krb5 commit [krb5-1.8]: Make password change work without default realm
Tom Yu
tlyu at MIT.EDU
Fri Jun 15 14:43:59 EDT 2012
https://github.com/krb5/krb5/commit/3d752d99bb571c2dba7416d22c96a48e0c0f8802
commit 3d752d99bb571c2dba7416d22c96a48e0c0f8802
Author: Greg Hudson <ghudson at mit.edu>
Date: Thu May 10 17:34:01 2012 +0000
Make password change work without default realm
This fix is not very general or clean, but is suitable for backporting
because it is minimally invasive. A more comprehensive fix will
follow.
(cherry picked from commit b9ff95a51ef11742abc9687a70b6d8324eda6803)
ticket: 7177 (new)
version_fixed: 1.8.7
status: resolved
src/lib/krb5/krb/get_in_tkt.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index 9c97998..1709839 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -992,6 +992,11 @@ build_in_tkt_name(krb5_context context,
*server = NULL;
if (in_tkt_service) {
+ /* Minimally invasive fix for inability to change password with no
+ * default realm, for backporting. */
+ if (strcmp(in_tkt_service, "kadmin/changepw") == 0)
+ in_tkt_service = "kadmin/changepw@";
+
/* this is ugly, because so are the data structures involved. I'm
in the library, so I'm going to manipulate the data structures
directly, otherwise, it will be worse. */
More information about the cvs-krb5
mailing list