summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/providers/krb5/krb5_common.c12
-rw-r--r--src/tests/krb5_utils-tests.c6
2 files changed, 9 insertions, 9 deletions
diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c
index ee3d72525..ed2fffae1 100644
--- a/src/providers/krb5/krb5_common.c
+++ b/src/providers/krb5/krb5_common.c
@@ -898,22 +898,16 @@ errno_t krb5_get_simple_upn(TALLOC_CTX *mem_ctx, struct krb5_ctx *krb5_ctx,
errno_t compare_principal_realm(const char *upn, const char *realm,
bool *different_realm)
{
- size_t upn_len;
- size_t realm_len;
char *at_sign;
- if (upn == NULL || realm == NULL || different_realm == NULL) {
+ if (upn == NULL || realm == NULL || different_realm == NULL ||
+ *upn == '\0' || *realm == '\0') {
return EINVAL;
}
- upn_len = strlen(upn);
- realm_len = strlen(realm);
at_sign = strchr(upn, '@');
- /* if coming from the same realm the upn must be at least the size of the
- * realm plus 1 for the '@' char. */
- if (upn_len == 0 || realm_len == 0 || upn_len <= realm_len + 1 ||
- at_sign == NULL) {
+ if (at_sign == NULL) {
return EINVAL;
}
diff --git a/src/tests/krb5_utils-tests.c b/src/tests/krb5_utils-tests.c
index fe5d8423f..112b4fab6 100644
--- a/src/tests/krb5_utils-tests.c
+++ b/src/tests/krb5_utils-tests.c
@@ -711,6 +711,12 @@ START_TEST(test_compare_principal_realm)
fail_unless(ret == EOK, "Failure with different realm");
fail_unless(different_realm == true, "Different realm but " \
"different_realm is not true.");
+
+ ret = compare_principal_realm("user@ABC", "REALMNAMELONGERTHANUPN",
+ &different_realm);
+ fail_unless(ret == EOK, "Failure with long realm name.");
+ fail_unless(different_realm == true, "Realm name longer than UPN but "
+ "different_realm is not true.");
}
END_TEST