IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Perform case-insensitive searches for principals on TGS requests

Browse Source 
We want to always resolve TGS requests even if the user mistakenly sends a
request for a service ticket where the fqdn part contain upper case letters.

The actual implementation follows hints set by KDC. When AP_REQ is done, KDC
sets KRB5_FLAG_ALIAS_OK and we obey it when looking for principals on TGS requests.

https://fedorahosted.org/freeipa/ticket/1577
This commit is contained in:
Alexander Bokovoy
2012-03-26 14:23:42 +03:00
committed by Martin Kosek
parent 27517c2008
commit cbb1d626b9
6 changed files with 65 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ipaserver/install/dsinstance.py
View File

@@ -389,6 +389,7 @@ class DsInstance(service.Service):
"60basev2.ldif",
"60basev3.ldif",
"60ipadns.ldif",
"61kerberos-ipav3.ldif",
"65ipasudo.ldif"):
target_fname = schema_dirname(self.serverid) + schema_fname
shutil.copyfile(ipautil.SHARE_DIR + schema_fname, target_fname)