From: Alexandra Ellwood <lxs@mit.edu>
Date: Wed, 10 Oct 2007 21:17:05 +0000 (+0000)
Subject: cc_ccache_store_credentials should return ccErrBadCredentialsVersion
X-Git-Tag: krb5-1.7-alpha1~808
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=a3fd400857a392bba3cad91e75fbbfbed3372ded;p=krb5.git

cc_ccache_store_credentials should return ccErrBadCredentialsVersion

cc_ccache_store_credentials should return ccErrBadCredentialsVersion when
the principal for that version is not set on the ccache.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20114 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/ccapi/server/ccs_ccache.c b/src/ccapi/server/ccs_ccache.c
index b3ac5d64e..40b652de7 100644
--- a/src/ccapi/server/ccs_ccache.c
+++ b/src/ccapi/server/ccs_ccache.c
@@ -687,6 +687,7 @@ static cc_int32 ccs_ccache_store_credentials (ccs_ccache_t           io_ccache,
     
     if (!err) {
         err = ccs_credentials_new (&credentials, in_request_data, 
+                                   io_ccache->creds_version, 
                                    io_ccache->credentials);
     }
     
diff --git a/src/ccapi/server/ccs_credentials.c b/src/ccapi/server/ccs_credentials.c
index f30479946..04c8e21b5 100644
--- a/src/ccapi/server/ccs_credentials.c
+++ b/src/ccapi/server/ccs_credentials.c
@@ -37,6 +37,7 @@ struct ccs_credentials_d ccs_credentials_initializer = { NULL, NULL };
 
 cc_int32 ccs_credentials_new (ccs_credentials_t      *out_credentials,
                               cci_stream_t            in_stream,
+                              cc_uint32               in_ccache_version,
                               ccs_credentials_list_t  io_credentials_list)
 {
     cc_int32 err = ccNoError;
@@ -58,6 +59,11 @@ cc_int32 ccs_credentials_new (ccs_credentials_t      *out_credentials,
         err = cci_cred_union_read (&credentials->cred_union, in_stream);
     }
     
+    if (!err && !(credentials->cred_union->version & in_ccache_version)) {
+        /* ccache does not have a principal set for this credentials version */
+        err = cci_check_error (ccErrBadCredentialsVersion);
+    }
+    
     if (!err) {
         err = ccs_server_new_identifier (&credentials->identifier);
     }
diff --git a/src/ccapi/server/ccs_credentials.h b/src/ccapi/server/ccs_credentials.h
index e0a08fb9c..b9219aa40 100644
--- a/src/ccapi/server/ccs_credentials.h
+++ b/src/ccapi/server/ccs_credentials.h
@@ -32,6 +32,7 @@
 
 cc_int32 ccs_credentials_new (ccs_credentials_t      *out_credentials,
                               cci_stream_t            in_stream,
+                              cc_uint32               in_ccache_version,
                               ccs_credentials_list_t  io_credentials_list);
 
 cc_int32 ccs_credentials_release (ccs_credentials_t io_credentials);