]> git.michaelhowe.org Git - packages/o/openafs.git/commitdiff
projects / packages / o / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3789e98)
aklog: Only try to use krb5-weak.conf if it exists
authorAndrew Deason <adeason@sinenomine.net>
Tue, 26 Mar 2013 18:27:33 +0000 (13:27 -0500)
committerStephan Wiesand <stephan.wiesand@desy.de>
Thu, 4 Apr 2013 08:16:00 +0000 (01:16 -0700)
The logic we use for using krb5-weak.conf to allow 'weak crypto'
requires us to know where the default krb5.conf is. The default
krb5.conf local can vary significantly depending on the platform, and
we don't have a good way of figuring out what it is, so we guess. We
may guess wrong.

To limit the cases where we guess wrong, only try to do this
workaround if the krb5-weak.conf file actually exists.

Reviewed-on: http://gerrit.openafs.org/9667
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 95240a5a5030a1053ce9966b54037eda2d37140b)

Change-Id: I02313b2cc37da05adc0529e685abf6a8546bb3de
Reviewed-on: http://gerrit.openafs.org/9687
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
src/aklog/aklog.c patch | blob | history

diff --git a/src/aklog/aklog.c b/src/aklog/aklog.c
index bc61fbc6f3bcb24b0e9231a3d0ab17abccfa190b..c5bc9df5d004953448f5bf2f0f06745925cdd624 100644 (file)
--- a/src/aklog/aklog.c
+++ b/src/aklog/aklog.c
@@ -1525,10 +1525,17 @@ main(int argc, char *argv[])
        char *defaultpath = "~/Library/Preferences/edu.mit.Kerberos:/Library/Preferences/edu.mit.Kerberos";
 #endif
        filepath = getenv("KRB5_CONFIG");
-       afs_asprintf(&newpath, "%s:%s/krb5-weak.conf",
-                filepath ? filepath : defaultpath,
-                AFSDIR_CLIENT_ETC_DIRPATH);
-       setenv("KRB5_CONFIG", newpath, 1);
+
+       /* only fiddle with KRB5_CONFIG if krb5-weak.conf actually exists */
+       afs_asprintf(&newpath, "%s/krb5-weak.conf", AFSDIR_CLIENT_ETC_DIRPATH);
+       if (access(newpath, R_OK) == 0) {
+           free(newpath);
+           newpath = NULL;
+           afs_asprintf(&newpath, "%s:%s/krb5-weak.conf",
+                        filepath ? filepath : defaultpath,
+                        AFSDIR_CLIENT_ETC_DIRPATH);
+           setenv("KRB5_CONFIG", newpath, 1);
+       }
 #endif
        krb5_init_context(&context);