git.openafs.org Git - openafs.git/commit

author	Marcio Barbosa <mbarbosa@sinenomine.net>
	Sun, 20 Jun 2021 03:52:36 +0000 (00:52 -0300)
committer	Benjamin Kaduk <kaduk@mit.edu>
	Wed, 23 Jun 2021 03:52:32 +0000 (23:52 -0400)
commit	a10f99dbe025c74fb488b501daaf1f9574830cec
tree	1c6259965e64decfb39f78e7c087e28f82544305	tree \| snapshot
parent	5a96197b4e0b1fd3733cd4807b09855c2a8bdbd2	commit \| diff

klog.krb5: remove "save and reuse password" logic

In order to avoid repeated requests for the user's password, klog.krb5
caches and reuses it whenever necessary. However, with the introduction
of commit 3a9a5783cd1fd73902655f0876e2069b42688c94, klog.krb5 always
requests a TGT regardless of the state of writeTicketFile, eliminating
the need for possible extra requests for the user's password.

Moreover, krb5_get_init_creds_password() does not accept a custom
prompter on macOS (returns EINVAL). Consequently, if the -password
argument is omitted, klog.krb5 fails with the following error:

klog: Invalid argument Unable to authenticate in realm <REALM>

Given that the user won't be prompted for a password multiple times,
remove the "save and reuse password" logic and use krb5_prompter_posix()
as the prompter function (instead of klog_prompter).

Relevant issue identified by gangovind@in.ibm.com.

Change-Id: Ia994a18d1d166893f12ee78d3e6f25192ff327ee
Reviewed-on: https://gerrit.openafs.org/14643
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Ganesh G. Chaudhari <gangovind@in.ibm.com>
Tested-by: Ganesh G. Chaudhari <gangovind@in.ibm.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>