diff options
author | rmacklem <rmacklem@FreeBSD.org> | 2009-06-24 18:30:14 +0000 |
---|---|---|
committer | rmacklem <rmacklem@FreeBSD.org> | 2009-06-24 18:30:14 +0000 |
commit | a5268d56f65b258f44e20334592225f3556cdc5c (patch) | |
tree | 94d0e0aaf35da871bf0cbfc45cf4e391adfdd2a5 /sbin/umount | |
parent | e13ea48de648aaa38679919abe3a877c7d86001c (diff) | |
download | FreeBSD-src-a5268d56f65b258f44e20334592225f3556cdc5c.zip FreeBSD-src-a5268d56f65b258f44e20334592225f3556cdc5c.tar.gz |
If the initial attempt to refresh credentials in the RPCSEC_GSS client
side fails, the entry in the cache is left with no valid context
(gd_ctx == GSS_C_NO_CONTEXT). As such, subsequent hits on the cache
will result in persistent authentication failure, even after the user has
done a kinit or similar and acquired a new valid TGT. This patch adds a test
for that case upon a cache hit and calls rpc_gss_init() to make another
attempt at getting valid credentials. It also moves the setting of gc_proc
to before the import of the principal name to ensure that, if that case
fails, it will be detected as a failure after going to "out:".
Reviewed by: dfr
Approved by: kib (mentor)
Diffstat (limited to 'sbin/umount')
0 files changed, 0 insertions, 0 deletions