kdc: Make use of krb5_principalname_is_krbtgt()

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>

diff --git a/kdc/krb5tgs.c b/kdc/krb5tgs.c
index 6ba3efccc4a51319ffe84e0aed45d31864e16268..b73340f7f37fde5730894d8de1eefb9887a8bcf2 100644 (file)
--- a/kdc/krb5tgs.c
+++ b/kdc/krb5tgs.c
@@ -962,7 +962,7 @@ tgs_parse_request(astgs_request_t r,
        goto out;
     }
 
-    if(!get_krbtgt_realm(&ap_req.ticket.sname)){
+    if(!krb5_principalname_is_krbtgt(r->context, &ap_req.ticket.sname)){
        /* XXX check for ticket.sname == req.sname */
        kdc_log(r->context, config, 4, "PA-DATA is not a ticket-granting ticket");
        ret = KRB5KDC_ERR_POLICY; /* ? */
@@ -1631,7 +1631,7 @@ server_lookup:
                goto out;
            }
            t = &b->additional_tickets->val[0];
-           if(!get_krbtgt_realm(&t->sname)){
+           if(!krb5_principalname_is_krbtgt(context, &t->sname)){
                kdc_log(context, config, 4,
                        "Additional ticket is not a ticket-granting ticket");
                kdc_audit_addreason((kdc_request_t)priv,