diff options
author | Nathaniel McCallum <npmccallum@redhat.com> | 2013-07-16 11:47:27 -0400 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-07-18 18:08:53 +0200 |
commit | 6c0b7f3389a13d0fb86e5c3bd7d299a9e8629958 (patch) | |
tree | af840dd2272f89c4e4cb7ec00087c40b1c60f03e /daemons/ipa-kdb/ipa_kdb_principals.c | |
parent | e95a7b1b8db9fb12c25fd371cac627352c5e93fb (diff) | |
download | freeipa-6c0b7f3389a13d0fb86e5c3bd7d299a9e8629958.tar.gz freeipa-6c0b7f3389a13d0fb86e5c3bd7d299a9e8629958.tar.xz freeipa-6c0b7f3389a13d0fb86e5c3bd7d299a9e8629958.zip |
Use libunistring ulc_casecmp() on unicode strings
https://fedorahosted.org/freeipa/ticket/3772
Diffstat (limited to 'daemons/ipa-kdb/ipa_kdb_principals.c')
-rw-r--r-- | daemons/ipa-kdb/ipa_kdb_principals.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c index 3566e1ece..66d434a53 100644 --- a/daemons/ipa-kdb/ipa_kdb_principals.c +++ b/daemons/ipa-kdb/ipa_kdb_principals.c @@ -21,6 +21,7 @@ */ #include "ipa_kdb.h" +#include <unicase.h> /* * During TGS request search by ipaKrbPrincipalName (case-insensitive) @@ -614,7 +615,7 @@ static krb5_error_code ipadb_find_principal(krb5_context kcontext, bool found = false; LDAPMessage *le = NULL; struct berval **vals; - int i; + int i, result; ipactx = ipadb_get_context(kcontext); if (!ipactx) { @@ -643,7 +644,11 @@ static krb5_error_code ipadb_find_principal(krb5_context kcontext, /* KDC will accept aliases when doing TGT lookup (ref_tgt_again in do_tgs_req.c */ /* Use case-insensitive comparison in such cases */ if ((flags & KRB5_KDB_FLAG_ALIAS_OK) != 0) { - found = (strcasecmp(vals[i]->bv_val, (*principal)) == 0); + if (ulc_casecmp(vals[i]->bv_val, vals[i]->bv_len, + (*principal), strlen(*principal), + NULL, NULL, &result) != 0) + return KRB5_KDB_INTERNAL_ERROR; + found = (result == 0); } else { found = (strcmp(vals[i]->bv_val, (*principal)) == 0); } @@ -663,7 +668,11 @@ static krb5_error_code ipadb_find_principal(krb5_context kcontext, /* Again, if aliases are accepted by KDC, use case-insensitive comparison */ if ((flags & KRB5_KDB_FLAG_ALIAS_OK) != 0) { - found = (strcasecmp(vals[0]->bv_val, (*principal)) == 0); + if (ulc_casecmp(vals[0]->bv_val, vals[0]->bv_len, + (*principal), strlen(*principal), + NULL, NULL, &result) != 0) + return KRB5_KDB_INTERNAL_ERROR; + found = (result == 0); } else { found = (strcmp(vals[0]->bv_val, (*principal)) == 0); } |