auth/credentials Give a sensible behaviour for resetting the krb5 context
authorAndrew Bartlett <abartlet@samba.org>
Wed, 27 Oct 2010 04:22:46 +0000 (15:22 +1100)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 27 Oct 2010 05:24:22 +0000 (05:24 +0000)
This extra code isn't used at the moment, but I noticed the old API
was rather supprising in it's behaviour, and might catch someone out
at some later time.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Oct 27 05:24:22 UTC 2010 on sn-devel-104

source4/auth/credentials/credentials_krb5.c

index fb4b440281d86e5ffa0fa1955948c1d76177fa47..97b18140afa0a31f49032354959a0828b29147f6 100644 (file)
@@ -51,13 +51,18 @@ _PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
        return 0;
 }
 
        return 0;
 }
 
-/* This needs to be called directly after the cli_credentials_init(),
- * otherwise we might have problems with the krb5 context already
- * being here.
+/* For most predictable behaviour, this needs to be called directly after the cli_credentials_init(),
+ * otherwise we may still have references to the old smb_krb5_context in a credential cache etc
  */
 _PUBLIC_ NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred, 
                                          struct smb_krb5_context *smb_krb5_context)
 {
  */
 _PUBLIC_ NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred, 
                                          struct smb_krb5_context *smb_krb5_context)
 {
+       if (smb_krb5_context == NULL) {
+               talloc_unlink(cred, cred->smb_krb5_context);
+               cred->smb_krb5_context = NULL;
+               return NT_STATUS_OK;
+       }
+
        if (!talloc_reference(cred, smb_krb5_context)) {
                return NT_STATUS_NO_MEMORY;
        }
        if (!talloc_reference(cred, smb_krb5_context)) {
                return NT_STATUS_NO_MEMORY;
        }