From 10a4dbb5978b6f05cf75f820d97da908e735ace8 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Fri, 22 Mar 2019 10:37:11 +0100 Subject: [PATCH 3/4] library: _adcli_krb5_build_principal allow principals as names Make _adcli_krb5_build_principal a bit more robust by checking if the given name already contains a realm suffix. Related to https://bugzilla.redhat.com/show_bug.cgi?id=1630187 --- library/adkrb5.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/library/adkrb5.c b/library/adkrb5.c index 7f77373..da835d7 100644 --- a/library/adkrb5.c +++ b/library/adkrb5.c @@ -41,12 +41,16 @@ _adcli_krb5_build_principal (krb5_context k5, krb5_principal *principal) { krb5_error_code code; - char *name; + char *name = NULL; - if (asprintf (&name, "%s@%s", user, realm) < 0) - return_val_if_reached (ENOMEM); + /* Use user if user contains a @-character and add @realm otherwise */ + if (strchr (user, '@') == NULL) { + if (asprintf (&name, "%s@%s", user, realm) < 0) { + return_val_if_reached (ENOMEM); + } + } - code = krb5_parse_name (k5, name, principal); + code = krb5_parse_name (k5, name != NULL ? name : user, principal); return_val_if_fail (code == 0, code); free (name); -- 2.20.1