From bc2db93977370ba1935f2a3ca0cb2184b8c27a3a Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Tue, 20 Apr 2010 07:56:58 +0000 Subject: [PATCH] When setting up to get a TGT for the service realm in the TGS code, get the cached local TGT before setting up the realm path. Prior to this change, calling krb5_get_credentials() with an empty ccache would result in KRB5_CC_NOTFOUND for a foreign server principal, but would result in KRB5_NO_TKT_IN_REALM (generated by krb5_walk_realm_tree) for a local server principal. With this change, KRB5_CC_NOTFOUND is returned in both cases. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23909 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/krb/get_creds.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/lib/krb5/krb/get_creds.c b/src/lib/krb5/krb/get_creds.c index e28391790..36624af1f 100644 --- a/src/lib/krb5/krb/get_creds.c +++ b/src/lib/krb5/krb/get_creds.c @@ -941,11 +941,6 @@ begin_get_tgt(krb5_context context, krb5_tkt_creds_context ctx) return end_get_tgt(context, ctx); } - /* Initialize the realm path. */ - code = init_realm_path(context, ctx); - if (code != 0) - return code; - /* Start with the local tgt. */ krb5_free_creds(context, ctx->cur_tgt); ctx->cur_tgt = NULL; @@ -955,6 +950,11 @@ begin_get_tgt(krb5_context context, krb5_tkt_creds_context ctx) if (ctx->cur_tgt == NULL) return ctx->cache_code; + /* Initialize the realm path. */ + code = init_realm_path(context, ctx); + if (code != 0) + return code; + /* Empty out the realms-seen list for loop checking. */ krb5int_free_data_list(context, ctx->realms_seen); ctx->realms_seen = NULL; -- 2.26.2