Fix is_referral flag in KDC TGS code

A server response which is a cross-realm TGT is not a referral if it
was directly requested by the client.  Misclassifying such a response
as a referral means we don't mirror the request's name type, which has
been observed to break older Java clients.

ticket: 7555 (new)

diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
index d2b89e25ec5a88b7a558fbae9114fb94b990e230..12589b803953b284de9a6ada245d30d84ce9154c 100644 (file)
--- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
@@ -246,7 +246,7 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
         setflag(c_flags, KRB5_KDB_FLAG_CROSS_REALM);
 
     is_referral = krb5_is_tgs_principal(server->princ) &&
-        !krb5_principal_compare(kdc_context, tgs_server, server->princ);
+        !krb5_principal_compare(kdc_context, request->server, server->princ);
 
     /* Check for protocol transition */
     errcode = kdc_process_s4u2self_req(kdc_active_realm,