Don't request addresses when

author Sam Hartman <hartmans@mit.edu>

Wed, 11 Sep 2002 20:50:59 +0000 (20:50 +0000)

committer Sam Hartman <hartmans@mit.edu>

Wed, 11 Sep 2002 20:50:59 +0000 (20:50 +0000)
author Sam Hartman <hartmans@mit.edu>
Wed, 11 Sep 2002 20:50:59 +0000 (20:50 +0000)
committer Sam Hartman <hartmans@mit.edu>
Wed, 11 Sep 2002 20:50:59 +0000 (20:50 +0000)
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog

index 479378d599382d0b21301ddb09f2f415b49f6d6a..14b02e6bb05512a2598df483813445ad4b8aaa42 100644 (file)
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,9 @@
+2002-09-11  Sam Hartman  <hartmans@mit.edu>
+
+       * fwd_tgt.c (krb5_fwd_tgt_creds):  If our initial tickets don't
+       have addresses, neither should forwarded tickets.  Also, noticed
+       that cc was being used before initialized in some cases; fixed.
+
  2002-09-02  Ken Raeburn  <raeburn@mit.edu>
  
         * addr_comp.c, addr_order.c, addr_srch.c, appdefault.c,
diff --git a/src/lib/krb5/krb/fwd_tgt.c b/src/lib/krb5/krb/fwd_tgt.c

index d589144b82f186dc8fbeccc5b9ff4bc54c9518e3..f8818d4fbddee45b3f1a9216dbedf4ed9d33f051 100644 (file)
--- a/src/lib/krb5/krb/fwd_tgt.c
+++ b/src/lib/krb5/krb/fwd_tgt.c
@@ -47,7 +47,7 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r
  {
      krb5_replay_data replaydata;
      krb5_data * scratch = 0;
-    krb5_address **addrs = 0;
+    krb5_address **addrs = NULL;
      krb5_error_code retval;
      krb5_creds creds, tgt;
      krb5_creds *pcreds;
@@ -74,6 +74,11 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r
         memcpy(rhost, server->data[1].data, server->data[1].length);
         rhost[server->data[1].length] = '\0';
      }
+    if (cc == 0) {
+      if ((retval = krb5int_cc_default(context, &cc)))
+       goto errout;
+      close_cc = 1;
+    }
      retval = krb5_auth_con_getkey (context, auth_context, &session_key);
      if (retval)
        goto errout;
@@ -103,10 +108,6 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r
      punt:
         krb5_free_cred_contents (context, &in);
      }
-    
-    retval = krb5_os_hostaddr(context, rhost, &addrs);
-    if (retval)
-       goto errout;
  
      if ((retval = krb5_copy_principal(context, client, &creds.client)))
         goto errout;
@@ -121,12 +122,6 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r
                                            0)))
         goto errout;
         
-    if (cc == 0) {
-       if ((retval = krb5int_cc_default(context, &cc)))
-           goto errout;
-       close_cc = 1;
-    }
-
      /* fetch tgt directly from cache */
      retval = krb5_cc_retrieve_cred (context, cc, KRB5_TC_SUPPORTED_KTYPES,
                                     &creds, &tgt);
@@ -144,6 +139,12 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char *r
         goto errout;
      }
      
+    if (tgt.addresses && *tgt.addresses) {
+       retval = krb5_os_hostaddr(context, rhost, &addrs);
+       if (retval)
+           goto errout;
+    }
+    
      creds.keyblock.enctype = enctype;
      creds.times = tgt.times;
      creds.times.starttime = 0;
author	Sam Hartman <hartmans@mit.edu>
	Wed, 11 Sep 2002 20:50:59 +0000 (20:50 +0000)
committer	Sam Hartman <hartmans@mit.edu>
	Wed, 11 Sep 2002 20:50:59 +0000 (20:50 +0000)
src/lib/krb5/krb/ChangeLog		patch \| blob \| history
src/lib/krb5/krb/fwd_tgt.c		patch \| blob \| history