mirror of
https://github.com/samba-team/samba.git
synced 2025-01-25 06:04:04 +03:00
47a3f9cc5a
FreeIPA can generate tickets with a client principal of 'host/hostname.example.com'. verify_logonname() should just verify the principal name in the PAC_LOGON_NAME is the same as the principal of the client principal (without realm) of the ticket. Samba commit b7cc8c1187ff967e44587cd0d09185330378f366 break this. We try to compare ['host']['hostname.example.com'] with ['host/hostname.example.com]' (as we interpret it as enterprise principal) this fail if we don't compare them as strings. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11142 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Heimdal is a Kerberos 5 implementation. For information how to install see <http://www.h5l.org/compile.html>. There are briefer man pages for most of the commands. Bug reports and bugs are appreciated, see more under Bug reports in the manual on how we prefer them: <heimdal-bugs@h5l.org>. For more information see the web-page at <http://www.h5l.org/> or the mailing lists: heimdal-announce@sics.se low-volume announcement heimdal-discuss@sics.se high-volume discussion send a mail to heimdal-announce-request@sics.se and heimdal-discuss-request@sics.se respectively to subscribe.