* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Replace server princ

in out_creds not in_creds

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/referrals@18570 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb5/krb/gc_frm_kdc.c b/src/lib/krb5/krb/gc_frm_kdc.c
index af8689f84dfdd7a5a7505cc243f48ec09d6c65c1..a619ebd0d0b6371178c523a9ce1c91ef3cccffce 100644 (file)
--- a/src/lib/krb5/krb/gc_frm_kdc.c
+++ b/src/lib/krb5/krb/gc_frm_kdc.c
@@ -762,7 +762,7 @@ krb5_get_cred_from_kdc_opt(krb5_context context, krb5_ccache ccache,
                           krb5_creds ***tgts, int kdcopt)
 {
     krb5_error_code retval;
-    krb5_principal client, server, supplied_server;
+    krb5_principal client, server, supplied_server, out_supplied_server;
     krb5_creds tgtq, cc_tgt, *tgtptr, *referral_tgts[KRB5_REFERRAL_MAXHOPS];
     krb5_boolean old_use_conf_ktypes;
     char **hrealms;
@@ -775,6 +775,11 @@ krb5_get_cred_from_kdc_opt(krb5_context context, krb5_ccache ccache,
     client = in_cred->client;
     if ((retval=krb5_copy_principal(context, in_cred->server, &server)))
         return retval;
+/* We need a second copy for the output creds*/
+    if ((retval = krb5_copy_principal(context, server, &out_supplied_server)) != 0 ) {
+       krb5_free_principal(context, server);
+       return retval;
+    }
     supplied_server = in_cred->server;
     in_cred->server=server;
 
@@ -1007,7 +1012,9 @@ cleanup:
     dbgref_dump_principal("gc_from_kdc: final hacked server principal at cleanup",server);
 #endif
     krb5_free_principal(context, server);
-    in_cred->server=supplied_server;
+    krb5_free_principal (context, (*out_cred)->server);
+    in_cred->server = supplied_server;
+    (*out_cred)->server= out_supplied_server;
 #ifdef DEBUG_REFERRALS
     dbgref_dump_principal("gc_from_kdc: final server after reversion",in_cred->server);
 #endif