Commit 815e4610 authored by Russ Allbery's avatar Russ Allbery

Fix detection of ad_base_instance principals

The logic for checking the Kerberos database for the principal
was incorrect in the case where the principal exists.  Fix the
status code checking to work properly.
parent e2c97ace
......@@ -70,7 +70,7 @@ sync_instance_exists(krb5_context ctx, krb5_principal base,
goto fail;
mask = KADM5_ATTRIBUTES | KADM5_PW_EXPIRATION;
code = kadm5_get_principal(handle, princ, &ent, mask);
if (code != KADM5_UNK_PRINC)
if (code != 0 && code != KADM5_UNK_PRINC)
goto fail;
if (code == 0) {
*exists = true;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment