(krb5_fwd_tgt_creds): make it behave the same way as the MIT function
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10373 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
@@ -79,7 +79,10 @@ fail:
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
* Forward credentials for `client' to host `hostname`,
|
||||
* making them forwardable if `forwardable', and returning the
|
||||
* blob of data to sent in `out_data'.
|
||||
* If hostname == NULL, pick it from `server'
|
||||
*/
|
||||
|
||||
krb5_error_code
|
||||
@@ -95,16 +98,39 @@ krb5_fwd_tgt_creds (krb5_context context,
|
||||
krb5_flags flags = 0;
|
||||
krb5_creds creds;
|
||||
krb5_error_code ret;
|
||||
krb5_const_realm client_realm;
|
||||
|
||||
flags |= KDC_OPT_FORWARDED;
|
||||
|
||||
if (forwardable)
|
||||
flags |= KDC_OPT_FORWARDABLE;
|
||||
|
||||
if (hostname == NULL &&
|
||||
krb5_principal_get_type(context, server) == KRB5_NT_SRV_HST) {
|
||||
const char *inst = krb5_principal_get_comp_string(context, server, 0);
|
||||
const char *host = krb5_principal_get_comp_string(context, server, 1);
|
||||
|
||||
if (inst != NULL &&
|
||||
strcmp(inst, "host") == 0 &&
|
||||
host != NULL &&
|
||||
krb5_principal_get_comp_string(context, server, 2) == NULL)
|
||||
hostname = host;
|
||||
}
|
||||
|
||||
client_realm = krb5_principal_get_realm(context, client);
|
||||
|
||||
memset (&creds, 0, sizeof(creds));
|
||||
creds.client = client;
|
||||
creds.server = server;
|
||||
|
||||
ret = krb5_build_principal(context,
|
||||
&creds.server,
|
||||
strlen(client_realm),
|
||||
client_realm,
|
||||
KRB5_TGS_NAME,
|
||||
client_realm,
|
||||
NULL);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
ret = krb5_get_forwarded_creds (context,
|
||||
auth_context,
|
||||
|
Reference in New Issue
Block a user