5837e1d Missing keytab should not be fatal

2 files Authored by simo 7 years ago, Committed by rharwood 7 years ago,
    Missing keytab should not be fatal
    
    In 1e6b5a4c004c520c5865c04c6bd3d40373d174c2 we've been a littl bit too
    zealous and made lack of a keytab a fatal condition when a keytab was
    specified explicitly in config files. However we distribute a config
    file that explictly mentions the default keytab.
    
    In general lack of a keytab is not really an impediment and gssproxy
    will work properly until restarted (at which point saved cfredentials
    will become unreadable as the encryption key is lost). But even if
    access to crdential is lost in most cases this is a recoverable
    situation.
    
    So relax the constraint and fallback to a random key in all cases.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>
    [rharwood@redhat.com Style fixup]
    Reviewed-by: Robbie Harwood <rharwood@redhat.com>
    Merged: https://pagure.io/gssproxy/pull-request/45
    
        
file modified
+98 -84
file modified
+16 -1