From 913bd4332123929909553ba7271c767606e8f1c7 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 14 Mar 2016 11:06:49 -0400
Subject: [PATCH] Don't fall back to master on password read error

If a password or other prompted value cannot be read, retrying with
the master KDC is confusing because it prompts again for the same
input.

ticket: 8381 (new)
---
 src/lib/krb5/krb/gic_pwd.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c
index e95673fe47..55aa9d6e88 100644
--- a/src/lib/krb5/krb/gic_pwd.c
+++ b/src/lib/krb5/krb/gic_pwd.c
@@ -326,9 +326,8 @@ krb5_get_init_creds_password(krb5_context context,
     /* If all the kdc's are unavailable, or if the error was due to a
        user interrupt, fail */
 
-    if ((ret == KRB5_KDC_UNREACH) ||
-        (ret == KRB5_LIBOS_PWDINTR) ||
-        (ret == KRB5_REALM_CANT_RESOLVE))
+    if (ret == KRB5_KDC_UNREACH || ret == KRB5_REALM_CANT_RESOLVE ||
+        ret == KRB5_LIBOS_PWDINTR || ret == KRB5_LIBOS_CANTREADPWD)
         goto cleanup;
 
     /* if the reply did not come from the master kdc, try again with
-- 
2.47.2