bx509: Let simple authorizer use the app name

2020-08-19 20:00:58 -05:00
parent 4f0249cd94
commit cb6c57dc36
2 changed files with 2 additions and 2 deletions
--- a/kdc/bx509d.c
+++ b/kdc/bx509d.c
@@ -698,7 +698,7 @@ authorize_CSR(struct bx509_request_desc *r,
        return bad_req(r, ret, MHD_HTTP_SERVICE_UNAVAILABLE,
                       "Could not handle query parameters");
-    ret = kdc_authorize_csr(r->context, "bx509d", r->req, p);
+    ret = kdc_authorize_csr(r->context, "bx509", r->req, p);
    if (ret)
        return bad_403(r, ret, "Not authorized to requested certificate");
    return ret;
--- a/kdc/simple_csr_authorizer.c
+++ b/kdc/simple_csr_authorizer.c
@@ -173,7 +173,7 @@ authorize(void *ctx,
    char *princ = NULL;
    char *s = NULL;
-    if ((d = krb5_config_get_string(context, NULL, "kdc",
+    if ((d = krb5_config_get_string(context, NULL, app ? app : "kdc",
                                    "simple_csr_authorizer_directory",
                                    NULL)) == NULL)
        return KRB5_PLUGIN_NO_HANDLE;