krb5 commit [krb5-1.10]: Make password change work without default realm
Tom Yu
tlyu at MIT.EDU
Tue May 15 18:27:14 EDT 2012
https://github.com/krb5/krb5/commit/3d4f8431d5d34e0ffaaeee0bfe55c552de3ebdfe
commit 3d4f8431d5d34e0ffaaeee0bfe55c552de3ebdfe
Author: Greg Hudson <ghudson at mit.edu>
Date: Thu May 10 17:34:01 2012 +0000
Make password change work without default realm
This fix is not very general or clean, but is suitable for backporting
because it is minimally invasive. A more comprehensive fix will
follow.
(cherry picked from commit b9ff95a51ef11742abc9687a70b6d8324eda6803)
ticket: 7127
version_fixed: 1.10.2
status: resolved
src/lib/krb5/krb/get_in_tkt.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index 2dd3947..11782ad 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -465,6 +465,11 @@ build_in_tkt_name(krb5_context context,
*server = NULL;
if (in_tkt_service) {
+ /* Minimally invasive fix for inability to change password with no
+ * default realm, for backporting. */
+ if (strcmp(in_tkt_service, "kadmin/changepw") == 0)
+ in_tkt_service = "kadmin/changepw@";
+
/* this is ugly, because so are the data structures involved. I'm
in the library, so I'm going to manipulate the data structures
directly, otherwise, it will be worse. */
More information about the cvs-krb5
mailing list