8 Jul
2024
8 Jul
'24
7:31 p.m.
On Mon Jul 8 19:21:03 2024 +0000, Dmitry Timoshkov wrote:
init_creds() does more harm actually, for instance when AcquireCredentialsHandle is called without password it completely trashes an existing kerberos ticket instead of relying on default behaviour, at least under Windows password is not required when the user is already logged on into the domain. So, I'd completely remove the init_creds() helper. If you think that's the intended behaviour I'll add the init_creds() call though.
It seems to me that if credentials are passed they should be used. I don't see why that would be different for SECPKG_CRED_BOTH. It could use a test I guess.