summaryrefslogtreecommitdiffstats
path: root/0001-Don-t-try-to-stat-not-on-disk-ccache-residuals.patch
diff options
context:
space:
mode:
Diffstat (limited to '0001-Don-t-try-to-stat-not-on-disk-ccache-residuals.patch')
-rw-r--r--0001-Don-t-try-to-stat-not-on-disk-ccache-residuals.patch316
1 files changed, 0 insertions, 316 deletions
diff --git a/0001-Don-t-try-to-stat-not-on-disk-ccache-residuals.patch b/0001-Don-t-try-to-stat-not-on-disk-ccache-residuals.patch
deleted file mode 100644
index ac6ce53..0000000
--- a/0001-Don-t-try-to-stat-not-on-disk-ccache-residuals.patch
+++ /dev/null
@@ -1,316 +0,0 @@
-From 9f902f70a79ab864083078d104196a83943844ac Mon Sep 17 00:00:00 2001
-From: Nalin Dahyabhai <nalin@redhat.com>
-Date: Fri, 1 Nov 2013 09:48:13 -0400
-Subject: [PATCH 1/6] Don't try to stat() not-on-disk ccache residuals
-
-Don't assume that ccache residual names are filenames which we can
-stat() usefully. Instead, use helper functions to call the library
-routines to try to read the default principal name from caches.
----
- src/clients/ksu/ccache.c | 88 +++++++++++++++++++++++++++------------------
- src/clients/ksu/heuristic.c | 13 ++-----
- src/clients/ksu/ksu.h | 6 ++++
- src/clients/ksu/main.c | 17 +++++----
- 4 files changed, 70 insertions(+), 54 deletions(-)
-
-diff --git a/src/clients/ksu/ccache.c b/src/clients/ksu/ccache.c
-index 9916c75..7917af2 100644
---- a/src/clients/ksu/ccache.c
-+++ b/src/clients/ksu/ccache.c
-@@ -60,12 +60,10 @@ krb5_error_code krb5_ccache_copy (context, cc_def, cc_other_tag,
- {
- int i=0;
- krb5_ccache * cc_other;
-- const char * cc_def_name;
-- const char * cc_other_name;
-+ const char * cc_other_type;
- krb5_error_code retval=0;
- krb5_creds ** cc_def_creds_arr = NULL;
- krb5_creds ** cc_other_creds_arr = NULL;
-- struct stat st_temp;
-
- cc_other = (krb5_ccache *) xcalloc(1, sizeof (krb5_ccache));
-
-@@ -74,10 +72,9 @@ krb5_error_code krb5_ccache_copy (context, cc_def, cc_other_tag,
- return retval;
- }
-
-- cc_def_name = krb5_cc_get_name(context, cc_def);
-- cc_other_name = krb5_cc_get_name(context, *cc_other);
-+ cc_other_type = krb5_cc_get_type(context, *cc_other);
-
-- if ( ! stat(cc_def_name, &st_temp)){
-+ if (krb5_ccache_is_initialized(context, cc_def)) {
- if((retval = krb5_get_nonexp_tkts(context,cc_def,&cc_def_creds_arr))){
- return retval;
- }
-@@ -86,7 +83,8 @@ krb5_error_code krb5_ccache_copy (context, cc_def, cc_other_tag,
- *stored = krb5_find_princ_in_cred_list(context, cc_def_creds_arr,
- primary_principal);
-
-- if (!lstat( cc_other_name, &st_temp))
-+ if (!krb5_cc_support_switch(context, cc_other_type) &&
-+ krb5_ccache_name_is_initialized(context, cc_other_tag))
- return EINVAL;
-
- if (krb5_seteuid(0)||krb5_seteuid(target_uid)) {
-@@ -533,24 +531,18 @@ krb5_error_code krb5_ccache_overwrite(context, ccs, cct, primary_principal)
- krb5_ccache cct;
- krb5_principal primary_principal;
- {
-- const char * cct_name;
-- const char * ccs_name;
- krb5_error_code retval=0;
- krb5_principal temp_principal;
- krb5_creds ** ccs_creds_arr = NULL;
- int i=0;
-- struct stat st_temp;
-
-- ccs_name = krb5_cc_get_name(context, ccs);
-- cct_name = krb5_cc_get_name(context, cct);
--
-- if ( ! stat(ccs_name, &st_temp)){
-+ if (krb5_ccache_is_initialized(context, ccs)) {
- if ((retval = krb5_get_nonexp_tkts(context, ccs, &ccs_creds_arr))){
- return retval;
- }
- }
-
-- if ( ! stat(cct_name, &st_temp)){
-+ if (krb5_ccache_is_initialized(context, cct)) {
- if ((retval = krb5_cc_get_principal(context, cct, &temp_principal))){
