oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(encode_524_response): check the enable_v4_cross_realm flag before

Browse Source 
giving out v4 tickets for foreign v5 principals


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11806 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
2003-03-17 05:35:47 +00:00
parent 4482a36786
commit f643967982
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
kdc/524.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997-2002 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2003 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -234,6 +234,12 @@ encode_524_response(const char *spn, const EncTicketPart et, const Ticket *t,
unsigned char buf[MAX_KTXT_LEN + 4 * 4]; unsigned char buf[MAX_KTXT_LEN + 4 * 4];
Key *skey; Key *skey;
if (!enable_v4_cross_realm && strcmp (et.crealm, t->realm) != 0) {
kdc_log(0, "524 cross-realm %s -> %s disabled", et.crealm,
t->realm);
return KRB5KDC_ERR_POLICY;
}
ret = encode_v4_ticket(buf + sizeof(buf) - 1, sizeof(buf), ret = encode_v4_ticket(buf + sizeof(buf) - 1, sizeof(buf),
&et, &t->sname, &len); &et, &t->sname, &len);
if(ret){ if(ret){