Set the KRB5CCNAME envrironment variable in the child if we received

forwarded Kerberos 5 credentials, so that the process that needs them
can actually find them.
This commit is contained in:
thorpej 2001-03-28 03:31:52 +00:00
parent 3fa9ceaa88
commit 6fe37483a3
2 changed files with 13 additions and 0 deletions

View File

@ -19,6 +19,7 @@
krb5_context ssh_context = NULL;
krb5_auth_context auth_context;
krb5_ccache fwd_ccache = NULL; /* Credential cache for acquired ticket */
const char *ssh_krb5_ccname;
/* Try krb5 authentication. server_user is passed for logging purposes only,
in auth is received ticket, in client is returned principal from the
@ -127,6 +128,8 @@ auth_krb5_tgt(char *server_user, krb5_data *tgt, krb5_principal tkt_client)
fwd_ccache = ccache;
ccache = NULL;
ssh_krb5_ccname = krb5_cc_get_name(ssh_context, fwd_ccache);
/*
problem = krb5_cc_copy_cache(ssh_context, ccache, fwd_ccache);

View File

@ -985,6 +985,16 @@ do_child(Session *s, const char *command)
}
#endif /* KRB4 */
#ifdef KRB5
{
extern const char *ssh_krb5_ccname;
if (ssh_krb5_ccname)
child_set_env(&env, &envsize, "KRB5CCNAME",
ssh_krb5_ccname);
}
#endif /* KRB5 */
if (xauthfile)
child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);
if (auth_get_socket_name() != NULL)