From d280888e38ef7c3e9fdccf6329db9a8fd7f3290e Mon Sep 17 00:00:00 2001 From: Sam Hartman <hartmans@mit.edu> Date: Wed, 28 Sep 2011 20:54:45 +0000 Subject: [PATCH] If the KRB5CCNAME variable gets set to the empty string there will be no credential cache and the automatic credential cache detection will be skipped. Ensure that the KRB5CCNAME variable is not set to an empty string by us. If it was set to the empty string by someone else, unset it. Patch by Jeffrey Altman. From: Alexey Melnikov <alexey.melnikov@isode.com> leashw32: do not set KRB5CCNAME to empty string git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25249 dc483132-0cff-0310-8789-dd5450dbe970 --- src/windows/leashdll/lshfunc.c | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/src/windows/leashdll/lshfunc.c b/src/windows/leashdll/lshfunc.c index 26a0261b2..a9c7c0d4c 100644 --- a/src/windows/leashdll/lshfunc.c +++ b/src/windows/leashdll/lshfunc.c @@ -3484,8 +3484,9 @@ acquire_tkt_no_princ(krb5_context context, char * ccname, int cclen) SetLastError(0); GetEnvironmentVariable("KRB5CCNAME", ccachename, sizeof(ccachename)); gle = GetLastError(); - if ( (gle == ERROR_ENVVAR_NOT_FOUND) && context ) { - SetEnvironmentVariable("KRB5CCNAME", pkrb5_cc_default_name(ctx)); + if ( ((gle == ERROR_ENVVAR_NOT_FOUND) || !ccachename[0]) && context ) { + char * ccdef = pkrb5_cc_default_name(ctx); + SetEnvironmentVariable("KRB5CCNAME", ccdef ? ccdef : NULL); GetEnvironmentVariable("KRB5CCNAME", ccachename, sizeof(ccachename)); } @@ -3562,15 +3563,19 @@ acquire_tkt_no_princ(krb5_context context, char * ccname, int cclen) if ( prompt && ticketinfo.btickets != GOOD_TICKETS ) { acquire_tkt_send_msg(ctx, NULL, ccachename, NULL, ccname, cclen); + /* + * If the ticket manager returned an alternative credential cache + * remember it as the default for this process. + */ + if ( ccname && ccname[0] && strcmp(ccachename,ccname) ) { + SetEnvironmentVariable("KRB5CCNAME",ccname); + } + } else if (ccachename[0] && ccname) { strncpy(ccname, ccachename, cclen); ccname[cclen-1] = '\0'; } - if ( ccname && ccname[0] && strcmp(ccachename,ccname) ) { - SetEnvironmentVariable("KRB5CCNAME",ccname); - } - if ( !context ) pkrb5_free_context(ctx); } @@ -3598,8 +3603,9 @@ acquire_tkt_for_princ(krb5_context context, krb5_principal desiredPrincipal, SetLastError(0); GetEnvironmentVariable("KRB5CCNAME", ccachename, sizeof(ccachename)); gle = GetLastError(); - if ( (gle == ERROR_ENVVAR_NOT_FOUND) && context ) { - SetEnvironmentVariable("KRB5CCNAME", pkrb5_cc_default_name(ctx)); + if ( ((gle == ERROR_ENVVAR_NOT_FOUND) || !ccachename[0]) && context ) { + char * ccdef = pkrb5_cc_default_name(ctx); + SetEnvironmentVariable("KRB5CCNAME", ccdef ? ccdef : NULL); GetEnvironmentVariable("KRB5CCNAME", ccachename, sizeof(ccachename)); } @@ -3658,17 +3664,19 @@ acquire_tkt_for_princ(krb5_context context, krb5_principal desiredPrincipal, if (prompt) { if (ticketinfo.btickets != GOOD_TICKETS || strcmp(name,ticketinfo.principal)) { acquire_tkt_send_msg(ctx, NULL, ccachename, desiredPrincipal, ccname, cclen); + /* + * If the ticket manager returned an alternative credential cache + * remember it as the default for this process. + */ + if ( ccname && ccname[0] && strcmp(ccachename,ccname) ) { + SetEnvironmentVariable("KRB5CCNAME",ccname); + } } else if (ccachename[0] && ccname) { strncpy(ccname, ccachename, cclen); ccname[cclen-1] = '\0'; } } - if ( ccname && ccname[0] && strcmp(ccachename,ccname) ) { - SetEnvironmentVariable("KRB5CCNAME",ccname); - } - - if (name) pkrb5_free_unparsed_name(ctx, name); -- 2.26.2