Overview

File bug-777474-fix-cross-realm-traversal-TGT-requests.dif of Package krb5.1610

commit 5c94d680e4e9cbffa763ad69b112385492fd4ebf
Author: Greg Hudson <ghudson@mit.edu>
Date:   Thu Sep 1 16:21:25 2011 +0000

    Fix cross-realm traversal TGT requests
    
    When requesting a cross-realm TGT, use the KDC instance of the current
    TGT (the second data component), not the realm which the TGT came
    from.
    
    ticket: 6952
    target_version: 1.9.2
    tags: pullup
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25121 dc483132-0cff-0310-8789-dd5450dbe970

Index: krb5-1.9.1/src/lib/krb5/krb/get_creds.c
===================================================================
--- krb5-1.9.1.orig/src/lib/krb5/krb/get_creds.c
+++ krb5-1.9.1/src/lib/krb5/krb/get_creds.c
@@ -296,7 +296,7 @@ make_request_for_tgt(krb5_context contex
     /* Construct the principal krbtgt/<realm>@<cur-tgt-realm>. */
     krb5_free_principal(context, ctx->tgt_princ);
     ctx->tgt_princ = NULL;
-    code = krb5int_tgtname(context, realm, &ctx->cur_tgt->server->realm,
+    code = krb5int_tgtname(context, realm, &ctx->cur_tgt->server->data[1],
                            &ctx->tgt_princ);
     if (code != 0)
         return code;
openSUSE Build Service is sponsored by
Places