summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ipa-python/ipaerror.py5
-rw-r--r--ipa-server/xmlrpc-server/funcs.py9
2 files changed, 11 insertions, 3 deletions
diff --git a/ipa-python/ipaerror.py b/ipa-python/ipaerror.py
index 767344b1e..256c87891 100644
--- a/ipa-python/ipaerror.py
+++ b/ipa-python/ipaerror.py
@@ -158,6 +158,11 @@ INPUT_MALFORMED_SERVICE_PRINCIPAL = gen_error_code(
0x0005,
"The requested service principal is not of the form: service/fully-qualified host name")
+INPUT_REALM_MISMATCH = gen_error_code(
+ INPUT_CATEGORY,
+ 0x0006,
+ "The realm for the principal does not match the realm for this IPA server.")
+
#
# Connection errors
#
diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py
index cb2823402..43bcf9869 100644
--- a/ipa-server/xmlrpc-server/funcs.py
+++ b/ipa-server/xmlrpc-server/funcs.py
@@ -1820,9 +1820,12 @@ class IPAServer:
# Don't let the user set the realm
if name.find('@') > 0:
- raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER)
-
- princ_name = name + "@" + self.realm
+ r = name[name.find('@')+1:]
+ if (r != self.realm):
+ raise ipaerror.gen_exception(ipaerror.INPUT_REALM_MISMATCH)
+ princ_name = name
+ else:
+ princ_name = name + "@" + self.realm
conn = self.getConnection(opts)
if not self.__is_service_unique(name, opts):
generated by cgit (git 2.34.1) at 2024-05-27 11:20:02 +0000