projects
/
mod_auth_kerb.cvs
/
.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
34a1021
)
Detect if the "none" replay cache type is supported before enforcing its use
author
kouril
<kouril>
Thu, 24 Aug 2006 10:48:38 +0000
(10:48 +0000)
committer
kouril
<kouril>
Thu, 24 Aug 2006 10:48:38 +0000
(10:48 +0000)
src/mod_auth_kerb.c
patch
|
blob
|
history
diff --git
a/src/mod_auth_kerb.c
b/src/mod_auth_kerb.c
index
0d5c1a2
..
4784fe7
100644
(file)
--- a/
src/mod_auth_kerb.c
+++ b/
src/mod_auth_kerb.c
@@
-1546,6
+1546,26
@@
kerb_authenticate_user(request_rec *r)
return ret;
}
return ret;
}
+int
+have_rcache_type(const char *type)
+{
+ krb5_error_code ret;
+ krb5_rcache id;
+ int found;
+
+ memset(&id, 0, sizeof(id));
+
+ ret = krb5_init_context(&context);
+ if (ret)
+ return 0;
+
+ ret = krb5_rc_resolve_type(context, id, type);
+ found = (ret == 0);
+
+ krb5_free_context(context);
+
+ return found;
+}
/***************************************************************************
Module Setup/Configuration
/***************************************************************************
Module Setup/Configuration
@@
-1557,7
+1577,7
@@
kerb_module_init(server_rec *dummy, pool *p)
#ifndef HEIMDAL
/* Suppress the MIT replay cache. Requires MIT Kerberos 1.4.0 or later.
1.3.x are covered by the hack overiding the replay calls */
#ifndef HEIMDAL
/* Suppress the MIT replay cache. Requires MIT Kerberos 1.4.0 or later.
1.3.x are covered by the hack overiding the replay calls */
- if (getenv("KRB5RCACHETYPE") == NULL)
+ if (getenv("KRB5RCACHETYPE") == NULL
&& have_rcache_type("none")
)
putenv(strdup("KRB5RCACHETYPE=none"));
#endif
}
putenv(strdup("KRB5RCACHETYPE=none"));
#endif
}
@@
-1598,7
+1618,7
@@
kerb_init_handler(apr_pool_t *p, apr_pool_t *plog,
#ifndef HEIMDAL
/* Suppress the MIT replay cache. Requires MIT Kerberos 1.4.0 or later.
1.3.x are covered by the hack overiding the replay calls */
#ifndef HEIMDAL
/* Suppress the MIT replay cache. Requires MIT Kerberos 1.4.0 or later.
1.3.x are covered by the hack overiding the replay calls */
- if (getenv("KRB5RCACHETYPE") == NULL)
+ if (getenv("KRB5RCACHETYPE") == NULL
&& have_rcache_type("none")
)
putenv(strdup("KRB5RCACHETYPE=none"));
#endif
putenv(strdup("KRB5RCACHETYPE=none"));
#endif