Hi,
with this patch the credential cache files stored in the cache are checked if they contain TGTs which are still renewable.
Should fix #796.
bye, Sumit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 02/16/2011 12:12 PM, Sumit Bose wrote:
Hi,
with this patch the credential cache files stored in the cache are checked if they contain TGTs which are still renewable.
Should fix #796.
Nack.
if (ccache_file != NULL && upn != NULL && user_name != NULL) {
The checks for upn and user_name are redundant, as there's no way to reach this line without them being non-NULL. A few lines above, you call 'continue' to return to the loop if either of these values are NULL.
Please reduce the debug level of: "One of the needed attributes [%s][%s][%s] is missing in [%s]." to level six. I think level 9 is too noisy and this is useful information.
In get_ccache_file_data(), you set kerr = ENOMEM if server_name can't be allocated. kerr is a krb5_error_code value, not errno_t. It's probably best if you use KRB5_CC_NOMEM here.
- -- Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/
On Fri, Feb 18, 2011 at 11:29:28AM -0500, Stephen Gallagher wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 02/16/2011 12:12 PM, Sumit Bose wrote:
Hi,
with this patch the credential cache files stored in the cache are checked if they contain TGTs which are still renewable.
Should fix #796.
Nack.
if (ccache_file != NULL && upn != NULL && user_name != NULL) {The checks for upn and user_name are redundant, as there's no way to reach this line without them being non-NULL. A few lines above, you call 'continue' to return to the loop if either of these values are NULL.
Please reduce the debug level of: "One of the needed attributes [%s][%s][%s] is missing in [%s]." to level six. I think level 9 is too noisy and this is useful information.
I have move the checks and the debug message into check_ccache_file() so that it can be used safely in other places, too.
In get_ccache_file_data(), you set kerr = ENOMEM if server_name can't be allocated. kerr is a krb5_error_code value, not errno_t. It's probably best if you use KRB5_CC_NOMEM here.
done
New patch attached.
bye, Sumit
Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk1enmcACgkQeiVVYja6o6MAYQCgqllBY5avcJxHyAhTBsMECEx4 vscAnAxQtWdGfqNxjYDLFpHZSZm+BMt0 =ATRj -----END PGP SIGNATURE----- _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 02/22/2011 05:41 AM, Sumit Bose wrote:
New patch attached.
Ack and pushed to master and sssd-1-5.
- -- Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/
sssd-devel@lists.fedorahosted.org
-
Stephen Gallagher -
Sumit Bose