svn rev #24438: trunk/src/lib/krb5/krb/
tlyu@MIT.EDU
tlyu at MIT.EDU
Wed Oct 6 19:57:38 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24438
Commit By: tlyu
Log Message:
ticket: 6798
subject: set NT-SRV-INST on TGS principal names
tags: pullup
target_version: 1.8.4
Set NT-SRV-INST on TGS principal names in
get_in_tkt.c:build_in_tkt_name because Windows Server 2008 R2 RODC
insists on it.
Thanks to Bill Fellows for reporting this problem.
Changed Files:
U trunk/src/lib/krb5/krb/get_in_tkt.c
Modified: trunk/src/lib/krb5/krb/get_in_tkt.c
===================================================================
--- trunk/src/lib/krb5/krb/get_in_tkt.c 2010-10-06 22:20:34 UTC (rev 24437)
+++ trunk/src/lib/krb5/krb/get_in_tkt.c 2010-10-06 23:57:37 UTC (rev 24438)
@@ -499,8 +499,19 @@
client->realm.length,
client->realm.data,
0);
+ if (ret)
+ return ret;
}
- return ret;
+ /*
+ * Windows Server 2008 R2 RODC insists on TGS principal names having the
+ * right name type.
+ */
+ if (krb5_princ_size(context, *server) == 2 &&
+ data_eq_string(*krb5_princ_component(context, *server, 0),
+ KRB5_TGS_NAME)) {
+ krb5_princ_type(context, *server) = KRB5_NT_SRV_INST;
+ }
+ return 0;
}
void KRB5_CALLCONV
More information about the cvs-krb5
mailing list