git.ipfire.org Git - thirdparty/krb5.git/commit

author	Nalin Dahyabhai <nalin@dahyabhai.net>
	Thu, 31 Oct 2013 01:45:35 +0000 (21:45 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Fri, 8 Aug 2014 17:02:35 +0000 (13:02 -0400)
commit	dccc80a469b1925fcfe7697406a69912efe4baa1
tree	6c44e894df9b14879d10d2e044fb8000b09a472b	tree
parent	9ebae7cb434b9b177c0af85c67a6d6267f46bc68	commit \| diff

Use an intermediate memory cache in ksu

Instead of copying source or obtained creds into the target cache and
changing ownership if everything succeeds, copy them into a MEMORY:
cache and then, if everything succeeds, create the target cache as the
target user.

We no longer need to clean up the temporary ccache when exiting in
most error cases.

Use a fake principal name ("_ksu/_ksu@_ksu") as the primary holder of
the temporary cache so that we won't accidentally select it when we
make a subsequent call to krb5_cc_cache_match() (to be added in a
later patch) to find the target location where the creds should be
stored for use while running as the target user.

src/clients/ksu/ccache.c		diff \| blob \| blame \| history
src/clients/ksu/ksu.h		diff \| blob \| blame \| history
src/clients/ksu/main.c		diff \| blob \| blame \| history