- flog(LOG_ERR, "could not chown new ccache to %i:%i: %s", pwent->pw_uid, pwent->pw_gid, strerror(errno));
- return(AUTH_ERR);
+ } else {
+ if((buf = (char *)krb5_cc_default_name(k5context)) == NULL) {
+ flog(LOG_ERR, "could not get default ccache name");
+ return(AUTH_ERR);
+ }
+ if((ret = krb5_cc_resolve(k5context, buf, &data->ccache)) != 0)
+ {
+ flog(LOG_ERR, "could not resolve ccache name \"%s\": %s", buf2, error_message(ret));
+ return(AUTH_ERR);
+ }
+ setenv("KRB5CCNAME", buf, 1);
+ if((ret = krb5_cc_initialize(k5context, data->ccache, data->ticket->enc_part2->client)) != 0)
+ {
+ flog(LOG_ERR, "could not initialize ccache: %s", error_message(ret));
+ return(AUTH_ERR);
+ }
+ if((ret = krb5_cc_store_cred(k5context, data->ccache, data->creds)) != 0)
+ {
+ flog(LOG_ERR, "could not store forwarded TGT into ccache: %s", error_message(ret));
+ return(AUTH_ERR);
+ }