aboutsummaryrefslogtreecommitdiffstats
path: root/lib/gssapi/krb5/creds.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gssapi/krb5/creds.c')
-rw-r--r--lib/gssapi/krb5/creds.c29
1 files changed, 26 insertions, 3 deletions
diff --git a/lib/gssapi/krb5/creds.c b/lib/gssapi/krb5/creds.c
index fa45d19b9812..1cc3ac848ad0 100644
--- a/lib/gssapi/krb5/creds.c
+++ b/lib/gssapi/krb5/creds.c
@@ -62,6 +62,9 @@ _gsskrb5_export_cred(OM_uint32 *minor_status,
type = krb5_cc_get_type(context, handle->ccache);
if (strcmp(type, "MEMORY") == 0) {
krb5_creds *creds;
+ krb5_data config_start_realm;
+ char *start_realm;
+
ret = krb5_store_uint32(sp, 0);
if (ret) {
krb5_storage_free(sp);
@@ -69,9 +72,25 @@ _gsskrb5_export_cred(OM_uint32 *minor_status,
return GSS_S_FAILURE;
}
- ret = _krb5_get_krbtgt(context, handle->ccache,
- handle->principal->realm,
- &creds);
+ ret = krb5_cc_get_config(context, handle->ccache, NULL, "start_realm",
+ &config_start_realm);
+ if (ret == 0) {
+ start_realm = strndup(config_start_realm.data,
+ config_start_realm.length);
+ krb5_data_free(&config_start_realm);
+ } else {
+ start_realm = strdup(krb5_principal_get_realm(context,
+ handle->principal));
+ }
+ if (start_realm == NULL) {
+ *minor_status = krb5_enomem(context);
+ krb5_storage_free(sp);
+ return GSS_S_FAILURE;
+ }
+
+ ret = _krb5_get_krbtgt(context, handle->ccache, start_realm, &creds);
+ free(start_realm);
+ start_realm = NULL;
if (ret) {
krb5_storage_free(sp);
*minor_status = ret;
@@ -210,6 +229,10 @@ _gsskrb5_import_cred(OM_uint32 * minor_status,
ret = krb5_cc_store_cred(context, id, &creds);
krb5_free_cred_contents(context, &creds);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
flags |= GSS_CF_DESTROY_CRED_ON_RELEASE;