Skip Menu |
 

Subject: Using referrals fills the the credentials cache more entries of the same name
Using referrals fills the the credentials cache more entries of the same name

Vendor's priority - Other Bug
Vendor's patch - LHA-6292632-remove-dups-before-storing-new-entries
Including the patch
diff -Nur -x '*~' -x '*.orig' -x '*.rej' -x '*.pbxbtree' -x '*.pbxindex' -x lha.mode1v3 -x lha.mode2v3 -x lha.pbxuser -x windows -x .DS_Store Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/lib/krb5/ccache/ccfns.c Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/lib/krb5/ccache/ccfns.c
--- Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/lib/krb5/ccache/ccfns.c 2008-11-24 21:29:39.000000000 -0800
+++ Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/lib/krb5/ccache/ccfns.c 2008-11-24 21:51:32.000000000 -0800
@@ -68,6 +68,9 @@
krb5_error_code ret;
krb5_ticket *tkt;
krb5_principal s1, s2;
+
+ /* remove any dups */
+ krb5_cc_remove_cred(context, cache, 0, creds);

ret = cache->ops->store(context, cache, creds);
if (ret) return ret;
@@ -83,6 +86,8 @@
s2 = tkt->server;
if (!krb5_principal_compare(context, s1, s2)) {
creds->server = s2;
+ /* remove any dups */
+ krb5_cc_remove_cred(context, cache, 0, creds);
ret = cache->ops->store(context, cache, creds);
creds->server = s1;
}
From: tsitkova@mit.edu
Subject: SVN Commit

When storing info into cred cache, remove any dups.

https://github.com/krb5/krb5/commit/e4040340176779c57b3b0322a8654efde7850cd1
Commit By: tsitkova



Revision: 21292
Changed Files:
U trunk/src/lib/krb5/ccache/ccfns.c
you're aware that this doesn't work for credential caches that doesn't support deletions (like the
mit FILE cred cache if i remember correctly).