diff options
| author | Sam Hartman <hartmans@mit.edu> | 2002-09-11 20:50:59 +0000 |
|---|---|---|
| committer | Sam Hartman <hartmans@mit.edu> | 2002-09-11 20:50:59 +0000 |
| commit | 893621a45d3941bd626de96abe45a22a6271e332 (patch) | |
| tree | 402acbbcd6cb0826fa6594858727883bfd9d5b42 /src/lib | |
| parent | c432ab0787057e94d38b25f390a04c99478825e1 (diff) | |
| download | krb5-893621a45d3941bd626de96abe45a22a6271e332.tar.gz krb5-893621a45d3941bd626de96abe45a22a6271e332.tar.xz krb5-893621a45d3941bd626de96abe45a22a6271e332.zip | |
Don't request addresses when
we forward addressless tickets
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14845 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/krb5/krb/ChangeLog | 6 | ||||
| -rw-r--r-- | src/lib/krb5/krb/fwd_tgt.c | 23 |
2 files changed, 18 insertions, 11 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 479378d59..14b02e6bb 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,9 @@ +2002-09-11 Sam Hartman <hartmans@mit.edu> + + * fwd_tgt.c (krb5_fwd_tgt_creds): If our initial tickets don't + have addresses, neither should forwarded tickets. Also, noticed + that cc was being used before initialized in some cases; fixed. + 2002-09-02 Ken Raeburn <raeburn@mit.edu> * addr_comp.c, addr_order.c, addr_srch.c, appdefault.c, diff --git a/src/lib/krb5/krb/fwd_tgt.c b/src/lib/krb5/krb/fwd_tgt.c index d589144b8..f8818d4fb 100644 --- a/src/lib/krb5/krb/fwd_tgt.c +++ b/src/lib/krb5/krb/fwd_tgt.c @@ -47,7 +47,7 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r { krb5_replay_data replaydata; krb5_data * scratch = 0; - krb5_address **addrs = 0; + krb5_address **addrs = NULL; krb5_error_code retval; krb5_creds creds, tgt; krb5_creds *pcreds; @@ -74,6 +74,11 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r memcpy(rhost, server->data[1].data, server->data[1].length); rhost[server->data[1].length] = '\0'; } + if (cc == 0) { + if ((retval = krb5int_cc_default(context, &cc))) + goto errout; + close_cc = 1; + } retval = krb5_auth_con_getkey (context, auth_context, &session_key); if (retval) goto errout; @@ -103,10 +108,6 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r punt: krb5_free_cred_contents (context, &in); } - - retval = krb5_os_hostaddr(context, rhost, &addrs); - if (retval) - goto errout; if ((retval = krb5_copy_principal(context, client, &creds.client))) goto errout; @@ -121,12 +122,6 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r 0))) goto errout; - if (cc == 0) { - if ((retval = krb5int_cc_default(context, &cc))) - goto errout; - close_cc = 1; - } - /* fetch tgt directly from cache */ retval = krb5_cc_retrieve_cred (context, cc, KRB5_TC_SUPPORTED_KTYPES, &creds, &tgt); @@ -144,6 +139,12 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r goto errout; } + if (tgt.addresses && *tgt.addresses) { + retval = krb5_os_hostaddr(context, rhost, &addrs); + if (retval) + goto errout; + } + creds.keyblock.enctype = enctype; creds.times = tgt.times; creds.times.starttime = 0; |