:") - 1); + + if (mktemp(tmp_ktpath) == NULL) { retval = errno; krb5_set_error_message (context, retval, "Could not create temp stash file: %s", @@ -202,15 +209,7 @@ krb5_def_store_mkey(krb5_context context, new_entry.principal = mname; new_entry.key = *key; new_entry.vno = kvno; -#endif /* LEAN_CLIENT */ - /* - * Set tmp_ktpath to point to the keyfile path (skip WRFILE:). Subtracting - * 1 to account for NULL terminator in sizeof calculation of a string - * constant. Used further down. - */ - tmp_ktpath = tmp_ktname + (sizeof("WRFILE:") - 1); -#ifndef LEAN_CLIENT retval = krb5_kt_add_entry(context, kt, &new_entry); if (retval != 0) { /* delete tmp keyfile if it exists and an error occurrs */ |