From 2730e12b6a3249723b468ff3832140731efc2bdc Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Sun, 19 Dec 2021 21:01:14 +1100 Subject: [PATCH] hdb: SQLite HDB can handle enterprise principals add HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL to the capability flags for the SQLite backend, as it uses the common _hdb_fetch_kvno() helper which supports enterprise principals. Failure to set this flag resulted in hdb_fetch_kvno() incorrectly returning HDB_ERR_WRONG_REALM when enterprise principals were being used, as the enterprise name translation was instead done by _kdc_db_fetch(), thereby squashing the enterprise name type (which otherwise would have set the force_canonicalize option). --- lib/hdb/hdb-sqlite.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/hdb/hdb-sqlite.c b/lib/hdb/hdb-sqlite.c index beff06d4a..3cab91789 100644 --- a/lib/hdb/hdb-sqlite.c +++ b/lib/hdb/hdb-sqlite.c @@ -1049,7 +1049,7 @@ hdb_sqlite_create(krb5_context context, HDB **db, const char *filename) (*db)->hdb_master_key_set = 0; (*db)->hdb_openp = 0; - (*db)->hdb_capability_flags = 0; + (*db)->hdb_capability_flags = HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL; (*db)->hdb_open = hdb_sqlite_open; (*db)->hdb_close = hdb_sqlite_close;