On Mon, 5 Feb 2007 22:59:34 -0500
Michael B Allen <[EMAIL PROTECTED]> wrote:
> > If I simply remove the ccache = NULL line in
> > gsskrb5_accept_delegated_token the leak is gone, delegation works fine
> > and otherwise my application seems heathy.
>
> Correction, this breaks trying to initiate with the delegated
> cred. Apparently that ccache does need to hang around. I will investigate
> further ...
The following works for me but I find it hard to believe the code removed
isn't important.
$ diff -Naur copy_ccache.c.0 copy_ccache.c
--- copy_ccache.c.0 2007-02-05 23:09:58.000000000 -0500
+++ copy_ccache.c 2007-02-05 23:12:14.000000000 -0500
@@ -99,8 +99,6 @@
handle->usage = 0;
if (id) {
- char *str;
-
handle->usage |= GSS_C_INITIATE;
kret = krb5_cc_get_principal(gssapi_krb5_context, id,
@@ -137,14 +135,7 @@
return ret;
}
- kret = krb5_cc_get_full_name(gssapi_krb5_context, id, &str);
- if (kret)
- goto out;
-
- kret = krb5_cc_resolve(gssapi_krb5_context, str, &handle->ccache);
- free(str);
- if (kret)
- goto out;
+ handle->ccache = id;
}
--
Michael B Allen
PHP Active Directory SSO
http://www.ioplex.com/
