diff options
-rw-r--r-- | src/providers/krb5/krb5_common.c | 12 | ||||
-rw-r--r-- | src/tests/krb5_utils-tests.c | 6 |
2 files changed, 9 insertions, 9 deletions
diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c index ee3d7252..ed2fffae 100644 --- a/src/providers/krb5/krb5_common.c +++ b/src/providers/krb5/krb5_common.c @@ -898,22 +898,16 @@ errno_t krb5_get_simple_upn(TALLOC_CTX *mem_ctx, struct krb5_ctx *krb5_ctx, errno_t compare_principal_realm(const char *upn, const char *realm, bool *different_realm) { - size_t upn_len; - size_t realm_len; char *at_sign; - if (upn == NULL || realm == NULL || different_realm == NULL) { + if (upn == NULL || realm == NULL || different_realm == NULL || + *upn == '\0' || *realm == '\0') { return EINVAL; } - upn_len = strlen(upn); - realm_len = strlen(realm); at_sign = strchr(upn, '@'); - /* if coming from the same realm the upn must be at least the size of the - * realm plus 1 for the '@' char. */ - if (upn_len == 0 || realm_len == 0 || upn_len <= realm_len + 1 || - at_sign == NULL) { + if (at_sign == NULL) { return EINVAL; } diff --git a/src/tests/krb5_utils-tests.c b/src/tests/krb5_utils-tests.c index 77dc27ca..bc1890f0 100644 --- a/src/tests/krb5_utils-tests.c +++ b/src/tests/krb5_utils-tests.c @@ -711,6 +711,12 @@ START_TEST(test_compare_principal_realm) fail_unless(ret == EOK, "Failure with different realm"); fail_unless(different_realm == true, "Different realm but " \ "different_realm is not true."); + + ret = compare_principal_realm("user@ABC", "REALMNAMELONGERTHANUPN", + &different_realm); + fail_unless(ret == EOK, "Failure with long realm name."); + fail_unless(different_realm == true, "Realm name longer than UPN but " + "different_realm is not true."); } END_TEST |