diff options
| author | Stefan Metzmacher <metze@samba.org> | 2011-07-25 18:51:53 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2011-07-26 02:16:08 +0200 |
| commit | 5a8635bca1b6d60a5b81c602eb4f0b7fd8902d7b (patch) | |
| tree | a9a73cdf05ce487a174c9ef7ab334007348e7248 /source4/heimdal/kdc/krb5tgs.c | |
| parent | f1a59f9d6f45987acd0304ee58e4488333faad18 (diff) | |
| download | samba-5a8635bca1b6d60a5b81c602eb4f0b7fd8902d7b.tar.gz | |
s4:heimdal: import lorikeet-heimdal-201107241840 (commit 0fdf11fa3cdb47df9f5393ebf36d9f5742243036)
Diffstat (limited to 'source4/heimdal/kdc/krb5tgs.c')
| -rw-r--r-- | source4/heimdal/kdc/krb5tgs.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c index 92cce5759f4..6aad65d4087 100644 --- a/source4/heimdal/kdc/krb5tgs.c +++ b/source4/heimdal/kdc/krb5tgs.c @@ -1216,7 +1216,7 @@ tgs_parse_request(krb5_context context, } if(ap_req.ticket.enc_part.kvno && - (unsigned int)*ap_req.ticket.enc_part.kvno != (*krbtgt)->entry.kvno){ + *ap_req.ticket.enc_part.kvno != (*krbtgt)->entry.kvno){ char *p; ret = krb5_unparse_name (context, princ, &p); @@ -1508,6 +1508,7 @@ tgs_build_reply(krb5_context context, Key *tkey_check; Key *tkey_sign; + int flags = HDB_F_FOR_TGS_REQ; memset(&sessionkey, 0, sizeof(sessionkey)); memset(&adtkt, 0, sizeof(adtkt)); @@ -1517,6 +1518,9 @@ tgs_build_reply(krb5_context context, s = b->sname; r = b->realm; + if (b->kdc_options.canonicalize) + flags |= HDB_F_CANON; + if(b->kdc_options.enc_tkt_in_skey){ Ticket *t; hdb_entry_ex *uu; @@ -1591,7 +1595,7 @@ tgs_build_reply(krb5_context context, */ server_lookup: - ret = _kdc_db_fetch(context, config, sp, HDB_F_GET_SERVER | HDB_F_CANON, + ret = _kdc_db_fetch(context, config, sp, HDB_F_GET_SERVER | flags, NULL, NULL, &server); if(ret == HDB_ERR_NOT_FOUND_HERE) { @@ -1777,7 +1781,7 @@ server_lookup: goto out; } - ret = _kdc_db_fetch(context, config, cp, HDB_F_GET_CLIENT | HDB_F_CANON, + ret = _kdc_db_fetch(context, config, cp, HDB_F_GET_CLIENT | flags, NULL, &clientdb, &client); if(ret == HDB_ERR_NOT_FOUND_HERE) { /* This is OK, we are just trying to find out if they have @@ -1912,7 +1916,7 @@ server_lookup: if(rspac.data) { krb5_pac p = NULL; krb5_data_free(&rspac); - ret = _kdc_db_fetch(context, config, tp, HDB_F_GET_CLIENT | HDB_F_CANON, + ret = _kdc_db_fetch(context, config, tp, HDB_F_GET_CLIENT | flags, NULL, &s4u2self_impersonated_clientdb, &s4u2self_impersonated_client); if (ret) { const char *msg; |