diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2008-01-07 14:03:13 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2008-01-07 14:03:13 -0500 |
| commit | 057619301540e1d97ea59e48d519699fe80a0a1e (patch) | |
| tree | 497904f1e6a9305c24e4df01d474fe09b94cb693 /ipa-server/xmlrpc-server/funcs.py | |
| parent | db2e5b26b773fe5fff821d610e3959142fa52ddb (diff) | |
| download | freeipa-057619301540e1d97ea59e48d519699fe80a0a1e.tar.gz freeipa-057619301540e1d97ea59e48d519699fe80a0a1e.tar.xz freeipa-057619301540e1d97ea59e48d519699fe80a0a1e.zip | |
In add_service_principal() don't let the user pass in the realm.
This could result in a principal of the form: service/host@something@REALM
Diffstat (limited to 'ipa-server/xmlrpc-server/funcs.py')
| -rw-r--r-- | ipa-server/xmlrpc-server/funcs.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index 2057aa7d0..c7a1f9616 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -1694,6 +1694,10 @@ class IPAServer: service_container = DefaultServiceContainer + # Don't let the user set the realm + if name.find('@') > 0: + raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) + princ_name = name + "@" + self.realm conn = self.getConnection(opts) |