oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Also check KDCOptions->canonicalize when looking for referrals requests.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22713 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-03-24 12:05:45 +00:00
parent 098a497638
commit 50901132f0
1 changed files with 17 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
kdc/krb5tgs.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997-2007 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2008 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -1000,8 +1000,11 @@ find_rpath(krb5_context context, Realm crealm, Realm srealm)
static krb5_boolean static krb5_boolean
need_referral(krb5_context context, krb5_kdc_configuration *config, need_referral(krb5_context context, krb5_kdc_configuration *config,
krb5_principal server, krb5_realm **realms) const KDCOptions * const options, krb5_principal server,
krb5_realm **realms)
{ {
const char *name;
kdc_log(context, config, 0, kdc_log(context, config, 0,
"need referral ? %d %s/%s@%s", "need referral ? %d %s/%s@%s",
server->name.name_type, server->name.name_type,
@@ -1009,12 +1012,19 @@ need_referral(krb5_context context, krb5_kdc_configuration *config,
server->name.name_string.len > 1 ? server->name.name_string.val[1] : "", server->name.name_string.len > 1 ? server->name.name_string.val[1] : "",
server->realm); server->realm);
if(server->name.name_type != KRB5_NT_SRV_INST || if(options->canonicalize || server->name.name_type != KRB5_NT_SRV_INST)
server->name.name_string.len != 2) return FALSE;
if (server->name.name_string.len == 1)
name = server->name.name_string.val[0];
if (server->name.name_string.len == 2)
name = server->name.name_string.val[1];
else
return FALSE; return FALSE;
return _krb5_get_host_realm_int(context, server->name.name_string.val[1], kdc_log(context, config, 0, "searching referral for %s", name);
FALSE, realms) == 0;
return _krb5_get_host_realm_int(context, name, FALSE, realms) == 0;
} }
static krb5_error_code static krb5_error_code
@@ -1472,7 +1482,7 @@ server_lookup:
goto server_lookup; goto server_lookup;
} }
} }
} else if(need_referral(context, config, sp, &realms)) { } else if(need_referral(context, config, &b->kdc_options, sp, &realms)) {
if (strcmp(realms[0], sp->realm) != 0) { if (strcmp(realms[0], sp->realm) != 0) {
kdc_log(context, config, 5, kdc_log(context, config, 5,
"Returning a referral to realm %s for " "Returning a referral to realm %s for "