From owner-svn-src-user@FreeBSD.ORG  Sat Nov  8 11:49:59 2008
Return-Path: <owner-svn-src-user@FreeBSD.ORG>
Delivered-To: svn-src-user@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0142F1065673;
	Sat,  8 Nov 2008 11:49:59 +0000 (UTC) (envelope-from dfr@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id E27C58FC20;
	Sat,  8 Nov 2008 11:49:58 +0000 (UTC) (envelope-from dfr@FreeBSD.org)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id mA8Bnw3P011289;
	Sat, 8 Nov 2008 11:49:58 GMT (envelope-from dfr@svn.freebsd.org)
Received: (from dfr@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id mA8BnwM1011286;
	Sat, 8 Nov 2008 11:49:58 GMT (envelope-from dfr@svn.freebsd.org)
Message-Id: <200811081149.mA8BnwM1011286@svn.freebsd.org>
From: Doug Rabson <dfr@FreeBSD.org>
Date: Sat, 8 Nov 2008 11:49:58 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-user@freebsd.org
X-SVN-Group: user
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r184768 - user/dfr/gssapi/7/crypto/heimdal/lib/krb5
X-BeenThere: svn-src-user@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SVN commit messages for the experimental &quot; user&quot;
	src tree" <svn-src-user.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-user>,
	<mailto:svn-src-user-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-user>
List-Post: <mailto:svn-src-user@freebsd.org>
List-Help: <mailto:svn-src-user-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-user>,
	<mailto:svn-src-user-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Nov 2008 11:49:59 -0000

Author: dfr
Date: Sat Nov  8 11:49:58 2008
New Revision: 184768
URL: http://svn.freebsd.org/changeset/base/184768

Log:
  Back-port a fix from heimdal 1.1 which notices when KRB5CCNAME changes.

Modified:
  user/dfr/gssapi/7/crypto/heimdal/lib/krb5/cache.c
  user/dfr/gssapi/7/crypto/heimdal/lib/krb5/context.c
  user/dfr/gssapi/7/crypto/heimdal/lib/krb5/krb5.h

Modified: user/dfr/gssapi/7/crypto/heimdal/lib/krb5/cache.c
==============================================================================
--- user/dfr/gssapi/7/crypto/heimdal/lib/krb5/cache.c	Sat Nov  8 11:48:57 2008	(r184767)
+++ user/dfr/gssapi/7/crypto/heimdal/lib/krb5/cache.c	Sat Nov  8 11:49:58 2008	(r184768)
@@ -190,6 +190,39 @@ krb5_cc_get_ops(krb5_context context, kr
 }
 
 /*
+ * Return non-zero if envirnoment that will determine default krb5cc
+ * name has changed.
+ */
+
+static int
+environment_changed(krb5_context context)
+{
+    const char *e;
+
+    /* if the cc name was set, don't change it */
+    if (context->default_cc_name_set)
+	return 0;
+
+    if(issuid())
+	return 0;
+
+    e = getenv("KRB5CCNAME");
+    if (e == NULL) {
+	if (context->default_cc_name_env) {
+	    free(context->default_cc_name_env);
+	    context->default_cc_name_env = NULL;
+	    return 1;
+	}
+    } else {
+	if (context->default_cc_name_env == NULL)
+	    return 1;
+	if (strcmp(e, context->default_cc_name_env) != 0)
+	    return 1;
+    }
+    return 0;
+}
+
+/*
  * Set the default cc name for `context' to `name'.
  */
 
@@ -202,10 +235,14 @@ krb5_cc_set_default_name(krb5_context co
     if (name == NULL) {
 	char *e;
 	e = getenv("KRB5CCNAME");
-	if (e)
+	if (e) {
 	    p = strdup(e);
-	else
+	    if (context->default_cc_name_env)
+		free(context->default_cc_name_env);
+	    context->default_cc_name_env = strdup(e);
+	} else {
 	    asprintf(&p,"FILE:/tmp/krb5cc_%u", (unsigned)getuid());
+	}
     } else
 	p = strdup(name);
 
@@ -227,7 +264,7 @@ krb5_cc_set_default_name(krb5_context co
 const char*
 krb5_cc_default_name(krb5_context context)
 {
-    if (context->default_cc_name == NULL)
+    if (context->default_cc_name == NULL || environment_changed(context))
 	krb5_cc_set_default_name(context, NULL);
 
     return context->default_cc_name;

Modified: user/dfr/gssapi/7/crypto/heimdal/lib/krb5/context.c
==============================================================================
--- user/dfr/gssapi/7/crypto/heimdal/lib/krb5/context.c	Sat Nov  8 11:48:57 2008	(r184767)
+++ user/dfr/gssapi/7/crypto/heimdal/lib/krb5/context.c	Sat Nov  8 11:49:58 2008	(r184768)
@@ -177,6 +177,8 @@ init_context_from_config_file(krb5_conte
     INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup");
     INIT_FIELD(context, bool, srv_lookup, context->srv_lookup, "dns_lookup_kdc");
     context->default_cc_name = NULL;
+    context->default_cc_name_env = NULL;
+    context->default_cc_name_set = 0;
     return 0;
 }
 
@@ -230,6 +232,8 @@ krb5_free_context(krb5_context context)
 {
     if (context->default_cc_name)
 	free(context->default_cc_name);
+    if (context->default_cc_name_env)
+	free(context->default_cc_name_env);
     free(context->etypes);
     free(context->etypes_des);
     krb5_free_host_realm (context, context->default_realms);

Modified: user/dfr/gssapi/7/crypto/heimdal/lib/krb5/krb5.h
==============================================================================
--- user/dfr/gssapi/7/crypto/heimdal/lib/krb5/krb5.h	Sat Nov  8 11:48:57 2008	(r184767)
+++ user/dfr/gssapi/7/crypto/heimdal/lib/krb5/krb5.h	Sat Nov  8 11:49:58 2008	(r184768)
@@ -395,6 +395,8 @@ typedef struct krb5_context_data {
     char error_buf[256];
     krb5_addresses *ignore_addresses;
     char *default_cc_name;
+    char *default_cc_name_env;
+    int default_cc_name_set;
 } krb5_context_data;
 
 typedef struct krb5_ticket {