Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) Subject: Bug in gss_krb5_ccache_name X-RT-Original-Encoding: iso-8859-1 Content-Length: 1590 Date: Tue, 04 Feb 2003 10:13:07 -0600 From: "Paul W. Nelson" It appears that gss_krb5_ccache_name should return a previous cache name when the caller passes a non-null out_name. The code attempts to do this, but it returns a pointer to the cache name storage and not a copy, so when the name gets set by the call to krb5_cc_set_default_name, the name that is returned in out_name gets set to the new name and not the old name. This is in the 1.2.7 source. Perhaps if (out_name) *out_name = krb5_cc_default_name(context); Should be replaced with if (out_name) { const char * old_ccache = krb5_cc_default_name(context); *out_name = old_ccache ? strdup( old_ccache ) : NULL; } Unfortunately, this call is used in kadm5/clnt/client_init.c, where that code already does a strdup on the returned old name... Original 1.2.7 code in src/lib/gssapi/krb5/set_ccache.c: GSS_DLLIMP OM_uint32 KRB5_CALLCONV gss_krb5_ccache_name(minor_status, name, out_name) OM_uint32 *minor_status; const char *name; const char **out_name; { krb5_context context; krb5_error_code retval; OM_uint32 foo_stat; if (GSS_ERROR(kg_get_context(minor_status, &context))) return (GSS_S_FAILURE); if (out_name) *out_name = krb5_cc_default_name(context); retval = krb5_cc_set_default_name(context, name); if (retval) { *minor_status = retval; return GSS_S_FAILURE; } kg_release_defcred(&foo_stat); return GSS_S_COMPLETE; } -- Paul W. Nelson Thursby Software Systems, Inc.