diff options
| author | Alexandra Ellwood <lxs@mit.edu> | 2008-03-10 19:32:47 +0000 |
|---|---|---|
| committer | Alexandra Ellwood <lxs@mit.edu> | 2008-03-10 19:32:47 +0000 |
| commit | 824574606a1be446bfa013bec46adc306632103d (patch) | |
| tree | 595c829fba9be8999dd25ce9d5170658cd739468 /src | |
| parent | 72d47a63bbfcdcb8c6fc642d2a511f4619066e3c (diff) | |
| download | krb5-824574606a1be446bfa013bec46adc306632103d.tar.gz krb5-824574606a1be446bfa013bec46adc306632103d.tar.xz krb5-824574606a1be446bfa013bec46adc306632103d.zip | |
cc_set_principal should return error on bad cred version
When the caller passes in a version different than the one the ccache
was opened with, cc_set_principal should return CC_ERR_CRED_VERSION
because "cred_vers is used as a double check".
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20263 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/ccapi/lib/ccapi_v2.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/ccapi/lib/ccapi_v2.c b/src/ccapi/lib/ccapi_v2.c index 3050fd1e6..ffeb1d694 100644 --- a/src/ccapi/lib/ccapi_v2.c +++ b/src/ccapi/lib/ccapi_v2.c @@ -450,6 +450,7 @@ cc_result cc_set_principal (apiCB *in_context, { cc_result err = ccNoError; cc_uint32 version; + cc_uint32 compat_version; if (!in_context ) { err = cci_check_error (ccErrBadParam); } if (!io_ccache ) { err = cci_check_error (ccErrBadParam); } @@ -460,6 +461,14 @@ cc_result cc_set_principal (apiCB *in_context, } if (!err) { + err = cci_ccache_get_compat_version (io_ccache, &compat_version); + } + + if (!err && version != compat_version) { + err = cci_check_error (ccErrBadCredentialsVersion); + } + + if (!err) { err = ccapi_ccache_set_principal (io_ccache, version, in_principal); } |