Fix no_host_referral concatention in KDC

If no_host_referral is set in both [kdcdefaults] and the realm
subsection, we're supposed to concatenate their values.  But the logic
in handle_referral_params would overwrite the value with the
non-concatenated realm value.  Similar bugs of this nature were fixed
in 639c9d0f5a7c68dc98a2a452abc05ca32443cddf (r22037) but this one was
missed.

(cherry picked from commit 6338d039cbd0b138642e3b123ac58dc802d1d907)

ticket: 7580 (new)
version_fixed: 1.10.4
status: resolved

diff --git a/src/kdc/main.c b/src/kdc/main.c
index 8d4df8762401b4ddb726fbc25b00af86b06477d6..b56ec193ca3fb0be4707b287e2d89ce94cbdd15f 100644 (file)
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -207,12 +207,13 @@ handle_referral_params(krb5_realm_params *rparams,
                 rdp->realm_no_host_referral = strdup(KRB5_CONF_ASTERISK);
                 if (!rdp->realm_no_host_referral)
                     retval = ENOMEM;
-            } else if  (no_refrls && (asprintf(&(rdp->realm_no_host_referral),
-                                               "%s%s%s%s%s", " ", no_refrls," ",
-                                               rparams->realm_no_host_referral, " ") < 0))
-                retval = ENOMEM;
-            else if (asprintf(&(rdp->realm_no_host_referral),"%s%s%s", " ",
-                              rparams->realm_no_host_referral, " ") < 0)
+            } else if (no_refrls) {
+                if (asprintf(&(rdp->realm_no_host_referral),
+                             "%s%s%s%s%s", " ", no_refrls," ",
+                             rparams->realm_no_host_referral, " ") < 0)
+                    retval = ENOMEM;
+            } else if (asprintf(&(rdp->realm_no_host_referral),"%s%s%s", " ",
+                                rparams->realm_no_host_referral, " ") < 0)
                 retval = ENOMEM;
         } else if( no_refrls != NULL) {
             if ( asprintf(&(rdp->realm_no_host_referral),