From: Theodore Tso Date: Mon, 6 May 1991 12:03:00 +0000 (+0000) Subject: Added code to match on 2nd tkt and tkt encryptred in a session key X-Git-Tag: krb5-1.0-alpha5~7 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=1a0f55e42e5dcc3f89b42eb9d82d7a6e53d66c9b;p=krb5.git Added code to match on 2nd tkt and tkt encryptred in a session key git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2096 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/krb/get_creds.c b/src/lib/krb5/krb/get_creds.c index de5eedc1d..9a28e801c 100644 --- a/src/lib/krb5/krb/get_creds.c +++ b/src/lib/krb5/krb/get_creds.c @@ -55,12 +55,20 @@ krb5_creds *creds; fields = KRB5_TC_MATCH_TIMES /*XXX |KRB5_TC_MATCH_SKEY_TYPE */ | KRB5_TC_MATCH_AUTHDATA; - switch(retval = krb5_cc_retrieve_cred(ccache, fields, &mcreds, creds)) { - case KRB5_CC_NOTFOUND: - break; - default: - return retval; + if (options & KRB5_GC_USER_USER) { + /* also match on identical 2nd tkt and tkt encrypted in a + session key */ + fields |= KRB5_TC_MATCH_2ND_TKT|KRB5_TC_MATCH_IS_SKEY; + mcreds.is_skey = TRUE; } + + retval = krb5_cc_retrieve_cred(ccache, fields, &mcreds, creds); + if (retval != KRB5_CC_NOTFOUND || options & KRB5_GC_CACHED) + return retval; + + if (options & KRB5_GC_USER_USER && !creds->second_ticket.length) + return KRB5_NO_2ND_TKT; + retval = krb5_get_cred_from_kdc(ccache, creds, &tgts); if (tgts) { register int i = 0; @@ -76,5 +84,4 @@ krb5_creds *creds; if (!retval) retval = krb5_cc_store_cred(ccache, creds); return retval; - }