diff options
| author | Sam Hartman <hartmans@mit.edu> | 2011-12-02 18:52:19 +0000 |
|---|---|---|
| committer | Sam Hartman <hartmans@mit.edu> | 2011-12-02 18:52:19 +0000 |
| commit | 0d2e965bb94fe7df11104fa462104f4eb19086a3 (patch) | |
| tree | 0c82bce9fb448f83ee01fbf4a1c8c80bc5e229e7 /src/lib | |
| parent | 2d4cf1e6217c23a34275d558f4ee53a07eaf9c72 (diff) | |
| download | krb5-0d2e965bb94fe7df11104fa462104f4eb19086a3.tar.gz krb5-0d2e965bb94fe7df11104fa462104f4eb19086a3.tar.xz krb5-0d2e965bb94fe7df11104fa462104f4eb19086a3.zip | |
krb5_lcc_store() now ignores config credentials
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7035
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25497 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/krb5/ccache/cc_mslsa.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/lib/krb5/ccache/cc_mslsa.c b/src/lib/krb5/ccache/cc_mslsa.c index 600478a15..9e9d27134 100644 --- a/src/lib/krb5/ccache/cc_mslsa.c +++ b/src/lib/krb5/ccache/cc_mslsa.c @@ -2648,6 +2648,15 @@ krb5_lcc_store(krb5_context context, krb5_ccache id, krb5_creds *creds) if (!is_windows_2000()) return KRB5_FCC_NOFILE; + if (krb5_is_config_principal(context, creds->server)) { + /* mslsa cannot store config creds, so we have to bail. + * The 'right' thing to do would be to return an appropriate error, + * but that would require modifying the calling code to check + * for that error and ignore it. + */ + return KRB5_OK; + } + #ifdef KERB_SUBMIT_TICKET /* we can use the new KerbSubmitTicketMessage to store the ticket */ if (KerbSubmitTicket( data->LogonHandle, data->PackageId, context, creds )) |