- return retval;
- }
-@@ -649,12 +641,10 @@ krb5_error_code krb5_ccache_copy_restricted (context, cc_def, cc_other_tag,
-
- int i=0;
- krb5_ccache * cc_other;
-- const char * cc_def_name;
-- const char * cc_other_name;
-+ const char * cc_other_type;
- krb5_error_code retval=0;
- krb5_creds ** cc_def_creds_arr = NULL;
- krb5_creds ** cc_other_creds_arr = NULL;
-- struct stat st_temp;
-
- cc_other = (krb5_ccache *) xcalloc(1, sizeof (krb5_ccache));
-
-@@ -663,19 +653,17 @@ krb5_error_code krb5_ccache_copy_restricted (context, cc_def, cc_other_tag,
- return retval;
- }
-
-- cc_def_name = krb5_cc_get_name(context, cc_def);
-- cc_other_name = krb5_cc_get_name(context, *cc_other);
-+ cc_other_type = krb5_cc_get_type(context, *cc_other);
-
-- if ( ! stat(cc_def_name, &st_temp)){
-- if((retval = krb5_get_nonexp_tkts(context,cc_def,&cc_def_creds_arr))){
-+ if (krb5_ccache_is_initialized(context, cc_def)) {
-+ retval = krb5_get_nonexp_tkts(context, cc_def, &cc_def_creds_arr);
-+ if (retval)
- return retval;
-- }
--
- }
-
-- if (!lstat( cc_other_name, &st_temp)) {
-+ if (!krb5_cc_support_switch(context, cc_other_type) &&
-+ krb5_ccache_name_is_initialized(context, cc_other_tag))
- return EINVAL;
-- }
-
- if (krb5_seteuid(0)||krb5_seteuid(target_uid)) {
- return errno;
-@@ -723,12 +711,10 @@ krb5_error_code krb5_ccache_filter (context, cc, prst)
- krb5_creds ** cc_creds_arr = NULL;
- const char * cc_name;
- krb5_boolean stored;
-- struct stat st_temp;
-
- cc_name = krb5_cc_get_name(context, cc);
-
-- if ( ! stat(cc_name, &st_temp)){
--
-+ if (krb5_ccache_is_initialized(context, cc)) {
- if (auth_debug) {
- fprintf(stderr,"putting cache %s through a filter for -z option\n", cc_name);
- }
-@@ -793,12 +779,8 @@ krb5_error_code krb5_find_princ_in_cache (context, cc, princ, found)
- {
- krb5_error_code retval;
- krb5_creds ** creds_list = NULL;
-- const char * cc_name;
-- struct stat st_temp;
-
-- cc_name = krb5_cc_get_name(context, cc);
--
-- if ( ! stat(cc_name, &st_temp)){
-+ if (krb5_ccache_is_initialized(context, cc)) {
- if ((retval = krb5_get_nonexp_tkts(context, cc, &creds_list))){
- return retval;
- }
-@@ -807,3 +789,41 @@ krb5_error_code krb5_find_princ_in_cache (context, cc, princ, found)
- *found = krb5_find_princ_in_cred_list(context, creds_list, princ);
- return 0;
- }
-+
-+extern krb5_boolean
-+krb5_ccache_name_is_initialized(krb5_context context, const char *cctag)
-+{
-+ krb5_error_code retval = 0;
-+ krb5_ccache cc;
-+ krb5_principal princ;
-+
-+ retval = krb5_cc_resolve(context, cctag, &cc);
-+ if (retval)
-+ return FALSE;
-+
-+ retval = krb5_cc_get_principal(context, cc, &princ);
-+ if (retval == 0)
-+ krb5_free_principal(context, princ);
-+ krb5_cc_close(context, cc);
-+
-+ return retval == 0;
-+}
-+
-+extern krb5_boolean
-+krb5_ccache_is_initialized(krb5_context context, krb5_ccache def_cc)
-+{
-+ krb5_error_code retval = 0;
-+ krb5_boolean result;
-+ char *def_cc_name;
-+
-+ if (def_cc == NULL)
-+ return FALSE;
-+
-+ retval = krb5_cc_get_full_name(context, def_cc, &def_cc_name);
-+ if (retval)
-+ return FALSE;
-+
-+ result = krb5_ccache_name_is_initialized(context, def_cc_name);
-+ krb5_free_string(context, def_cc_name);
-+ return result;
-+}
-diff --git a/src/clients/ksu/heuristic.c b/src/clients/ksu/heuristic.c
-index c7e691c..bfde451 100644
---- a/src/clients/ksu/heuristic.c
-+++ b/src/clients/ksu/heuristic.c
-@@ -404,12 +404,8 @@ krb5_error_code find_either_ticket (context, cc, client, end_server, found)
- krb5_principal kdc_server;
