From fb3910cc5a758a49474898a6695f0e097034ecbb Mon Sep 17 00:00:00 2001
From: Johan Danielsson <joda@pdc.kth.se>
Date: Tue, 21 Oct 2003 16:56:32 +0000
Subject: [PATCH] (fix_transited_encoding): always print cross-realm
 information

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13045 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/kerberos5.c | 38 +++++++++++++++++++++-----------------
 1 file changed, 21 insertions(+), 17 deletions(-)

diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index 8f65310e0..d9ba0d5f3 100644
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -1252,29 +1252,33 @@ fix_transited_encoding(krb5_boolean check_policy,
 	}
 	num_realms++;
     }
+    if(num_realms == 0) {
+	if(strcmp(client_realm, server_realm)) 
+	    kdc_log(0, "cross-realm %s -> %s", client_realm, server_realm);
+    } else {
+	size_t l = 0;
+	char *rs;
+	for(i = 0; i < num_realms; i++)
+	    l += strlen(realms[i]) + 2;
+	rs = malloc(l);
+	if(rs != NULL) {
+	    *rs = '\0';
+	    for(i = 0; i < num_realms; i++) {
+		if(i > 0)
+		    strlcat(rs, ", ", l);
+		strlcat(rs, realms[i], l);
+	    }
+	    kdc_log(0, "cross-realm %s -> %s via [%s]", client_realm, server_realm, rs);
+	    free(rs);
+	}
+    }
     if(check_policy) {
 	ret = krb5_check_transited(context, client_realm, 
 				   server_realm, 
 				   realms, num_realms, NULL);
 	if(ret) {
-	    size_t l = 0;
-	    char *rs;
-	    krb5_warn(context, ret, "cross-realm from %s to %s", 
+	    krb5_warn(context, ret, "cross-realm %s -> %s", 
 		      client_realm, server_realm);
-	    for(i = 0; i < num_realms; i++)
-		l += strlen(realms[i]) + 2;
-	    rs = malloc(l);
-	    if(rs != NULL) {
-		*rs = '\0';
-		for(i = 0; i < num_realms; i++) {
-		    if(i > 0)
-			strlcat(rs, ", ", l);
-		    strlcat(rs, realms[i], l);
-		}
-		krb5_warnx(context, "transited realms: %s", rs);
-		free(rs);
-	    }
-	    
 	    goto free_realms;
 	}
 	et->flags.transited_policy_checked = 1;