structure. [krb5-libs/370]
* accept_sec_context.c (krb5_gss_accept_sec_context): Actually set
an rcache in auth context from the one saved in the creds
structure. [krb5-libs/370]
* acquire_cred.c (acquire_accept_cred): Set up an rcache for use
later. [krb5-libs/370]
* delete_sec_context.c (krb5_gss_delete_sec_context): Don't delete
the rcache when freeing the auth_context. [krb5-libs/370]
* rel_cred.c (krb5_gss_release_cred): Properly close the
rcache. [krb5-libs/370]
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10371
dc483132-0cff-0310-8789-
dd5450dbe970
+Wed Jan 21 19:14:09 1998 Tom Yu <tlyu@mit.edu>
+
+ * gssapiP_krb5.h: Add rcache member to the creds
+ structure. [krb5-libs/370]
+
+ * accept_sec_context.c (krb5_gss_accept_sec_context): Actually set
+ an rcache in auth context from the one saved in the creds
+ structure. [krb5-libs/370]
+
+ * acquire_cred.c (acquire_accept_cred): Set up an rcache for use
+ later. [krb5-libs/370]
+
+ * delete_sec_context.c (krb5_gss_delete_sec_context): Don't delete
+ the rcache when freeing the auth_context. [krb5-libs/370]
+
+ * rel_cred.c (krb5_gss_release_cred): Properly close the
+ rcache. [krb5-libs/370]
+
Mon Dec 29 10:30:43 1997 Ezra Peisach <epeisach@kangaroo.mit.edu>
* Makefile.in (OBJS): Changed val_cred.$(OBJECT) to
/* decode the message */
+ if ((code = krb5_auth_con_init(context, &auth_context))) {
+ *minor_status = code;
+ return(GSS_S_FAILURE);
+ }
+ if ((code = krb5_auth_con_setrcache(context, auth_context, cred->rcache))) {
+ *minor_status = code;
+ return(GSS_S_FAILURE);
+ }
if ((code = krb5_rd_req(context, &auth_context, &ap_req, cred->princ,
cred->keytab, NULL, &ticket)))
goto fail;
/* hooray. we made it */
cred->keytab = kt;
+
+ /* Open the replay cache for this principal. */
+ if ((code = krb5_get_server_rcache(context,
+ krb5_princ_component(context, princ, 0),
+ &cred->rcache))) {
+ *minor_status = code;
+ return(GSS_S_FAILURE);
+ }
+
return(GSS_S_COMPLETE);
}
if (ctx->subkey)
krb5_free_keyblock(context, ctx->subkey);
- if (ctx->auth_context)
+ if (ctx->auth_context) {
+ (void)krb5_auth_con_setrcache(context, ctx->auth_context, NULL);
krb5_auth_con_free(context, ctx->auth_context);
+ }
if (ctx->mech_used)
gss_release_oid(minor_status, &ctx->mech_used);
/* ccache (init) data */
krb5_ccache ccache;
krb5_timestamp tgt_expire;
+ krb5_rcache rcache;
} krb5_gss_cred_id_rec, *krb5_gss_cred_id_t;
typedef struct _krb5_gss_enc_desc {
{
krb5_context context;
krb5_gss_cred_id_t cred;
- krb5_error_code code1, code2;
+ krb5_error_code code1, code2, code3;
if (GSS_ERROR(kg_get_context(minor_status, &context)))
return(GSS_S_FAILURE);
else
code2 = 0;
+ if (cred->rcache)
+ code3 = krb5_rc_close(context, cred->rcache);
+ else
+ code3 = 0;
if (cred->princ)
krb5_free_principal(context, cred->princ);
xfree(cred);
*minor_status = code1;
if (code2)
*minor_status = code2;
+ if (code3)
+ *minor_status = code3;
return(*minor_status?GSS_S_FAILURE:GSS_S_COMPLETE);
}