From e48780b854ac32b0fe35b607446d733486765fbe Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 27 Jun 2012 11:41:19 -0400
Subject: KRB5: Initialize the credential cache type properly

We weren't guaranteeing that the cctype-specific callbacks were
initialized before using them.

This bug only presented itself for users who were logging in
without a ccacheFile attribute in the LDB (for example, first-time
logins).
---
 src/providers/krb5/krb5_auth.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 9b503f47a..e931da965 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -605,6 +605,17 @@ static void krb5_find_ccache_step(struct tevent_req *req)
                 goto done;
             }
 
+            if (!kr->cc_be) {
+                kr->cc_be = get_cc_be_ops_ccache(kr->ccname);
+                if (kr->cc_be == NULL) {
+                    DEBUG(SSSDBG_CRIT_FAILURE,
+                          ("Cannot get operations on new ccache %s\n",
+                           kr->ccname));
+                    ret = EINVAL;
+                    goto done;
+                }
+            }
+
             ret = kr->cc_be->create(kr->ccname,
                                     kr->krb5_ctx->illegal_path_re,
                                     kr->uid, kr->gid, private_path);
-- 
cgit