diff options
| author | Vince Busam <vbusam@google.com> | 2008-05-07 15:24:53 -0400 |
|---|---|---|
| committer | Steve Dickson <steved@redhat.com> | 2008-05-07 15:24:53 -0400 |
| commit | 25cd5f9101b8969f9e1f9d7d486f11c215d0eeb4 (patch) | |
| tree | 2738c15009738284a0a281d361175ed41e66b883 /utils/gssd/gssd_proc.c | |
| parent | 73f9b4402ec6625618967f947c99e6e417322d36 (diff) | |
| download | nfs-utils-25cd5f9101b8969f9e1f9d7d486f11c215d0eeb4.tar.gz nfs-utils-25cd5f9101b8969f9e1f9d7d486f11c215d0eeb4.tar.xz nfs-utils-25cd5f9101b8969f9e1f9d7d486f11c215d0eeb4.zip | |
Kerberos credentials may be stored in multiple places. Make it
possible to search several directories for valid credentials when
making NFS requests.
Original patch from Vince Busam <vbusam@google.com>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>.
Signed-off-by: Steve Dickson <steved@redhat.com>
Diffstat (limited to 'utils/gssd/gssd_proc.c')
| -rw-r--r-- | utils/gssd/gssd_proc.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c index bac7295..be6f440 100644 --- a/utils/gssd/gssd_proc.c +++ b/utils/gssd/gssd_proc.c @@ -685,6 +685,7 @@ handle_krb5_upcall(struct clnt_info *clp) gss_buffer_desc token; char **credlist = NULL; char **ccname; + char **dirname; int create_resp = -1; printerr(1, "handling krb5 upcall\n"); @@ -701,10 +702,14 @@ handle_krb5_upcall(struct clnt_info *clp) if (uid != 0 || (uid == 0 && root_uses_machine_creds == 0)) { /* Tell krb5 gss which credentials cache to use */ - gssd_setup_krb5_user_gss_ccache(uid, clp->servername); + for (dirname = ccachesearch; *dirname != NULL; dirname++) { + gssd_setup_krb5_user_gss_ccache(uid, clp->servername, *dirname); - create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid, - AUTHTYPE_KRB5); + create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid, + AUTHTYPE_KRB5); + if (create_resp == 0) + break; + } } if (create_resp != 0) { if (uid == 0 && root_uses_machine_creds == 1) { |