BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
c->preauth_use_strongest_session_key = FALSE;
c->svc_use_strongest_session_key = FALSE;
c->use_strongest_server_key = TRUE;
+ c->autodetect_referrals = TRUE;
c->check_ticket_addresses = TRUE;
c->allow_null_ticket_addresses = TRUE;
c->allow_anonymous = FALSE;
krb5_boolean strict_nametypes;
enum krb5_kdc_trpolicy trpolicy;
+ krb5_boolean autodetect_referrals;
+
krb5_boolean enable_pkinit;
krb5_boolean pkinit_princ_in_cert;
const char *pkinit_kdc_identity;
Realm req_rlm;
krb5_realm *realms;
- if ((req_rlm = get_krbtgt_realm(&sp->name)) != NULL) {
+ if (!config->autodetect_referrals) {
+ /* noop */
+ } else if ((req_rlm = get_krbtgt_realm(&sp->name)) != NULL) {
if (capath == NULL) {
/* With referalls, hierarchical capaths are always enabled */
ret2 = _krb5_find_capath(context, tgt->crealm, our_realm,