svn rev #24439: branches/krb5-1-8/src/lib/krb5/krb/
tlyu@MIT.EDU
tlyu at MIT.EDU
Thu Oct 7 13:22:56 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24439
Commit By: tlyu
Log Message:
ticket: 6798
version_fixed: 1.8.4
pull up r24438 from trunk
------------------------------------------------------------------------
r24438 | tlyu | 2010-10-06 19:57:37 -0400 (Wed, 06 Oct 2010) | 11 lines
ticket: 6798
subject: set NT-SRV-INST on TGS principal names
tags: pullup
target_version: 1.8.4
Set NT-SRV-INST on TGS principal names in
get_in_tkt.c:build_in_tkt_name because Windows Server 2008 R2 RODC
insists on it.
Thanks to Bill Fellows for reporting this problem.
Changed Files:
U branches/krb5-1-8/src/lib/krb5/krb/get_in_tkt.c
Modified: branches/krb5-1-8/src/lib/krb5/krb/get_in_tkt.c
===================================================================
--- branches/krb5-1-8/src/lib/krb5/krb/get_in_tkt.c 2010-10-06 23:57:37 UTC (rev 24438)
+++ branches/krb5-1-8/src/lib/krb5/krb/get_in_tkt.c 2010-10-07 17:22:55 UTC (rev 24439)
@@ -1023,8 +1023,19 @@
client->realm.length,
client->realm.data,
0);
+ if (ret)
+ return ret;
}
- return ret;
+ /*
+ * Windows Server 2008 R2 RODC insists on TGS principal names having the
+ * right name type.
+ */
+ if (krb5_princ_size(context, *server) == 2 &&
+ data_eq_string(*krb5_princ_component(context, *server, 0),
+ KRB5_TGS_NAME)) {
+ krb5_princ_type(context, *server) = KRB5_NT_SRV_INST;
+ }
+ return 0;
}
void KRB5_CALLCONV
More information about the cvs-krb5
mailing list