heimdal: Really bug in KDC handling of enterprise princs

The value of this commit to Samba is to continue to match Heimdal's
upstream code in this area.  Because we set HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL
there is no runtime difference.

(commit message by Andrew Bartlett)

Cherry-pick of Heimdal commit 9aa7883ff2efb3e0a60016c9090c577acfd0779f

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/heimdal/kdc/misc.c b/source4/heimdal/kdc/misc.c
index 749c67cd07a06f791016fec63d1cf836e1e68d92..869c6766d04831ad358dacc3e7d1a62271b91a81 100644 (file)
--- a/source4/heimdal/kdc/misc.c
+++ b/source4/heimdal/kdc/misc.c
@@ -86,9 +86,8 @@ _kdc_db_fetch(krb5_context context,
            continue;
        }
 
-        if (config->db[i]->hdb_capability_flags & HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL)
-            princ = principal;
-        else if (enterprise_principal)
+        princ = principal;
+        if (!(config->db[i]->hdb_capability_flags & HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL) && enterprise_principal)
             princ = enterprise_principal;
 
        ret = config->db[i]->hdb_fetch_kvno(context,