lorikeet-heimdal: Netbios Domain as Realm HACK...

author Stefan Metzmacher <metze@samba.org>

Fri, 22 Aug 2008 09:45:26 +0000 (11:45 +0200)

committer Andrew Bartlett <abartlet@samba.org>

Sat, 2 Oct 2010 02:15:47 +0000 (12:15 +1000)
author Stefan Metzmacher <metze@samba.org>
Fri, 22 Aug 2008 09:45:26 +0000 (11:45 +0200)
committer Andrew Bartlett <abartlet@samba.org>
Sat, 2 Oct 2010 02:15:47 +0000 (12:15 +1000)
diff --git a/lib/krb5/ticket.c b/lib/krb5/ticket.c

index 72e1f7b5e9c0ac2b2a132f02ff74224ad28f6b1d..45c97284bfb88be4c7d0ece2fa2cb90782e5cff7 100644 (file)
--- a/lib/krb5/ticket.c
+++ b/lib/krb5/ticket.c
@@ -687,6 +687,15 @@ _krb5_extract_ticket(krb5_context context,
         goto out;
      }
  
+    /*
+     * HACK:
+     * this is really a ugly hack, to support using the Netbios Domain Name
+     * as realm against windows KDC's, they always return the full realm
+     * based on the DNS Name.
+     */
+    flags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH;
+    flags |= EXTRACT_TICKET_ALLOW_CNAME_MISMATCH;
+
      /* compare client and save */
      ret = _krb5_principalname2krb5_principal (context,
                                               &tmp_principal,
author	Stefan Metzmacher <metze@samba.org>
	Fri, 22 Aug 2008 09:45:26 +0000 (11:45 +0200)
committer	Andrew Bartlett <abartlet@samba.org>
	Sat, 2 Oct 2010 02:15:47 +0000 (12:15 +1000)