diff --git a/lib/krb5/get_for_creds.c b/lib/krb5/get_for_creds.c index 281d0f213..d9170eb95 100644 --- a/lib/krb5/get_for_creds.c +++ b/lib/krb5/get_for_creds.c @@ -163,8 +163,6 @@ krb5_get_forwarded_creds (krb5_context context, size_t len; unsigned char *buf; size_t buf_size; - krb5_timestamp sec; - int32_t usec; krb5_kdc_flags kdc_flags; krb5_crypto crypto; struct addrinfo *ai; @@ -186,7 +184,7 @@ krb5_get_forwarded_creds (krb5_context context, freeaddrinfo (ai); if (ret) return ret; - + kdc_flags.i = flags; ret = krb5_get_kdc_cred (context, @@ -224,22 +222,30 @@ krb5_get_forwarded_creds (krb5_context context, goto out4; } - krb5_us_timeofday (context, &sec, &usec); - - ALLOC(enc_krb_cred_part.timestamp, 1); - if (enc_krb_cred_part.timestamp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto out4; + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { + krb5_timestamp sec; + int32_t usec; + + krb5_us_timeofday (context, &sec, &usec); + + ALLOC(enc_krb_cred_part.timestamp, 1); + if (enc_krb_cred_part.timestamp == NULL) { + ret = ENOMEM; + krb5_set_error_string(context, "malloc: out of memory"); + goto out4; + } + *enc_krb_cred_part.timestamp = sec; + ALLOC(enc_krb_cred_part.usec, 1); + if (enc_krb_cred_part.usec == NULL) { + ret = ENOMEM; + krb5_set_error_string(context, "malloc: out of memory"); + goto out4; + } + *enc_krb_cred_part.usec = usec; + } else { + enc_krb_cred_part.timestamp = NULL; + enc_krb_cred_part.usec = NULL; } - *enc_krb_cred_part.timestamp = sec; - ALLOC(enc_krb_cred_part.usec, 1); - if (enc_krb_cred_part.usec == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto out4; - } - *enc_krb_cred_part.usec = usec; if (auth_context->local_address && auth_context->local_port) { krb5_boolean noaddr;