diff options
| author | Sumit Bose <sbose@redhat.com> | 2012-10-24 10:01:09 +0200 |
|---|---|---|
| committer | Sumit Bose <sbose@redhat.com> | 2012-10-26 10:32:06 +0200 |
| commit | 7c4845bd0efb1dcb44b5be52923c539316725693 (patch) | |
| tree | 4adf6be8d9da3792a4907b012dfd678939b96e62 /src/providers/krb5/krb5_utils.h | |
| parent | 964628ab89229e9266adc5f4f8a26222734788b7 (diff) | |
| download | sssd-7c4845bd0efb1dcb44b5be52923c539316725693.tar.gz sssd-7c4845bd0efb1dcb44b5be52923c539316725693.tar.bz2 sssd-7c4845bd0efb1dcb44b5be52923c539316725693.zip | |
krb5_auth: update with correct UPN if needed
The Active Directory KDC handles request case in-sensitive and it might
not always to possible to guess the UPN with the correct case. We check
if the returned principal has a different case then the one used in the
request and updates the principal if needed. This will help using calls
from the Kerberos client libraries later on which would otherwise fail
because the principal is handled case sensitive by those libraries.
Diffstat (limited to 'src/providers/krb5/krb5_utils.h')
| -rw-r--r-- | src/providers/krb5/krb5_utils.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_utils.h b/src/providers/krb5/krb5_utils.h index 28485458..25d8c6cf 100644 --- a/src/providers/krb5/krb5_utils.h +++ b/src/providers/krb5/krb5_utils.h @@ -37,6 +37,10 @@ errno_t find_or_guess_upn(TALLOC_CTX *mem_ctx, struct ldb_message *msg, const char *domain_name, const char *user, const char *user_dom, char **_upn); +errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb, + const char *user, + const char *upn); + /* Operations on a credential cache */ typedef errno_t (*cc_be_create_fn)(const char *location, pcre *illegal_re, uid_t uid, gid_t gid, bool private_path); |