svn rev #21716: trunk/src/lib/krb5/krb/
hartmans@MIT.EDU
hartmans at MIT.EDU
Tue Jan 6 18:45:24 EST 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=21716
Commit By: hartmans
Log Message:
ticket: 5954
Add support for referral null realms and use the default realm as krb5_rd_req_extended does
Changed Files:
U trunk/src/lib/krb5/krb/vfy_increds.c
Modified: trunk/src/lib/krb5/krb/vfy_increds.c
===================================================================
--- trunk/src/lib/krb5/krb/vfy_increds.c 2009-01-06 23:45:17 UTC (rev 21715)
+++ trunk/src/lib/krb5/krb/vfy_increds.c 2009-01-06 23:45:23 UTC (rev 21716)
@@ -76,7 +76,9 @@
ap_req.data = NULL;
if (server_arg) {
- server = server_arg;
+ ret = krb5_copy_principal(context, server_arg, &server);
+ if (ret)
+ goto cleanup;
} else {
if ((ret = krb5_sname_to_principal(context, NULL, NULL,
KRB5_NT_SRV_HST, &server)))
@@ -94,6 +96,12 @@
if ((ret = krb5_kt_default(context, &keytab)))
goto cleanup;
}
+ if (krb5_is_referral_realm(&server->realm)) {
+ krb5_free_data_contents(context, &server->realm);
+ ret = krb5_get_default_realm(context, &server->realm.data);
+ if (ret) goto cleanup;
+ server->realm.length = strlen(server->realm.data);
+ }
if ((ret = krb5_kt_get_entry(context, keytab, server, 0, 0, &kte))) {
/* this means there is no keying material. This is ok, as long as
@@ -207,7 +215,7 @@
accordingly. either that, or it's zero, which is fine, too */
cleanup:
- if (!server_arg && server)
+ if ( server)
krb5_free_principal(context, server);
if (!keytab_arg && keytab)
krb5_kt_close(context, keytab);
More information about the cvs-krb5
mailing list