summaryrefslogtreecommitdiff
path: root/usr/src/lib/pam_modules/krb5/krb5_setcred.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/lib/pam_modules/krb5/krb5_setcred.c')
-rw-r--r--usr/src/lib/pam_modules/krb5/krb5_setcred.c31
1 files changed, 29 insertions, 2 deletions
diff --git a/usr/src/lib/pam_modules/krb5/krb5_setcred.c b/usr/src/lib/pam_modules/krb5/krb5_setcred.c
index b13f8883d6..a01176df16 100644
--- a/usr/src/lib/pam_modules/krb5/krb5_setcred.c
+++ b/usr/src/lib/pam_modules/krb5/krb5_setcred.c
@@ -35,7 +35,7 @@
#include <pwd.h>
#include <syslog.h>
#include <libintl.h>
-#include <krb5.h>
+#include <k5-int.h>
#include <netdb.h>
#include <unistd.h>
#include <sys/stat.h>
@@ -515,7 +515,7 @@ cleanup_creds:
* We now chown the ccache to the appropriate uid/gid
* combination, if its a FILE based ccache.
*/
- if (strstr(kmd->env, "FILE:")) {
+ if (!kmd->env || strstr(kmd->env, "FILE:")) {
uid_t uuid;
gid_t ugid;
char *username = NULL, *tmpname = NULL;
@@ -540,6 +540,33 @@ cleanup_creds:
retval = KRB5KRB_ERR_GENERIC;
goto error;
}
+
+ if (!kmd->env) {
+ char buffer[512];
+
+ if (snprintf(buffer, sizeof (buffer),
+ "%s=FILE:/tmp/krb5cc_%d", KRB5_ENV_CCNAME,
+ (int)uuid) >= sizeof (buffer)) {
+ retval = KRB5KRB_ERR_GENERIC;
+ goto error;
+ }
+
+ /*
+ * We MUST copy this to the heap for the putenv
+ * to work!
+ */
+ kmd->env = strdup(buffer);
+ if (!kmd->env) {
+ retval = ENOMEM;
+ goto error;
+ } else {
+ if (putenv(kmd->env)) {
+ retval = ENOMEM;
+ goto error;
+ }
+ }
+ }
+
if (!(filepath = strchr(kmd->env, ':')) ||
!(filepath+1)) {
__pam_log(LOG_AUTH | LOG_ERR,
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-01 03:59:47 +0000