X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=meta-starlingx%2Fmeta-stx-distro%2Frecipes-security%2Fgssproxy%2Ffiles%2FProperly-initialize-ccaches-before-storing-into-them.patch;fp=meta-starlingx%2Fmeta-stx-distro%2Frecipes-security%2Fgssproxy%2Ffiles%2FProperly-initialize-ccaches-before-storing-into-them.patch;h=0000000000000000000000000000000000000000;hb=6fc6934434f70595536a387ece31bc30141cafb5;hp=617c6e2e705c831128b84f598d33f360eb8d632d;hpb=eb1e26510491ba49de693ab3b0498edcb06be6c5;p=pti%2Frtp.git diff --git a/meta-starlingx/meta-stx-distro/recipes-security/gssproxy/files/Properly-initialize-ccaches-before-storing-into-them.patch b/meta-starlingx/meta-stx-distro/recipes-security/gssproxy/files/Properly-initialize-ccaches-before-storing-into-them.patch deleted file mode 100644 index 617c6e2..0000000 --- a/meta-starlingx/meta-stx-distro/recipes-security/gssproxy/files/Properly-initialize-ccaches-before-storing-into-them.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 2d91093925c8546d68f9314546353226b4f41569 Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Tue, 5 Dec 2017 13:14:29 -0500 -Subject: [PATCH] Properly initialize ccaches before storing into them - -krb5_cc_new_unique() doesn't initialize ccaches, which results in the -krb5 libraries being aware of their presence within the collection but -being unable to manipulate them. - -This is transparent to most gssproxy consumers because we just -re-fetch the ccache on error. - -Signed-off-by: Robbie Harwood -Reviewed-by: Simo Sorce -Merges: #223 -(cherry picked from commit be7df45b6a56631033de387d28a2c06b7658c36a) ---- - proxy/src/mechglue/gpp_creds.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/proxy/src/mechglue/gpp_creds.c b/proxy/src/mechglue/gpp_creds.c -index 187ada7..f8ab320 100644 ---- a/proxy/src/mechglue/gpp_creds.c -+++ b/proxy/src/mechglue/gpp_creds.c -@@ -247,6 +247,13 @@ uint32_t gpp_store_remote_creds(uint32_t *min, bool store_as_default_cred, - - ret = krb5_cc_new_unique(ctx, cc_type, NULL, &ccache); - free(cc_type); -+ if (ret) -+ goto done; -+ -+ /* krb5_cc_new_unique() doesn't initialize, and we need to initialize -+ * before storing into the ccache. Note that this will only clobber -+ * the ccache handle, not the whole collection. */ -+ ret = krb5_cc_initialize(ctx, ccache, cred.client); - } - if (ret) - goto done;