[3129] in Kerberos-V5-bugs
krb5-appl/766: destroy tickets option
daemon@ATHENA.MIT.EDU (donn@u.washington.edu)
Tue Oct 5 20:02:34 1999
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, donn@u.washington.edu
Message-Id: <199910060001.RAA22680@saul8.u.washington.edu>
Date: Tue, 5 Oct 1999 17:01:00 -0700 (PDT)
From: donn@u.washington.edu
Reply-To: donn@u.washington.edu
To: krb5-bugs@MIT.EDU
>Number: 766
>Category: krb5-appl
>Synopsis: request destroy_ticket option to complement login get_ticket
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Tue Oct 05 20:02:01 EDT 1999
>Last-Modified:
>Originator: Donn Cave
>Organization:
University Computing Services
University of Washington
>Release: krb5-1.1
>Environment:
System: AIX 4.2
Machine: RS/6000
>Description:
We use Kerberos passwords on telnet login, when the client software can't
do Kerberos authentication. By policy, we do not leave tickets on the host
during the session, due to least-common-denominator concerns about /tmp
security. The additional login option 'krb5_destroy_tickets' controls that.
>How-To-Repeat:
>Fix:
[Line numbers reflect other patches reported separately, and all the
recoding at the end also belongs to a previous bug report.]
*** login.c.dist Thu Sep 23 15:40:09 1999
--- login.c Tue Oct 5 16:41:11 1999
***************
*** 48,53 ****
--- 48,54 ----
*/
#define KRB5_GET_TICKETS
int login_krb5_get_tickets = 1;
+ int login_krb5_destroy_tickets = 0;
#ifdef KRB5_KRB4_COMPAT
#define KRB4_GET_TICKETS
***************
*** 343,348 ****
--- 344,350 ----
} login_conf_set[] = {
#ifdef KRB5_GET_TICKETS
"krb5_get_tickets", &login_krb5_get_tickets,
+ "krb5_destroy_tickets", &login_krb5_destroy_tickets,
#endif
#ifdef KRB5_KRB4_COMPAT
"krb4_get_tickets", &login_krb4_get_tickets,
***************
*** 1630,1652 ****
*/
#ifdef KRB5_GET_TICKETS
! if (got_v5_tickets) {
/* set up credential cache -- obeying KRB5_ENV_CCNAME
set earlier */
/* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */
! if (retval = krb5_cc_default(kcontext, &ccache)) {
com_err(argv[0], retval, "while getting default ccache");
! } else if (retval = krb5_cc_initialize(kcontext, ccache, me)) {
! com_err(argv[0], retval, "when initializing cache");
! } else if (retval = krb5_cc_store_cred(kcontext, ccache, &my_creds)) {
! com_err(argv[0], retval, "while storing credentials");
! } else if (xtra_creds &&
! (retval = krb5_cc_copy_creds(kcontext, xtra_creds,
! ccache))) {
! com_err(argv[0], retval, "while storing credentials");
}
-
- krb5_cc_destroy(kcontext, xtra_creds);
} else if (forwarded_v5_tickets && rewrite_ccache) {
if ((retval = krb5_cc_initialize (kcontext, ccache, me))) {
syslog(LOG_ERR,
--- 1623,1654 ----
*/
#ifdef KRB5_GET_TICKETS
! if (got_v5_tickets && !login_krb5_destroy_tickets) {
/* set up credential cache -- obeying KRB5_ENV_CCNAME
set earlier */
/* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */
! retval = krb5_cc_default(kcontext, &ccache);
! if (retval)
com_err(argv[0], retval, "while getting default ccache");
! else {
! retval = krb5_cc_initialize(kcontext, ccache, me);
! if (retval)
! com_err(argv[0], retval, "when initializing cache");
! else {
! retval = krb5_cc_store_cred(kcontext, ccache, &my_creds);
! if (retval)
! com_err(argv[0], retval, "while storing credentials");
! else {
! if (xtra_creds) {
! retval = krb5_cc_copy_creds(kcontext, xtra_creds,
! ccache);
! if (retval)
! com_err(argv[0], retval, "while storing credentials");
! krb5_cc_destroy(kcontext, xtra_creds);
! }
! }
! }
}
} else if (forwarded_v5_tickets && rewrite_ccache) {
if ((retval = krb5_cc_initialize (kcontext, ccache, me))) {
syslog(LOG_ERR,
***************
>Audit-Trail:
>Unformatted:
