[665] in Kerberos-V5-bugs
bug in src/lib/krb5/rcache/rc_dfl.c
daemon@ATHENA.MIT.EDU (Paul Pomes)
Fri Aug 19 12:06:20 1994
Date: Fri, 19 Aug 1994 11:06:11 -0500
From: Paul Pomes <P-Pomes@uiuc.edu>
To: krb5-bugs@MIT.EDU
In krb5_rc_dfl_expunge() for the case where NOIOSTUFF is not defined,
struct authlist *q;
char *name = t->name;
krb5_error_code retval;
krb5_rcache tmp;
krb5_deltat lifespan = t->lifespan; /* save original lifespan */
(void) krb5_rc_dfl_close_no_free(id);
When this function is called, it does a
if (t->name)
FREE(t->name);
So name back in krb5_rc_dfl_expunge() becomes null. This generated the
error
krb5kdc[21236]: Permission denied in replay cache code while expunging replay cache 'dfl:'
Because the subsequent krb5_rc_io_open() would try to open "/usr/tmp/".
I changed the code to be instead
struct authlist *q;
char *name;
krb5_error_code retval;
krb5_rcache tmp;
krb5_deltat lifespan = t->lifespan; /* save original lifespan */
name = strdup(t->name);
(void) krb5_rc_dfl_close_no_free(id);
Which seems to work for now.
/pbp
