6a9ef2c krb5: save canonical upn to sysdb

5 files Authored by sbose 7 years ago , Committed by jhrozek 7 years ago ,
    krb5: save canonical upn to sysdb
    
    If the returned TGT contains a different user principal name (upn) than
    used in the request, i.e. the upn was canonicalized, we currently save
    it to sysdb into the same attribute where the upn coming from an LDAP
    server is stored as well. This means the canonical upn might be
    overwritten when the user data is re-read from the LDAP server.
    
    To avoid this this patch add a new attribute to sysdb where the
    canonical upn is stored and makes sure it is used when available.
    
    Fixes https://fedorahosted.org/sssd/ticket/2060
    
        
file modified
+1 -0
file modified
+50 -15