git.ipfire.org Git - thirdparty/krb5.git/commit

author	Robbie Harwood <rharwood@redhat.com>
	Mon, 1 Apr 2019 18:28:48 +0000 (14:28 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Wed, 10 Apr 2019 21:54:09 +0000 (17:54 -0400)
commit	d3b39a8bac6206b5ea78b0bf6a2958c1df0b0dd5
tree	a4325155cb23bc9b003aafa18080d8b137985201	tree
parent	f4f51a25dd38601357e2f64b17b51eb23f45a53e	commit \| diff

Implement krb5_cc_remove_cred for remaining types

Previously, only KCM and MSLA implemented credential removal. Add
support for FILE (and therefore DIR), MEMORY, and KEYRING.

The FILE logic is similar Heimdal's implementation, with additional
logic for skipping removed creds during iteration. In addition to
setting endtime to 0 and changing the realm for config entries as
Heimdal does, we set authtime to -1 to make deleted entries
distinguishable from gssproxy encrypted creds and config entries.

For MEMORY, leave behind empty list elements when removing a cred will
leave behind an empty list element, in case an iterator holds a
pointer to that element.

[ghudson@mit.edu: edited commit message; made minor style and comment
changes; fixed memory leaks detected by asan]

ticket: 8792 (new)

src/lib/krb5/ccache/cc_file.c		diff \| blob \| blame \| history
src/lib/krb5/ccache/cc_keyring.c		diff \| blob \| blame \| history
src/lib/krb5/ccache/cc_memory.c		diff \| blob \| blame \| history
src/lib/krb5/ccache/t_cc.c		diff \| blob \| blame \| history