SSSD / sssd

Clone

f67ee4a krb5_child: send back the client principal

4 files Authored by sbose 11 years ago, Committed by simo 11 years ago,
raw patch tree parent
4 files changed. 42 lines added. 5 lines removed.
src/providers/data_provider.h
file modified
+1 -0
src/providers/krb5/krb5_auth.h
file modified
+1 -0
src/providers/krb5/krb5_child.c
file modified
+24 -5
src/providers/krb5/krb5_child_handler.c
file modified
+16 -0 
    krb5_child: send back the client principal
    
    In general Kerberos is case sensitive but the KDC of Active Directory
    typically handles request case in-sensitive. In the case where we guess
    a user principal by combining the user name and the realm and are not
    sure about the cases of the letters used in the user name we might get a
    valid ticket from the AD KDC but are not able to access it with the
    Kerberos client library because we assume a wrong case.
    
    The client principal in the returned credentials will always have the
    right cases. To be able to update the cache user principal name the
    krb5_child will return the principal for further processing.
file modified
+1 -0
file modified
+1 -0
file modified
+24 -5
file modified
+16 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.