[Heimdal-source-changes] [heimdal/heimdal] 94119d: Delay KRB5_KTNAME lookup until keytab resolution.
GitHub
noreply at github.com
Sat Feb 7 05:16:30 CET 2015
Branch: refs/heads/heimdal-1-6-branch
Home: https://github.com/heimdal/heimdal
Commit: 94119d2b1b4098e84c2a4e822b1c6cfc8488b61b
https://github.com/heimdal/heimdal/commit/94119d2b1b4098e84c2a4e822b1c6cfc8488b61b
Author: Viktor Dukhovni <viktor at twosigma.com>
Date: 2015-02-06 (Fri, 06 Feb 2015)
Changed paths:
M lib/krb5/context.c
M lib/krb5/keytab.c
Log Message:
-----------
Delay KRB5_KTNAME lookup until keytab resolution.
Previously getenv("KRB5_KTNAME") happened in
init_context_from_config_file()
which would capture the environment value as an override without
using strdup() to get a private copy, so it would get trashed in
applications that dynamically update the environment (e.g. Perl
code that has a tied %ENV).
The patch delays getenv("KRB5_KTNAME") until the context's value
of default_keytab is actually needed, and the environment can preempt
the context's default at that time.
[ Do we need to worry about issuid() being true initially when the
context is created, but not later, because the application changes
both the real and effective uid? If so the issuid() state should
be saved when the context is created and the saved value queried. ]
More information about the Heimdal-source-changes
mailing list