From eb1545382ae5be11bdaa82b6a08f892924ef78eb Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Thu, 31 Mar 2016 10:24:25 -0500 Subject: [PATCH] lib/krb5: fallback Windows default ccname to HLKM Windows queries the default ccache name via the registry. Prior to this change only the HKEY_CURRENT_USER hive. Fallback to HKEY_LOCAL_MACHINE if there is no "ccname" value specified for the user. This permits system or domain administrators to set the default ccache to MSLSA: for all users. Change-Id: Ide3b51358f8fc6944ca698e4a68295be9463d4e0 --- lib/krb5/cache.c | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/lib/krb5/cache.c b/lib/krb5/cache.c index 1837f63c6..baee6b6c3 100644 --- a/lib/krb5/cache.c +++ b/lib/krb5/cache.c @@ -1815,18 +1815,17 @@ krb5_cc_get_kdc_offset(krb5_context context, krb5_ccache id, krb5_deltat *offset return (*id->ops->get_kdc_offset)(context, id, offset); } - #ifdef _WIN32 - #define REGPATH_MIT_KRB5 "SOFTWARE\\MIT\\Kerberos5" -KRB5_LIB_FUNCTION char * KRB5_LIB_CALL -_krb5_get_default_cc_name_from_registry(krb5_context context) + +static char * +_get_default_cc_name_from_registry(krb5_context context, HKEY hkBase) { HKEY hk_k5 = 0; LONG code; - char * ccname = NULL; + char *ccname = NULL; - code = RegOpenKeyEx(HKEY_CURRENT_USER, + code = RegOpenKeyEx(hkBase, REGPATH_MIT_KRB5, 0, KEY_READ, &hk_k5); @@ -1841,6 +1840,19 @@ _krb5_get_default_cc_name_from_registry(krb5_context context) return ccname; } +KRB5_LIB_FUNCTION char * KRB5_LIB_CALL +_krb5_get_default_cc_name_from_registry(krb5_context context) +{ + char *ccname; + + ccname = _get_default_cc_name_from_registry(context, HKEY_CURRENT_USER); + if (ccname == NULL) + ccname = _get_default_cc_name_from_registry(context, + HKEY_LOCAL_MACHINE); + + return ccname; +} + KRB5_LIB_FUNCTION int KRB5_LIB_CALL _krb5_set_default_cc_name_to_registry(krb5_context context, krb5_ccache id) { @@ -1872,5 +1884,4 @@ _krb5_set_default_cc_name_to_registry(krb5_context context, krb5_ccache id) return ret; } - #endif