diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/krb5/krb5_child.c | 4 | ||||
-rw-r--r-- | src/providers/krb5/krb5_child_handler.c | 5 |
2 files changed, 8 insertions, 1 deletions
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index a92ba57bf..6e27df0d4 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -89,6 +89,7 @@ struct krb5_req { char *ccname; char *keytab; bool validate; + bool upn_from_different_realm; char *fast_ccname; const char *upn; @@ -1359,6 +1360,7 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd, size_t p = 0; uint32_t len; uint32_t validate; + uint32_t different_realm; DEBUG(SSSDBG_TRACE_LIBS, ("total buffer size: [%d]\n", size)); @@ -1370,6 +1372,8 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd, SAFEALIGN_COPY_UINT32_CHECK(&validate, buf + p, size, &p); kr->validate = (validate == 0) ? false : true; SAFEALIGN_COPY_UINT32_CHECK(offline, buf + p, size, &p); + SAFEALIGN_COPY_UINT32_CHECK(&different_realm, buf + p, size, &p); + kr->upn_from_different_realm = (different_realm == 0) ? false : true; SAFEALIGN_COPY_UINT32_CHECK(&len, buf + p, size, &p); if ((p + len ) > size) return EINVAL; kr->upn = talloc_strndup(pd, (char *)(buf + p), len); diff --git a/src/providers/krb5/krb5_child_handler.c b/src/providers/krb5/krb5_child_handler.c index 768d8c7dc..f0fe81b6f 100644 --- a/src/providers/krb5/krb5_child_handler.c +++ b/src/providers/krb5/krb5_child_handler.c @@ -92,6 +92,7 @@ static errno_t create_send_buffer(struct krb5child_req *kr, size_t rp; const char *keytab; uint32_t validate; + uint32_t different_realm; size_t username_len = 0; keytab = dp_opt_get_cstring(kr->krb5_ctx->opts, KRB5_KEYTAB); @@ -101,6 +102,7 @@ static errno_t create_send_buffer(struct krb5child_req *kr, } validate = dp_opt_get_bool(kr->krb5_ctx->opts, KRB5_VALIDATE) ? 1 : 0; + different_realm = kr->upn_from_different_realm ? 1 : 0; buf = talloc(kr, struct io_buffer); if (buf == NULL) { @@ -108,7 +110,7 @@ static errno_t create_send_buffer(struct krb5child_req *kr, return ENOMEM; } - buf->size = 6*sizeof(uint32_t) + strlen(kr->upn); + buf->size = 7*sizeof(uint32_t) + strlen(kr->upn); if (kr->pd->cmd == SSS_PAM_AUTHENTICATE || kr->pd->cmd == SSS_CMD_RENEW || @@ -140,6 +142,7 @@ static errno_t create_send_buffer(struct krb5child_req *kr, SAFEALIGN_COPY_UINT32(&buf->data[rp], &kr->gid, &rp); SAFEALIGN_COPY_UINT32(&buf->data[rp], &validate, &rp); SAFEALIGN_COPY_UINT32(&buf->data[rp], &kr->is_offline, &rp); + SAFEALIGN_COPY_UINT32(&buf->data[rp], &different_realm, &rp); SAFEALIGN_SET_UINT32(&buf->data[rp], strlen(kr->upn), &rp); safealign_memcpy(&buf->data[rp], kr->upn, strlen(kr->upn), &rp); |