On Mon, 2009-01-19 at 09:07 -0500, Peter Shoults wrote:
..
> >
> > The test in locate_kdc.c is a negative test for
> > krb5_is_referral_realm(). If you'd like I can change it to:
> >
> > if (code && !krb5_is_referral_realm(realm)) {
> >
> > I don't mind either way.
> >
>
> Yeah - I think that is more uniform for all three files/routines.
Ok I'll make that change.
...
> >> Hum - looking at this code, I do not see why this is right:
> >>
> >> 240 cleanup:;
> >> 241 if (retval) {
> >> 242 if (local_authcon) {
> >> 243 krb5_auth_con_free(context, *auth_context);
> >> 244 /* Solaris Kerberos */
> >> 245 *auth_context = NULL;
> >> 246 } else if (local_rcache && rcache != NULL) {
> >> 247 /* Solaris Kerberos */
> >> 248 (void) krb5_rc_close(context, rcache);
> >> 249 krb5_auth_con_setrcache(context, *auth_context, NULL);
> >> 250 }
> >> 251 }
> >>
> >> I do not see why if we have an error, we could not have both
> >> local_authcon set as well as having a local_rcache that needs to get
> >> cleaned up.
> >>
> >
> > At first glance you seem to be correct. However thats not this bug.
> >
>
> Is that a different bug? If so, perhaps we should open on to track it.
It probably needs careful reading of that whole function. Feel free to
take a look and if you see a problem open a CR.
-M
