Fix no_host_referral concatention in KDC

If no_host_referral is set in both [kdcdefaults] and the realm
subsection, we're supposed to concatenate their values.  But the logic
in handle_referral_params would overwrite the value with the
non-concatenated realm value.  Similar bugs of this nature were fixed
in 639c9d0f5a7c68dc98a2a452abc05ca32443cddf (r22037) but this one was
missed.

ticket: 7539 (new)
target_version: 1.11.1
tags: pullup

diff --git a/src/kdc/main.c b/src/kdc/main.c
index 02d7c3372c3729822807c13d7f6869d3cff3c787..51792fbccff182af0eb90299b44981b752c8e602 100644 (file)
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -189,12 +189,13 @@ handle_referral_params(krb5_realm_params *rparams,
                 rdp->realm_no_host_referral = strdup(KRB5_CONF_ASTERISK);
                 if (!rdp->realm_no_host_referral)
                     retval = ENOMEM;
-            } else if  (no_refrls && (asprintf(&(rdp->realm_no_host_referral),
-                                               "%s%s%s%s%s", " ", no_refrls," ",
-                                               rparams->realm_no_host_referral, " ") < 0))
-                retval = ENOMEM;
-            else if (asprintf(&(rdp->realm_no_host_referral),"%s%s%s", " ",
-                              rparams->realm_no_host_referral, " ") < 0)
+            } else if (no_refrls) {
+                if (asprintf(&(rdp->realm_no_host_referral),
+                             "%s%s%s%s%s", " ", no_refrls," ",
+                             rparams->realm_no_host_referral, " ") < 0)
+                    retval = ENOMEM;
+            } else if (asprintf(&(rdp->realm_no_host_referral),"%s%s%s", " ",
+                                rparams->realm_no_host_referral, " ") < 0)
                 retval = ENOMEM;
         } else if( no_refrls != NULL) {
             if ( asprintf(&(rdp->realm_no_host_referral),