diff options
Diffstat (limited to 'source4/heimdal/kdc/krb5tgs.c')
-rw-r--r-- | source4/heimdal/kdc/krb5tgs.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c index ca589e87fa0..1d0d1ddc3fa 100644 --- a/source4/heimdal/kdc/krb5tgs.c +++ b/source4/heimdal/kdc/krb5tgs.c @@ -1616,6 +1616,32 @@ server_lookup: if(ret == HDB_ERR_NOT_FOUND_HERE) { kdc_log(context, config, 5, "target %s does not have secrets at this KDC, need to proxy", sp); goto out; + } else if (ret == HDB_ERR_WRONG_REALM) { + if (ref_realm) + free(ref_realm); + ref_realm = strdup(server->entry.principal->realm); + if (ref_realm == NULL) { + ret = ENOMEM; + goto out; + } + + kdc_log(context, config, 5, + "Returning a referral to realm %s for " + "server %s.", + ref_realm, spn); + krb5_free_principal(context, sp); + sp = NULL; + free(spn); + spn = NULL; + ret = krb5_make_principal(context, &sp, r, KRB5_TGS_NAME, + ref_realm, NULL); + if (ret) + goto out; + ret = krb5_unparse_name(context, sp, &spn); + if (ret) + goto out; + + goto server_lookup; } else if(ret){ const char *new_rlm, *msg; Realm req_rlm; |