krb5/Fix-config-realm-change-logic-in-FILE-remove_cred.patch
2019-05-14 12:34:12 -04:00

30 lines
1.2 KiB
Diff

From 5215fad65699527aaea73add2cbbbb40de770fa6 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Tue, 16 Apr 2019 10:47:35 -0400
Subject: [PATCH] Fix config realm change logic in FILE remove_cred
Use data_eq_string() to check the server realm, and do not check if
cred->server is NULL since it is not expected to be (and
k5_marshal_cred() would have already crashed if it were).
ticket: 8792
(cherry picked from commit e5367fcddd53dc4db0c1fd2279e91eda3791960a)
---
src/lib/krb5/ccache/cc_file.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c
index 09da38fa9..a3f67766e 100644
--- a/src/lib/krb5/ccache/cc_file.c
+++ b/src/lib/krb5/ccache/cc_file.c
@@ -1058,8 +1058,7 @@ delete_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor,
/* For config entries, also change the realm so that other implementations
* won't match them. */
- if (cred->server != NULL && cred->server->realm.length > 0 &&
- strcmp(cred->server->realm.data, "X-CACHECONF:") == 0)
+ if (data_eq_string(cred->server->realm, "X-CACHECONF:"))
memcpy(cred->server->realm.data, "X-RMED-CONF:", 12);
k5_marshal_cred(&overwrite, fcursor->version, cred);