Enforce TGS principals having 2 components

RFC 4120 section 7.3 says that TGS principal names have two
components.  Make krb5_is_tgs_principal() and is_cross_tgs_principal()
enforce this constraint.  Code elsewhere in the KDC already checks for
two components anyway.

diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index a2a9b4b07834daa7f1719162d1df78946d1deb36..4f6ce6f30ba8c7cea5fd03f07bc33f41ffd857fd 100644 (file)
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -145,22 +145,26 @@ is_local_principal(krb5_const_principal princ1)
 krb5_boolean
 krb5_is_tgs_principal(krb5_const_principal principal)
 {
-    if ((krb5_princ_size(kdc_context, principal) > 0) &&
-        data_eq_string (*krb5_princ_component(kdc_context, principal, 0),
-                        KRB5_TGS_NAME))
+    if (krb5_princ_size(kdc_context, principal) != 2)
+        return FALSE;
+    if (data_eq_string(*krb5_princ_component(kdc_context, principal, 0),
+                       KRB5_TGS_NAME))
         return TRUE;
-    return FALSE;
+    else
+        return FALSE;
 }
 
 /* Returns TRUE if principal is the name of a cross-realm TGS. */
 krb5_boolean
 is_cross_tgs_principal(krb5_const_principal principal)
 {
-    return (krb5_princ_size(kdc_context, principal) >= 2 &&
-            data_eq_string(*krb5_princ_component(kdc_context, principal, 0),
-                           KRB5_TGS_NAME) &&
-            !data_eq(*krb5_princ_component(kdc_context, principal, 1),
-                     *krb5_princ_realm(kdc_context, principal)));
+    if (!krb5_is_tgs_principal(principal))
+        return FALSE;
+    if (!data_eq(*krb5_princ_component(kdc_context, principal, 1),
+                 *krb5_princ_realm(kdc_context, principal)))
+        return TRUE;
+    else
+        return FALSE;
 }
 
 /*