[20149] in Kerberos_V5_Development
rcache question
daemon@ATHENA.MIT.EDU (Joakim Tjernlund)
Thu Aug 13 10:53:42 2020
From: Joakim Tjernlund <Joakim.Tjernlund@infinera.com>
To: "krbdev@mit.edu" <krbdev@mit.edu>
Date: Thu, 13 Aug 2020 12:45:50 +0000
Message-ID: <0a89ebdefcfb8db299811741171b3bfd762ccba3.camel@infinera.com>
Content-Language: en-US
Content-ID: <647557CBCC4164448052957E1FB8FB37@namprd10.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
I got this old module(mod_auth_kerb) that don't build with version >= 18.2 due to missing krb5_rc_resolve_full()
Looking at the kode I got:
static int
have_rcache_type(const char *type)
{
krb5_error_code ret;
krb5_context context;
krb5_rcache id = NULL;
int found;
ret = krb5_init_context(&context);
if (ret)
return 0;
ret = krb5_rc_resolve_full(context, &id, "none:");
found = (ret == 0);
if (ret == 0)
krb5_rc_destroy(context, id);
krb5_free_context(context);
return found;
}
and this is used like so:
/* Suppress the MIT replay cache. Requires MIT Kerberos 1.4.0 or later.
1.3.x are covered by the hack overiding the replay calls */
if (getenv("KRB5RCACHETYPE") == NULL && have_rcache_type("none"))
putenv(strdup("KRB5RCACHETYPE=none"));
Looking at the mit-krb5 code is seems to me that rcache type "none" always
returns true so I could just make :
have_rcache_type(const char *type) { return 1; }
Is that a correct assumption ?
Jocke
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
