diff options
Diffstat (limited to '0003-Learn-to-destroy-the-ccache-we-re-copying-from.patch')
-rw-r--r-- | 0003-Learn-to-destroy-the-ccache-we-re-copying-from.patch | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/0003-Learn-to-destroy-the-ccache-we-re-copying-from.patch b/0003-Learn-to-destroy-the-ccache-we-re-copying-from.patch new file mode 100644 index 0000000..ae96369 --- /dev/null +++ b/0003-Learn-to-destroy-the-ccache-we-re-copying-from.patch @@ -0,0 +1,95 @@ +From 85ac175a62fcd629592c049f2318fff79949884b Mon Sep 17 00:00:00 2001 +From: Nalin Dahyabhai <nalin@redhat.com> +Date: Thu, 31 Oct 2013 15:43:49 -0400 +Subject: [PATCH 3/6] Learn to destroy the ccache we're copying from + +Add a flag to krb5_ccache_copy() which will instruct it to destroy a +source ccache after reading its contents. Using this when we copy the +creds from a MEMORY cache to somewhere else is necessary to avoid having +a subsequent call to krb5_cc_cache_match() select the MEMORY cache when +we're trying to have it search a different location by default. +--- + src/clients/ksu/ccache.c | 10 +++++++++- + src/clients/ksu/ksu.h | 2 +- + src/clients/ksu/main.c | 5 +++-- + 3 files changed, 13 insertions(+), 4 deletions(-) + +diff --git a/src/clients/ksu/ccache.c b/src/clients/ksu/ccache.c +index 7917af2..90ba2f2 100644 +--- a/src/clients/ksu/ccache.c ++++ b/src/clients/ksu/ccache.c +@@ -47,12 +47,14 @@ void show_credential(); + */ + + krb5_error_code krb5_ccache_copy (context, cc_def, cc_other_tag, +- primary_principal, cc_out, stored, target_uid) ++ primary_principal, destroy_def, ++ cc_out, stored, target_uid) + /* IN */ + krb5_context context; + krb5_ccache cc_def; + char *cc_other_tag; + krb5_principal primary_principal; ++ krb5_boolean destroy_def; + uid_t target_uid; + /* OUT */ + krb5_ccache *cc_out; +@@ -80,6 +82,12 @@ krb5_error_code krb5_ccache_copy (context, cc_def, cc_other_tag, + } + } + ++ if (destroy_def) { ++ retval = krb5_cc_destroy(context, cc_def); ++ if (retval) ++ return retval; ++ } ++ + *stored = krb5_find_princ_in_cred_list(context, cc_def_creds_arr, + primary_principal); + +diff --git a/src/clients/ksu/ksu.h b/src/clients/ksu/ksu.h +index 1d102a1..a889fb9 100644 +--- a/src/clients/ksu/ksu.h ++++ b/src/clients/ksu/ksu.h +@@ -108,7 +108,7 @@ extern krb5_error_code get_best_principal + /* ccache.c */ + extern krb5_error_code krb5_ccache_copy + (krb5_context, krb5_ccache, char *, krb5_principal, +- krb5_ccache *, krb5_boolean *, uid_t); ++ krb5_boolean, krb5_ccache *, krb5_boolean *, uid_t); + + extern krb5_error_code krb5_store_all_creds + (krb5_context, krb5_ccache, krb5_creds **, krb5_creds **); +diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c +index fa86c78..7497a2b 100644 +--- a/src/clients/ksu/main.c ++++ b/src/clients/ksu/main.c +@@ -28,6 +28,7 @@ + + #include "ksu.h" + #include "adm_proto.h" ++#include "../../lib/krb5/os/os-proto.h" + #include <sys/types.h> + #include <sys/wait.h> + #include <signal.h> +@@ -481,7 +482,7 @@ main (argc, argv) + } else { + + retval = krb5_ccache_copy(ksu_context, cc_source, KRB5_TEMPORARY_CACHE, +- client, &cc_tmp, &stored, 0); ++ client, FALSE, &cc_tmp, &stored, 0); + if (retval) { + com_err(prog_name, retval, _("while copying cache %s to %s"), + krb5_cc_get_name(ksu_context, cc_source), +@@ -758,7 +759,7 @@ main (argc, argv) + } + + retval = krb5_ccache_copy(ksu_context, cc_tmp, cc_target_tag, +- client, &cc_target, &stored, ++ client, TRUE, &cc_target, &stored, + target_pwd->pw_uid); + if (retval) { + com_err(prog_name, retval, _("while copying cache %s to %s"), +-- +1.8.5.3 + |