git.samba.org / amitay / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6ed18c1) | patch
s3:libads/kerberos: always use the canonicalized principal after kinit
authorStefan Metzmacher <metze@samba.org>
Fri, 13 Sep 2019 14:04:30 +0000 (16:04 +0200)
committerGünther Deschner <gd@samba.org>
Tue, 24 Sep 2019 18:30:37 +0000 (18:30 +0000)
commit0bced73bed481a8846a6b3e68be85941914390ba
treebcb709df63fab0228ee8e73f2c65d4f9127d05aftree
parent6ed18c12c57efb2a010e0ce5196c51b48e57a4b9commit | diff
s3:libads/kerberos: always use the canonicalized principal after kinit

We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.

There's no reason to have a different logic between MIT and Heimdal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
source3/libads/kerberos.c diff | blob | history
Amitay's Samba development tree