TODO CHECK heimdal: Fix loss of information in _gsskrb5_canon_name() from call to...

author Andrew Bartlett <abartlet@samba.org>

Tue, 26 Sep 2017 03:34:38 +0000 (16:34 +1300)

committer Stefan Metzmacher <metze@samba.org>

Fri, 7 Aug 2020 11:08:43 +0000 (13:08 +0200)
author Andrew Bartlett <abartlet@samba.org>
Tue, 26 Sep 2017 03:34:38 +0000 (16:34 +1300)
committer Stefan Metzmacher <metze@samba.org>
Fri, 7 Aug 2020 11:08:43 +0000 (13:08 +0200)
diff --git a/source4/heimdal/lib/gssapi/krb5/import_name.c b/source4/heimdal/lib/gssapi/krb5/import_name.c

index 6a362640b6fef1601eee7f640b3cf53d65057219..32f576a91646414395ae711eef49576a03e4225e 100644 (file)
--- a/source4/heimdal/lib/gssapi/krb5/import_name.c
+++ b/source4/heimdal/lib/gssapi/krb5/import_name.c
@@ -110,6 +110,21 @@ _gsskrb5_canon_name(OM_uint32 *minor_status, krb5_context context,
                                       service,
                                       KRB5_NT_SRV_HST,
                                       out);
+       if (ret == 0) {
+           const char *in_realm = krb5_principal_get_realm(context,
+                                                           p);
+           const char *out_realm = krb5_principal_get_realm(context,
+                                                            *out);
+
+           /* 
+            * Avoid loss of information, check for the "referral
+            * realm" and set back what was specified.
+            */
+           if (out_realm != NULL && out_realm[0] == '\0') {
+               ret = krb5_principal_set_realm(context, *out, in_realm);
+           }
+       }
+               
      } else {
         ret = krb5_copy_principal(context, p, out);
      }
author	Andrew Bartlett <abartlet@samba.org>
	Tue, 26 Sep 2017 03:34:38 +0000 (16:34 +1300)
committer	Stefan Metzmacher <metze@samba.org>
	Fri, 7 Aug 2020 11:08:43 +0000 (13:08 +0200)