krb5_cc_store_cred(krb5_context context, krb5_ccache cache,
krb5_creds *creds)
{
- krb5_error_code ret;
- krb5_ticket *tkt;
- krb5_principal s1, s2;
-
TRACE_CC_STORE(context, cache, creds);
- ret = cache->ops->store(context, cache, creds);
- if (ret) return ret;
-
- /*
- * If creds->server and the server in the decoded ticket differ,
- * store both principals.
- */
- s1 = creds->server;
- ret = decode_krb5_ticket(&creds->ticket, &tkt);
- /* Bail out on errors in case someone is storing a non-ticket. */
- if (ret) return 0;
- s2 = tkt->server;
- if (!krb5_principal_compare(context, s1, s2)) {
- creds->server = s2;
- TRACE_CC_STORE_TKT(context, cache, creds);
- /* remove any dups */
- krb5_cc_remove_cred(context, cache, KRB5_TC_MATCH_AUTHDATA, creds);
- ret = cache->ops->store(context, cache, creds);
- creds->server = s1;
- }
- krb5_free_ticket(context, tkt);
- return ret;
+ return cache->ops->store(context, cache, creds);
}
krb5_error_code KRB5_CALLCONV
shutil.copyfile(savefile, realm.ccache)
realm.run(['./gcred', nametype, 'a/x.d@'])
out = realm.run([klist]).split('\n')
- if len(out) != 9:
+ if len(out) != 8:
fail('unexpected number of lines in klist output')
- if out[5].split()[4] != 'a/x.d@' or out[7].split()[4] != 'a/x.d@REFREALM':
+ if out[5].split()[4] != 'a/x.d@' or out[6].split()[2] != 'a/x.d@REFREALM':
fail('unexpected service principals in klist output')
# Get credentials and check that we get an error, not a referral.
projects / thirdparty / krb5.git / commitdiff
