krb5 commit [krb5-1.9]: Make password change work without default realm
Tom Yu
tlyu at MIT.EDU
Fri Jun 8 19:29:38 EDT 2012
https://github.com/krb5/krb5/commit/871c12133d51219f7a5f5bdaf2771ae77e2cde4d
commit 871c12133d51219f7a5f5bdaf2771ae77e2cde4d
Author: Greg Hudson <ghudson at mit.edu>
Date: Thu May 10 17:34:01 2012 +0000
Make password change work without default realm
This fix is not very general or clean, but is suitable for backporting
because it is minimally invasive. A more comprehensive fix will
follow.
(cherry picked from commit b9ff95a51ef11742abc9687a70b6d8324eda6803)
ticket: 7165 (new)
version_fixed: 1.9.4
status: resolved
src/lib/krb5/krb/get_in_tkt.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index 71d1e12..d078dac 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -468,6 +468,11 @@ build_in_tkt_name(krb5_context context,
*server = NULL;
if (in_tkt_service) {
+ /* Minimally invasive fix for inability to change password with no
+ * default realm, for backporting. */
+ if (strcmp(in_tkt_service, "kadmin/changepw") == 0)
+ in_tkt_service = "kadmin/changepw@";
+
/* this is ugly, because so are the data structures involved. I'm
in the library, so I'm going to manipulate the data structures
directly, otherwise, it will be worse. */
More information about the cvs-krb5
mailing list