New KRB5_NO_TICKET_STORE env var
This commit is contained in:

committed by
Nico Williams

parent
a666bf165e
commit
5b39bd7c1d
@@ -164,6 +164,20 @@ same behavior as using the
|
||||
.Fl Fl canonicalize
|
||||
.Fl Fl hostbased
|
||||
options here.
|
||||
.Sh ENVIRONMENT
|
||||
.Bl -tag -width Ds
|
||||
.It Ev KRB5CCNAME
|
||||
Specifies the default credentials cache.
|
||||
.It Ev KRB5_CONFIG
|
||||
The file name of
|
||||
.Pa krb5.conf ,
|
||||
the default being
|
||||
.Pa /etc/krb5.conf .
|
||||
.It Ev KRB5_NO_TICKET_STORE
|
||||
If this variable is present in the environment, any service tickets obtained
|
||||
are not added to the credential cache. This affects all heimdal applications
|
||||
and library clients, not just kgetcred.
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr kinit 1 ,
|
||||
.Xr klist 1 ,
|
||||
|
@@ -179,7 +179,8 @@ init_context_from_config_file(krb5_context context)
|
||||
INIT_FIELD(context, bool, log_utc,
|
||||
FALSE, "log_utc");
|
||||
|
||||
|
||||
context->no_ticket_store =
|
||||
getenv("KRB5_NO_TICKET_STORE") != NULL;
|
||||
|
||||
/* init dns-proxy slime */
|
||||
tmp = krb5_config_get_string(context, NULL, "libdefaults",
|
||||
|
@@ -1266,6 +1266,8 @@ static void
|
||||
store_cred(krb5_context context, krb5_ccache ccache,
|
||||
krb5_const_principal server_princ, krb5_creds *creds)
|
||||
{
|
||||
if (context->no_ticket_store)
|
||||
return;
|
||||
if (!krb5_principal_compare(context, creds->server, server_princ) &&
|
||||
!krb5_principal_is_krbtgt(context, server_princ)) {
|
||||
krb5_principal tmp_princ = creds->server;
|
||||
|
@@ -247,6 +247,7 @@ typedef struct krb5_context_data {
|
||||
krb5_boolean scan_interfaces; /* `ifconfig -a' */
|
||||
krb5_boolean srv_lookup; /* do SRV lookups */
|
||||
krb5_boolean srv_try_txt; /* try TXT records also */
|
||||
krb5_boolean no_ticket_store; /* Don't store service tickets */
|
||||
int32_t fcache_vno; /* create cache files w/ this
|
||||
version */
|
||||
int num_kt_types; /* # of registered keytab types */
|
||||
|
Reference in New Issue
Block a user