* kcmd.c (kcmd()): Bug fixes from jik

	* krlogind.c (recvauth()): Changes to auth_context to better
		support full addresses, for rd_cred() and friends.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5672 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 23 insertions, 25 deletions

diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog
index b3a9d4fbb..143c68f83 100644
--- a/src/appl/bsd/ChangeLog
+++ b/src/appl/bsd/ChangeLog
@@ -1,3 +1,11 @@
+
+Mon May 01 15:56:32 1995  Chris Provenzano
+
+	* kcmd.c (kcmd()): Bug fixes from jik.
+
+	* krlogind.c (recvauth()): Changes to auth_context to better 
+		support full addresses, for rd_cred() and friends.
+
 Sat Apr 29 01:26:06 1995  Theodore Y. Ts'o  <tytso@dcl>
 
 	* Makefile.in (login.krb5): Link the libraries twice due to
diff --git a/src/appl/bsd/kcmd.c b/src/appl/bsd/kcmd.c
index ad376e530..67656ccf1 100644
--- a/src/appl/bsd/kcmd.c
+++ b/src/appl/bsd/kcmd.c
@@ -116,8 +116,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
 
     strcpy(host_save, hp->h_name);
 
-    *ahost = host_save;
-    
     /* If no service is given set to the default service */
     if (!service) service = default_service;
     
@@ -138,15 +136,9 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
     }
 
     if (realm && *realm) {
-       char *copyrealm;
-       krb5_data rdata;
-
-       rdata.length = strlen(realm);
-       rdata.data = (char *) malloc(rdata.length+1);
-       strcpy(rdata.data, realm);
-       
-       /* XXX we should free the old realm first */
-       krb5_princ_set_realm(bsd_context, get_cred->server, &rdata);
+	(void) krb5_xfree(krb5_princ_realm(bsd_context,ret_cred->server)->data);
+	krb5_princ_set_realm_length(bsd_context,ret_cred->server,strlen(realm));
+	krb5_princ_set_realm_data(bsd_context,ret_cred->server,strdup(realm));
    }
 #ifdef POSIX_SIGNALS
     sigemptyset(&urgmask);
@@ -269,16 +261,18 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
         goto bad2;
     }
 
-    status = krb5_cc_default(bsd_context, &cc);
-    if (status) goto bad2;
+    if (status = krb5_cc_default(bsd_context, &cc))
+    	goto bad2;
 
-    status = krb5_cc_get_principal(bsd_context, cc, &get_cred->client);
-    if (status) goto bad2;
+    if (status = krb5_cc_get_principal(bsd_context, cc, &get_cred->client)) {
+    	(void) krb5_cc_close(bsd_context, cc);
+    	goto bad2;
+    }
 
     /* Get ticket from credentials cache or kdc */
     status = krb5_get_credentials(bsd_context, 0, cc, get_cred, &ret_cred);
-    (void) krb5_cc_close(bsd_context, cc);
     krb5_free_creds(bsd_context, get_cred);
+    (void) krb5_cc_close(bsd_context, cc);
     if (status) goto bad2;
 
     /* Reset internal flags; these should not be sent. */
diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c
index c011a35e1..c7d1959dc 100644
--- a/src/appl/bsd/krlogind.c
+++ b/src/appl/bsd/krlogind.c
@@ -1571,7 +1571,7 @@ recvauth()
  
     /* Only need remote address for rd_cred() to verify client */
     if (status = krb5_auth_con_genaddrs(bsd_context, auth_context, netf,
-			KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR))
+			KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR))
 	return status;
 
     if (status = krb5_compat_recvauth(bsd_context, &auth_context, &netf,
@@ -1656,14 +1656,10 @@ recvauth()
     if (status = krb5_read_message(bsd_context, (krb5_pointer)&netf, &inbuf))
 	fatal(netf, "Error reading message");
 
-    if (inbuf.length) { /* Forwarding being done, read creds */
-        if (status = krb5_auth_con_genaddrs(bsd_context, auth_context, netf,
-			KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR))
-	    fatal(netf, "Can't generate full address for client");
-
-	if (status = rd_and_store_for_creds(bsd_context, auth_context, &inbuf, 
-					    ticket, lusername))
-	    fatal(netf, "Can't get forwarded credentials");
+    if ((inbuf.length) && /* Forwarding being done, read creds */
+	(status = rd_and_store_for_creds(bsd_context, auth_context, &inbuf, 
+					  ticket, lusername))) {
+         fatal(netf, "Can't get forwarded credentials");
     }
     return 0;
 }