Fix handling of preferred_realm command line option

Commit Message

Maximilian Wilhelm May 24, 2013, 12:54 p.m. UTC

(Please CC me in replies, I'm not on the list.)

Hi,

we found a problem in the gssd daemon when using the -R opton to
specify a different preferred realm than the one used on the system.
It seems the preferred_realm variable set in the gssd.c file is not
used at all when searching for keytab entries / principal.

The simple patch attached fixes this problem.

Thanks
Max

Patch

commit aa28b92860357f3d445836205f7851c75566da35
Author: Maximilian Wilhelm <max@rfc2324.org>
Date:   Fri May 24 14:46:41 2013 +0200

    Fix handling of preferred realm command line option.
    
      The current implementation ignores any preferred realm specified on the
      command line. Fix this behaviour and make sure the preferred realm is
      used as first realm when trying to acquire a keytab entry.
    
    Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
    Signed-off-by: Frederik Moellers <frederik.moellers@upb.de>

diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 6275dd8..9f5e634 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -857,6 +857,12 @@  find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
 	 */
 	i = 0;
 	realm = realmnames[i];
+
+	if (strcmp (realm, preferred_realm) != 0) {
+		realm = preferred_realm;
+		i = -1;
+	}
+
 	while (1) {
 		if (realm == NULL) {
 			tried_all = 1;