10088 – Authentication failing due to case sensitive comparison of service ticket entry

Bug 10088 - Authentication failing due to case sensitive comparison of service ticket entry

Summary: Authentication failing due to case sensitive comparison of service ticket entry

Status:	NEW

Alias:	None

Product:	Samba 3.6
Classification:	Unclassified
Component:	User & Group Accounts (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P5 normal
Target Milestone:	---
Assignee:	Samba Bugzilla Account
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-08-15 20:00 UTC by bpillai
Modified:	2017-08-24 14:00 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description bpillai 2013-08-15 20:00:11 UTC

While performing Kerberos authentication, Samba does a case sensitive comparison between the service ticket entry with krb5.keytab file. This caues the authetication to fail in certain cases. It should be changed into case insensitive comparison.
For example:
Principal in GET request: http/foo@ADTEST.COM
Principal in krb5.keytab: HTTP/FOO@ADTEST.COM
are considered as differner entries while they are same. The code change in library should be made in file principal.c in line 924 and 990 to change strcmp to strcasecmp.
source4/heimdal/lib/krb5/principal.c Line:924 and Line 990.