]> git.decadent.org.uk Git - nfs-utils.git/commit
Gssd blindly caches machine credentials
authorLukas Hejtmanek <xhejtman@ics.muni.cz>
Thu, 27 Aug 2009 15:42:24 +0000 (11:42 -0400)
committerSteve Dickson <steved@redhat.com>
Thu, 27 Aug 2009 15:42:24 +0000 (11:42 -0400)
commitbd947185cfc7978c562fddf2f14f602c44a5cac9
tree3eba094b02c5c3c30d3f645538637dd7c19312dc
parent1d2951b518dd5df4fc0a637880d204f0f4e949c5
Gssd blindly caches machine credentials

We have a problem with rpc.gssd which blindly caches machine credentials.
E.g., if someone deletes /tmp/krb5cc_machine_REALM, rpc.gss does not create
new one until the old one expires. Also, it has problems with clock skew, if
time goes back and gssd thinks that machine credentials are not expired yet.

The following patch tries to use cache but in case of failure, it tries it
again without cache. Any comments?

Signed-off-by: Lukas Hejtmanek <xhejtman@ics.muni.cz>
Acked-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
utils/gssd/gssd_proc.c
utils/gssd/krb5_util.c
utils/gssd/krb5_util.h