diff options
| author | Lukas Hejtmanek <xhejtman@ics.muni.cz> | 2008-07-15 10:02:49 -0400 |
|---|---|---|
| committer | Steve Dickson <steved@redhat.com> | 2008-07-15 10:02:49 -0400 |
| commit | b13f13b0f2ebdadc47eef8bf3fd4eb076e144fda (patch) | |
| tree | 8f6f81f87f95d6d14ccd24b7b5078c0642c0211d | |
| parent | 710765a87d599d95de51b79202ba3d82fd03ed95 (diff) | |
| download | nfs-utils-b13f13b0f2ebdadc47eef8bf3fd4eb076e144fda.tar.gz nfs-utils-b13f13b0f2ebdadc47eef8bf3fd4eb076e144fda.tar.xz nfs-utils-b13f13b0f2ebdadc47eef8bf3fd4eb076e144fda.zip | |
gssd_setup_krb5_user_gss_ccache must return an error if no usable cache is
found. Trying to use invalid default cache and continue is not good idea at all.
Signed-off-by: Lukas Hejtmanek <xhejtman@ics.muni.cz>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
| -rw-r--r-- | utils/gssd/gssd_proc.c | 5 | ||||
| -rw-r--r-- | utils/gssd/krb5_util.c | 9 | ||||
| -rw-r--r-- | utils/gssd/krb5_util.h | 2 |
3 files changed, 8 insertions, 8 deletions
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c index be6f440..a145081 100644 --- a/utils/gssd/gssd_proc.c +++ b/utils/gssd/gssd_proc.c @@ -703,9 +703,8 @@ handle_krb5_upcall(struct clnt_info *clp) if (uid != 0 || (uid == 0 && root_uses_machine_creds == 0)) { /* Tell krb5 gss which credentials cache to use */ for (dirname = ccachesearch; *dirname != NULL; dirname++) { - gssd_setup_krb5_user_gss_ccache(uid, clp->servername, *dirname); - - create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid, + if (gssd_setup_krb5_user_gss_ccache(uid, clp->servername, *dirname) == 0) + create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid, AUTHTYPE_KRB5); if (create_resp == 0) break; diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c index 512c1cf..4a4d10b 100644 --- a/utils/gssd/krb5_util.c +++ b/utils/gssd/krb5_util.c @@ -894,9 +894,10 @@ out: * do the best we can. * * Returns: - * void + * 0 => a ccache was found + * 1 => no ccache was found */ -void +int gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername, char *dirname) { char buf[MAX_NETOBJ_SZ]; @@ -910,11 +911,11 @@ gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername, char *dirname) free(d); } else - snprintf(buf, sizeof(buf), "FILE:%s/%s%u", - dirname, GSSD_DEFAULT_CRED_PREFIX, uid); + return 1; printerr(2, "using %s as credentials cache for client with " "uid %u for server %s\n", buf, uid, servername); gssd_set_krb5_ccache_name(buf); + return 0; } /* diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h index 431fdaf..addae1c 100644 --- a/utils/gssd/krb5_util.h +++ b/utils/gssd/krb5_util.h @@ -17,7 +17,7 @@ struct gssd_k5_kt_princ { }; -void gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername, +int gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername, char *dirname); int gssd_get_krb5_machine_cred_list(char ***list); void gssd_free_krb5_machine_cred_list(char **list); |