* rd_req_dec.c (krb5_rd_req_decoded_opt): Pass server realm to

transited-list check, not local realm, in case they're different.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13737 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 10 insertions, 7 deletions

diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index 7f15603..5fef923 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,8 @@
+2001-09-07  Ken Raeburn  <raeburn@mit.edu>
+
+	* rd_req_dec.c (krb5_rd_req_decoded_opt): Pass server realm to
+	transited-list check, not local realm, in case they're different.
+
 2001-08-21  Ken Raeburn  <raeburn@mit.edu>
 
 	* walk_rtree.c (krb5_walk_realm_tree): Initialize slen to silence
diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c
index 4e9f44e..31c02dd 100644
--- a/src/lib/krb5/krb/rd_req_dec.c
+++ b/src/lib/krb5/krb/rd_req_dec.c
@@ -188,7 +188,6 @@ krb5_rd_req_decoded_opt(context, auth_context, req, server, keytab,
     /* Hierarchical Cross-Realm */
   
     {
-    	krb5_data        lrealm;
       	krb5_data      * realm;
       	krb5_transited * trans;
   
@@ -200,12 +199,11 @@ krb5_rd_req_decoded_opt(context, auth_context, req, server, keytab,
       	 * transited are within the hierarchy between the client's realm  
       	 * and the local realm.                                        
   	 */
-      	if (trans->tr_contents.data && trans->tr_contents.data[0]) {
-            krb5_get_default_realm(context, &(lrealm.data));
-            lrealm.length = strlen(lrealm.data);
-            retval = krb5_check_transited_list(context, &(trans->tr_contents), 
-					       realm, &lrealm);
-            free(lrealm.data);
+	if (trans->tr_contents.data && trans->tr_contents.data[0]) {
+	    retval = krb5_check_transited_list(context, &(trans->tr_contents), 
+					       realm,
+					       krb5_princ_realm (context,
+								 server));
       	}
     }