Supply canonical name if present in LDAP iteration
authorGreg Hudson <ghudson@mit.edu>
Thu, 3 Sep 2009 20:41:56 +0000 (20:41 +0000)
committerGreg Hudson <ghudson@mit.edu>
Thu, 3 Sep 2009 20:41:56 +0000 (20:41 +0000)
commit2a7f20f7b92263cb3c67580c4bf40f7bf3deeb5b
treebe12804a2ada76cb47142b8dba662d9366d9f253
parent65cc35ec82d56b8cd89751ddc5f68751271b985c
Supply canonical name if present in LDAP iteration

In the presence of aliases, LDAP iteration was supplying the first
principal it found within the expected realm, which is not necessarily
the same as the canonical name.  If the entry has a canonical name
field, use that in preference to any of the principal names.

ticket: 6557
target_version: 1.7.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22710 dc483132-0cff-0310-8789-dd5450dbe970
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c