- krb5_error_code retval;
- krb5_boolean temp_found = FALSE;
-- const char * cc_source_name;
-- struct stat st_temp;
-
-- cc_source_name = krb5_cc_get_name(context, cc);
--
-- if ( ! stat(cc_source_name, &st_temp)){
-+ if (krb5_ccache_is_initialized(context, cc)) {
-
- retval = find_ticket(context, cc, client, end_server, &temp_found);
- if (retval)
-@@ -546,7 +542,6 @@ krb5_error_code get_best_princ_for_target(context, source_uid, target_uid,
- {
-
- princ_info princ_trials[10];
-- const char * cc_source_name;
- krb5_principal cc_def_princ = NULL;
- krb5_principal temp_client;
- krb5_principal target_client;
-@@ -558,7 +553,6 @@ krb5_error_code get_best_princ_for_target(context, source_uid, target_uid,
- struct stat tb;
- int count =0;
- int i;
-- struct stat st_temp;
-
- *path_out = 0;
-
-@@ -566,10 +560,7 @@ krb5_error_code get_best_princ_for_target(context, source_uid, target_uid,
- if (options->princ)
- return 0;
-
-- cc_source_name = krb5_cc_get_name(context, cc_source);
--
--
-- if (! stat(cc_source_name, &st_temp)) {
-+ if (krb5_ccache_is_initialized(context, cc_source)) {
- retval = krb5_cc_get_principal(context, cc_source, &cc_def_princ);
- if (retval)
- return retval;
-diff --git a/src/clients/ksu/ksu.h b/src/clients/ksu/ksu.h
-index f2c0811..2a63c21 100644
---- a/src/clients/ksu/ksu.h
-+++ b/src/clients/ksu/ksu.h
-@@ -141,6 +141,12 @@ extern krb5_error_code krb5_store_some_creds
- (krb5_context, krb5_ccache, krb5_creds **, krb5_creds **,
- krb5_principal, krb5_boolean *);
-
-+extern krb5_boolean krb5_ccache_name_is_initialized
-+(krb5_context, const char *);
-+
-+extern krb5_boolean krb5_ccache_is_initialized
-+(krb5_context, krb5_ccache);
-+
- extern krb5_error_code krb5_ccache_copy_restricted
- (krb5_context, krb5_ccache, char *, krb5_principal,
- krb5_ccache *, krb5_boolean *, uid_t);
-diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
-index 233eb52..e2ca06a 100644
---- a/src/clients/ksu/main.c
-+++ b/src/clients/ksu/main.c
-@@ -112,7 +112,6 @@ main (argc, argv)
- extern char * getpass(), *crypt();
- int pargc;
- char ** pargv;
-- struct stat st_temp;
- krb5_boolean stored = FALSE;
- krb5_principal kdc_server;
- krb5_boolean zero_password;
-@@ -265,9 +264,10 @@ main (argc, argv)
- if ( strchr(cc_source_tag, ':')){
- cc_source_tag_tmp = strchr(cc_source_tag, ':') + 1;
-
-- if( stat( cc_source_tag_tmp, &st_temp)){
-+ if (!krb5_ccache_name_is_initialized(ksu_context,
-+ cc_source_tag)) {
- com_err(prog_name, errno,
-- _("while looking for credentials file %s"),
-+ _("while looking for credentials cache %s"),
- cc_source_tag_tmp);
- exit (1);
- }
-@@ -432,7 +432,8 @@ main (argc, argv)
- (long) target_uid, gen_sym());
- cc_target_tag_tmp = strchr(cc_target_tag, ':') + 1;
-
-- }while ( !stat ( cc_target_tag_tmp, &st_temp));
-+ } while (krb5_ccache_name_is_initialized(ksu_context,
-+ cc_target_tag));
- }
-
-
-@@ -884,8 +885,6 @@ static void sweep_up(context, cc)
- krb5_ccache cc;
- {
- krb5_error_code retval;
-- const char * cc_name;
-- struct stat st_temp;
-
- krb5_seteuid(0);
- if (krb5_seteuid(target_uid) < 0) {
-@@ -894,9 +893,9 @@ static void sweep_up(context, cc)
- exit(1);
- }
-
-- cc_name = krb5_cc_get_name(context, cc);
-- if ( ! stat(cc_name, &st_temp)){
-- if ((retval = krb5_cc_destroy(context, cc)))
-+ if (krb5_ccache_is_initialized(context, cc)) {
-+ retval = krb5_cc_destroy(context, cc);
-+ if (retval)
- com_err(prog_name, retval, _("while destroying cache"));
- }
- }
---
-1.8.5.3
-
generated by cgit (git 2.34.1) at 2024-05-31 21:15:47 +0000