Make password change work without default realm

This fix is not very general or clean, but is suitable for backporting
because it is minimally invasive.  A more comprehensive fix will
follow.

ticket: 7127
target_version: 1.10.2
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25860 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index 4c634f0dc9a5f1c281c741966087bae1df32db6a..b552d126dbe363a9458f7da5950a49367e8a6317 100644 (file)
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -446,6 +446,11 @@ build_in_tkt_name(krb5_context context,
     *server = NULL;
 
     if (in_tkt_service) {
+        /* Minimally invasive fix for inability to change password with no
+         * default realm, for backporting. */
+        if (strcmp(in_tkt_service, "kadmin/changepw") == 0)
+            in_tkt_service = "kadmin/changepw@";
+
         /* this is ugly, because so are the data structures involved.  I'm
            in the library, so I'm going to manipulate the data structures
            directly, otherwise, it will be worse. */