From 298e3bde1ea0a44ef5d4affa91e67e43404cfcc2 Mon Sep 17 00:00:00 2001 From: Evan Broder Date: Tue, 17 Feb 2009 04:29:04 +0000 Subject: [PATCH] DEVEL15-aklog-use-native-principal-conversion-20090216 LICENSE IPL10 FIXES 124338 use krb5_524_conv_principal instead of doing it potentially wrong ourselves (cherry picked from commit b1f9b4cb5dd295162ae51704310e9d6058008f0a) --- src/aklog/aklog_main.c | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/src/aklog/aklog_main.c b/src/aklog/aklog_main.c index b56421fb0..bd8f2a36d 100644 --- a/src/aklog/aklog_main.c +++ b/src/aklog/aklog_main.c @@ -642,19 +642,16 @@ static int auth_to_cell(krb5_context context, char *cell, char *realm) if (dflag) printf("Using Kerberos V5 ticket natively\n"); - len = min(get_princ_len(context, v5cred->client, 0), - second_comp(context, v5cred->client) ? - MAXKTCNAMELEN - 2 : MAXKTCNAMELEN - 1); - strncpy(username, get_princ_str(context, v5cred->client, 0), len); - username[len] = '\0'; - - if (second_comp(context, v5cred->client)) { - strcat(username, "."); - p = username + strlen(username); - len = min(get_princ_len(context, v5cred->client, 1), - MAXKTCNAMELEN - strlen(username) - 1); - strncpy(p, get_princ_str(context, v5cred->client, 1), len); - p[len] = '\0'; + status = krb5_524_conv_principal (context, v5cred->client, &k4name, &k4inst, &k4realm); + if (status) { + afs_com_err(progname, status, "while converting principal " + "to Kerberos V4 format"); + return(AKLOG_KERBEROS); + } + strcpy (username, k4name); + if (k4inst[0]) { + strcat (username, "."); + strcat (username, k4inst); } memset(&atoken, 0, sizeof(atoken)); -- 2.39.5