svn commit: lorikeet r666 - in trunk/heimdal/lib/krb5: .
metze at samba.org
metze at samba.org
Sat Nov 11 13:58:41 GMT 2006
Author: metze
Date: 2006-11-11 13:58:40 +0000 (Sat, 11 Nov 2006)
New Revision: 666
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=666
Log:
add hack to allow kinit to use the netbios domain name as
krb5 realm, windows supports this, but always replies with
the dns based realm.
So it's expected that the realm doesn't match.
We should maybe check if the principal match without the realm...
Comments are welcome!
metze
Modified:
trunk/heimdal/lib/krb5/get_in_tkt.c
Changeset:
Modified: trunk/heimdal/lib/krb5/get_in_tkt.c
===================================================================
--- trunk/heimdal/lib/krb5/get_in_tkt.c 2006-11-11 13:55:14 UTC (rev 665)
+++ trunk/heimdal/lib/krb5/get_in_tkt.c 2006-11-11 13:58:40 UTC (rev 666)
@@ -137,6 +137,15 @@
time_t tmp_time;
krb5_timestamp sec_now;
+/*
+ * HACK:
+ * this is really a ugly hack, to support using the Netbios Domain Name
+ * as realm against windows KDC's, they always return the full realm
+ * based on the DNS Name.
+ */
+allow_server_mismatch = 1;
+ignore_cname = 1;
+
ret = _krb5_principalname2krb5_principal (context,
&tmp_principal,
rep->kdc_rep.cname,
More information about the samba-cvs
mailing list