[Bug 751] KRB5CCNAME set incorrectly in GSSAPI code

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Oct 31 07:22:47 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=751

           Summary: KRB5CCNAME set incorrectly in GSSAPI code
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Kerberos support
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: smichaud at pobox.com


This is something we missed when going over the GSSAPI code this August.

The code in ssh_gssapi_krb5_storecreds() in gss-serv-krb5.c doesn't set the
KRB5CCNAME environment variable correctly.  At present it includes only the
cache's "name".  But it should actually include both it's "type" and it's
"name", separated by a colon ':' -- e.g. "FILE:/tmp/krb5cc_100_Ao7629".  (Simon
Wilkinson's patches to 3.6.1p2 and previous versions did this correctly.)

I'll add a patch to fix the problem.  I made the code general enough to work
with other cache "types" -- e.g. API or MEMORY.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list