[16302] in Kerberos-V5-bugs
[krbdev.mit.edu #8764] get_creds can add redundant cache entry for
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Wed May 22 12:42:47 2019
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: Greg Hudson via RT <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8764@krbdev.mit.edu>
Message-ID: <rt-8764-49440.7.05513934231782@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8764'":;
Date: Wed, 22 May 2019 12:42:31 -0400
MIME-Version: 1.0
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
https://github.com/krb5/krb5/pull/912#issuecomment-494860167
demonstrates another case where we can see a duplicate: when copying a
ccache containing a cred with the referral realm in the service
principal, krb5_cc_store_cred() will store a duplicate.
Since this ticket was filed, we implemented functioning remove_cred for
all ccache types, although the FILE implementation only hides the cred.
krb5_cc_store_cred() has a remove_cred call when storing the ticket
server cred (mistakenly left behind by commit
7783054742ddd807f7b2f7157d6ed81b7fb614eb) so the visible symptoms of
this issue are no longer present.
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
