svn rev #23505: branches/anonymous/src/lib/krb5/krb/
hartmans@MIT.EDU
hartmans at MIT.EDU
Wed Dec 23 16:10:33 EST 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=23505
Commit By: hartmans
Log Message:
Permit the realm to be canonicalized from any realm to the anonymous
realm when anonymous is requested even when the principal is not a TGS
principal.
Changed Files:
U branches/anonymous/src/lib/krb5/krb/get_in_tkt.c
Modified: branches/anonymous/src/lib/krb5/krb/get_in_tkt.c
===================================================================
--- branches/anonymous/src/lib/krb5/krb/get_in_tkt.c 2009-12-23 21:10:30 UTC (rev 23504)
+++ branches/anonymous/src/lib/krb5/krb/get_in_tkt.c 2009-12-23 21:10:33 UTC (rev 23505)
@@ -310,6 +310,9 @@
if (canon_req) {
canon_ok = IS_TGS_PRINC(context, request->server) &&
IS_TGS_PRINC(context, as_reply->enc_part2->server);
+ if ((!canon_ok ) && (request->kdc_options &KDC_OPT_REQUEST_ANONYMOUS))
+ canon_ok = krb5_principal_compare(context, as_reply->client,
+ krb5_anonymous_principal());
} else
canon_ok = 0;
More information about the cvs-krb5
mailing list