gsskrb5: Make krb5 mech use referrals

Modify the gss krb5 mech to always use referrals unless the
KRB5_NCRO_NO_REFERRALS flag is set.

Change-Id: I7efd873ac922a43adafa2c492703b576847a885f

lib/gssapi/krb5/import_name.c

@@ -83,8 +83,8 @@ import_krb5_name (OM_uint32 *minor_status,
 
 OM_uint32
 _gsskrb5_canon_name(OM_uint32 *minor_status, krb5_context context,
-		    int use_dns, krb5_const_principal sourcename,
-                    gss_const_name_t targetname, krb5_principal *out)
+		    krb5_const_principal sourcename,
+		    gss_const_name_t targetname, krb5_principal *out)
 {
     krb5_const_principal p = (krb5_const_principal)targetname;
     krb5_error_code ret;
@@ -93,15 +93,9 @@ _gsskrb5_canon_name(OM_uint32 *minor_status, krb5_context context,
     *minor_status = 0;
 
     /* If its not a hostname */
-    if (krb5_principal_get_type(context, p) != MAGIC_HOSTBASED_NAME_TYPE) {
+    if (krb5_principal_get_type(context, p) != KRB5_NT_SRV_HST &&
+	krb5_principal_get_type(context, p) != KRB5_NT_SRV_HST_NEEDS_CANON) {
 	ret = krb5_copy_principal(context, p, out);
-    } else if (!use_dns) {
-	ret = krb5_copy_principal(context, p, out);
-	if (ret)
-	    goto out;
-	krb5_principal_set_type(context, *out, KRB5_NT_SRV_HST);
-	if (sourcename)
-	    ret = krb5_principal_set_realm(context, *out, sourcename->realm);
     } else {
 	if (p->name.name_string.len == 0)
 	    return GSS_S_BAD_NAME;
@@ -117,7 +111,6 @@ _gsskrb5_canon_name(OM_uint32 *minor_status, krb5_context context,
 				      out);
     }
 
- out:
     if (ret) {
 	*minor_status = ret;
 	return GSS_S_FAILURE;
@@ -161,7 +154,7 @@ import_hostbased_name (OM_uint32 *minor_status,
     else if (kerr)
 	return GSS_S_FAILURE;
 
-    krb5_principal_set_type(context, princ, MAGIC_HOSTBASED_NAME_TYPE);
+    krb5_principal_set_type(context, princ, KRB5_NT_SRV_HST_NEEDS_CANON);
     *output_name = (gss_name_t)princ;
 
     return 0;