From 4a2da4c9657212bac6397d6321fbfd0c65f30d12 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 14 Apr 2003 20:49:27 +0000 Subject: [PATCH] Use krb5_princ_component() instead of krb5_princ_realm() for MIT Kerberos like we did before I messed things up ;-) Use krb5_principal_get_comp_string() to do the same thing w/ Heimdal. I'm not sure if the component should be 0 or 1 in this case. #define ENCTYPE_DES_CBC_MD5 ETYPE_DES_CBC_MD5 for Heimdal since older versions lack ENCTYPE_DES_CBC_MD5. This is gross and there should be a configure check for this I guess. --- auth/kerb5.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/auth/kerb5.c b/auth/kerb5.c index 0ba50be85..2db25ef60 100644 --- a/auth/kerb5.c +++ b/auth/kerb5.c @@ -69,9 +69,11 @@ static const char rcsid[] = "$Sudo$"; #endif /* lint */ #ifdef HAVE_HEIMDAL +# define extract_name(c, p) krb5_principal_get_comp_string(c, p, 0); # define krb5_free_data_contents(c, d) krb5_data_free(d) +# define ENCTYPE_DES_CBC_MD5 ETYPE_DES_CBC_MD5 /* XXX */ #else -# define krb5_principal_get_realm(c, p) (krb5_princ_realm(c, p)->data) +# define extract_name(c, p) (krb5_princ_component(c, p, 1)->data) #endif static int verify_krb_v5_tgt __P((krb5_context, krb5_ccache, char *)); @@ -272,9 +274,8 @@ verify_krb_v5_tgt(sudo_context, ccache, auth_name) return(-1); } - /* Extract the name directly. */ - strlcpy(phost, krb5_principal_get_realm(sudo_context, princ), - sizeof(phost)); + /* Extract the name directly. Yow. */ + strlcpy(phost, extract_name(sudo_context, princ), sizeof(phost)); /* * Do we have host/ keys? -- 2.40.0