diff options
Diffstat (limited to 'src/lib/gssapi/krb5/acquire_cred.c')
-rw-r--r-- | src/lib/gssapi/krb5/acquire_cred.c | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index ff51901..5bcfec9 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -655,7 +655,21 @@ acquire_init_cred(krb5_context context, if (GSS_ERROR(kg_caller_provided_ccache_name(minor_status, &caller_ccname))) return GSS_S_FAILURE; - if (req_ccache != NULL) { + + if (password != GSS_C_NO_BUFFER) { + pwdata = make_data(password->value, password->length); + code = krb5int_copy_data_contents_add0(context, &pwdata, &pwcopy); + if (code) + goto error; + cred->password = pwcopy.data; + + /* We will fetch the credential into a private memory ccache. */ + assert(req_ccache == NULL); + code = krb5_cc_new_unique(context, "MEMORY", NULL, &cred->ccache); + if (code) + goto error; + cred->destroy_ccache = 1; + } else if (req_ccache != NULL) { code = krb5_cc_dup(context, req_ccache, &cred->ccache); if (code) goto error; @@ -673,14 +687,6 @@ acquire_init_cred(krb5_context context, if (code) goto error; - if (password != GSS_C_NO_BUFFER) { - pwdata = make_data(password->value, password->length); - code = krb5int_copy_data_contents_add0(context, &pwdata, &pwcopy); - if (code) - goto error; - cred->password = pwcopy.data; - } - if (cred->ccache != NULL) { /* The caller specified a ccache; check what's in it. */ code = scan_ccache(context, cred); |