STABLE14-aklog-use-native-principal-conversion-20090216

LICENSE IPL10
FIXES 124338

use krb5_524_conv_principal instead of doing it potentially wrong ourselves

(cherry picked from commit b1f9b4cb5dd295162ae51704310e9d6058008f0a)

diff --git a/src/aklog/aklog_main.c b/src/aklog/aklog_main.c
index b56421f..bd8f2a3 100644 (file)
--- a/src/aklog/aklog_main.c
+++ b/src/aklog/aklog_main.c
@@ -642,19 +642,16 @@ static int auth_to_cell(krb5_context context, char *cell, char *realm)
            if (dflag)
                printf("Using Kerberos V5 ticket natively\n");
 
-           len = min(get_princ_len(context, v5cred->client, 0),
-                     second_comp(context, v5cred->client) ?
-                                       MAXKTCNAMELEN - 2 : MAXKTCNAMELEN - 1);
-           strncpy(username, get_princ_str(context, v5cred->client, 0), len);
-           username[len] = '\0';
-
-           if (second_comp(context, v5cred->client)) {
-               strcat(username, ".");
-               p = username + strlen(username);
-               len = min(get_princ_len(context, v5cred->client, 1),
-                         MAXKTCNAMELEN - strlen(username) - 1);
-               strncpy(p, get_princ_str(context, v5cred->client, 1), len);
-               p[len] = '\0';
+           status = krb5_524_conv_principal (context, v5cred->client, &k4name, &k4inst, &k4realm);
+           if (status) {
+               afs_com_err(progname, status, "while converting principal "
+                       "to Kerberos V4 format");
+               return(AKLOG_KERBEROS);
+           }
+           strcpy (username, k4name);
+           if (k4inst[0]) {
+               strcat (username, ".");
+               strcat (username, k4inst);
            }
 
            memset(&atoken, 0, sizeof(atoken));