Fix acquiring default credentials

In this case we want to prefer sourcing the "acceptor" credentials from a keytab if available, as that's what applications expect if they have no credentials. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Robbie Harwoood <rharwood@redhat.com>
author: Simo Sorce <simo@redhat.com> 2015-11-13 17:54:27 -0500
committer: Robbie Harwood <rharwood@redhat.com> 2015-12-01 17:46:00 -0500
commit: 8e28e35b9cf2cc6f1a2b4166b8cc1ae0856578d3 (patch)
tree: 4214bf6c8fd86f6df096ee6dfc80cd5de7764957 /proxy
parent: 84fcb276d2253f34e5d50a87e42e34c1fd918a55 (diff)
download: gss-proxy-8e28e35b9cf2cc6f1a2b4166b8cc1ae0856578d3.tar.gz
gss-proxy-8e28e35b9cf2cc6f1a2b4166b8cc1ae0856578d3.tar.xz
gss-proxy-8e28e35b9cf2cc6f1a2b4166b8cc1ae0856578d3.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/proxy/src/gp_creds.c b/proxy/src/gp_creds.c
index e00f735..e7f2676 100644
--- a/proxy/src/gp_creds.c
+++ b/proxy/src/gp_creds.c
@@ -291,7 +291,9 @@ static int gp_get_cred_environment(struct gp_call_ctx *gpcall,
         }
     } else {
         /* No name provided */
-        if (svc->euid != target_uid) {
+        if (svc->trusted && (svc->euid == target_uid)) {
+            use_service_keytab = true;
+        } else if (svc->euid != target_uid) {
             user_requested = true;
         }
     }
author	Simo Sorce <simo@redhat.com>	2015-11-13 17:54:27 -0500
committer	Robbie Harwood <rharwood@redhat.com>	2015-12-01 17:46:00 -0500
commit	8e28e35b9cf2cc6f1a2b4166b8cc1ae0856578d3 (patch)
tree	4214bf6c8fd86f6df096ee6dfc80cd5de7764957 /proxy
parent	84fcb276d2253f34e5d50a87e42e34c1fd918a55 (diff)
download	gss-proxy-8e28e35b9cf2cc6f1a2b4166b8cc1ae0856578d3.tar.gz gss-proxy-8e28e35b9cf2cc6f1a2b4166b8cc1ae0856578d3.tar.xz gss-proxy-8e28e35b9cf2cc6f1a2b4166b8cc1ae0856578d3.zip