summaryrefslogtreecommitdiff
path: root/source4/heimdal/kdc/krb5tgs.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/heimdal/kdc/krb5tgs.c')
-rw-r--r--source4/heimdal/kdc/krb5tgs.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c
index ca589e87fa0..1d0d1ddc3fa 100644
--- a/source4/heimdal/kdc/krb5tgs.c
+++ b/source4/heimdal/kdc/krb5tgs.c
@@ -1616,6 +1616,32 @@ server_lookup:
if(ret == HDB_ERR_NOT_FOUND_HERE) {
kdc_log(context, config, 5, "target %s does not have secrets at this KDC, need to proxy", sp);
goto out;
+ } else if (ret == HDB_ERR_WRONG_REALM) {
+ if (ref_realm)
+ free(ref_realm);
+ ref_realm = strdup(server->entry.principal->realm);
+ if (ref_realm == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+
+ kdc_log(context, config, 5,
+ "Returning a referral to realm %s for "
+ "server %s.",
+ ref_realm, spn);
+ krb5_free_principal(context, sp);
+ sp = NULL;
+ free(spn);
+ spn = NULL;
+ ret = krb5_make_principal(context, &sp, r, KRB5_TGS_NAME,
+ ref_realm, NULL);
+ if (ret)
+ goto out;
+ ret = krb5_unparse_name(context, sp, &spn);
+ if (ret)
+ goto out;
+
+ goto server_lookup;
} else if(ret){
const char *new_rlm, *msg;
Realm req_rlm;
View Lorry Controller Status