krb5_db_get_principal. Also if SAM is not an option, do
not return as a possible type to client. [krb5-kdc/310]
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9712
dc483132-0cff-0310-8789-
dd5450dbe970
+Wed Jan 1 22:56:16 1997 Ezra Peisach <epeisach@mit.edu>
+
+ * kdc_preauth.c (get_sam_edata): Use proper interface to
+ krb5_db_get_principal. Also if SAM is not an option, do
+ not return as a possible type to client. [krb5-kdc/310]
+
Sat Nov 23 17:26:22 1996 Mark Eichin <eichin@kitten.gen.ma.us>
* [krb5-libs/149] only generate requests that you can actually
{
char *uname;
- int npr = 1, more;
+ int npr = 1;
+ krb5_boolean more;
krb5_db_entry assoc;
krb5_key_data *assoc_key;
krb5_principal newp;
strlen(sam_ptr->name);
npr = 1;
retval = krb5_db_get_principal(kdc_context, newp, &assoc, &npr, &more);
- if(!retval) {
+ if(!retval && npr) {
sc.sam_type = sam_ptr->sam_type;
break;
}
}
/* now we can use encrypting_key... */
}
+ } else {
+ /* SAM is not an option - so don't return as hint */
+ retval = KRB5_PREAUTH_BAD_TYPE;
+ goto cleanup;
}
krb5_princ_component(kdc_context,newp,probeslot)->data = 0;
projects / krb5.git / commitdiff