diff options
Diffstat (limited to 'security/krb5-16/files/patch-ba')
| -rw-r--r-- | security/krb5-16/files/patch-ba | 100 |
1 files changed, 0 insertions, 100 deletions
diff --git a/security/krb5-16/files/patch-ba b/security/krb5-16/files/patch-ba deleted file mode 100644 index f346d9b8e80e..000000000000 --- a/security/krb5-16/files/patch-ba +++ /dev/null @@ -1,100 +0,0 @@ ---- appl/bsd/login.c.ORIG Wed Oct 13 12:55:47 1999 -+++ appl/bsd/login.c Wed Oct 13 12:56:29 1999 -@@ -518,6 +518,7 @@ - if (!getenv(KRB5_ENV_CCNAME)) { - sprintf(ccfile, "FILE:/tmp/krb5cc_p%d", getpid()); - setenv(KRB5_ENV_CCNAME, ccfile, 1); -+ krb5_cc_set_default_name(kcontext, ccfile); - unlink(ccfile+strlen("FILE:")); - } else { - /* note it correctly */ -@@ -1303,19 +1304,6 @@ - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - } - -- /* Policy: If local password is good, user is good. -- We really can't trust the Kerberos password, -- because somebody on the net could spoof the -- Kerberos server (not easy, but possible). -- Some sites might want to use it anyways, in -- which case they should change this line -- to: -- if (kpass_ok) -- */ -- -- if (lpass_ok) -- break; -- - if (got_v5_tickets) { - if (retval = krb5_verify_init_creds(kcontext, &my_creds, NULL, - NULL, &xtra_creds, -@@ -1338,6 +1326,9 @@ - } - #endif /* KRB4_GET_TICKETS */ - -+ if (lpass_ok) -+ break; -+ - bad_login: - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - -@@ -1634,19 +1625,28 @@ - /* set up credential cache -- obeying KRB5_ENV_CCNAME - set earlier */ - /* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */ -- if (retval = krb5_cc_default(kcontext, &ccache)) { -+ retval = krb5_cc_default(kcontext, &ccache); -+ if (retval) - com_err(argv[0], retval, "while getting default ccache"); -- } else if (retval = krb5_cc_initialize(kcontext, ccache, me)) { -- com_err(argv[0], retval, "when initializing cache"); -- } else if (retval = krb5_cc_store_cred(kcontext, ccache, &my_creds)) { -- com_err(argv[0], retval, "while storing credentials"); -- } else if (xtra_creds && -- (retval = krb5_cc_copy_creds(kcontext, xtra_creds, -- ccache))) { -- com_err(argv[0], retval, "while storing credentials"); -+ else { -+ retval = krb5_cc_initialize(kcontext, ccache, me); -+ if (retval) -+ com_err(argv[0], retval, "when initializing cache"); -+ else { -+ retval = krb5_cc_store_cred(kcontext, ccache, &my_creds); -+ if (retval) -+ com_err(argv[0], retval, "while storing credentials"); -+ else { -+ if (xtra_creds) { -+ retval = krb5_cc_copy_creds(kcontext, xtra_creds, -+ ccache); -+ if (retval) -+ com_err(argv[0], retval, "while storing credentials"); -+ krb5_cc_destroy(kcontext, xtra_creds); -+ } -+ } -+ } - } -- -- krb5_cc_destroy(kcontext, xtra_creds); - } else if (forwarded_v5_tickets && rewrite_ccache) { - if ((retval = krb5_cc_initialize (kcontext, ccache, me))) { - syslog(LOG_ERR, -@@ -1727,6 +1727,7 @@ - - if (ccname) - setenv("KRB5CCNAME", ccname, 1); -+ krb5_cc_set_default_name(kcontext, ccname); - - setenv("HOME", pwd->pw_dir, 1); - setenv("PATH", LPATH, 1); -@@ -1748,8 +1749,10 @@ - - #ifdef KRB5_GET_TICKETS - /* ccfile[0] is only set if we got tickets above */ -- if (login_krb5_get_tickets && ccfile[0]) -+ if (login_krb5_get_tickets && ccfile[0]) { - (void) setenv(KRB5_ENV_CCNAME, ccfile, 1); -+ krb5_cc_set_default_name(kcontext, ccfile); -+ } - #endif /* KRB5_GET_TICKETS */ - - if (tty[sizeof("tty")-1] == 'd') |