From patchwork Fri May 24 12:54:24 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maximilian Wilhelm X-Patchwork-Id: 2611351 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork1.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork1.kernel.org (Postfix) with ESMTP id CA18B3FD4E for ; Fri, 24 May 2013 13:26:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751285Ab3EXN0Y (ORCPT ); Fri, 24 May 2013 09:26:24 -0400 Received: from mail.rfc2324.org ([31.172.8.67]:38501 "EHLO mail.rfc2324.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751114Ab3EXN0X (ORCPT ); Fri, 24 May 2013 09:26:23 -0400 X-Greylist: delayed 1911 seconds by postgrey-1.27 at vger.kernel.org; Fri, 24 May 2013 09:26:23 EDT Received: from rfc2324.org ([31.172.8.84] helo=principal.rfc2324.org) by mail.rfc2324.org with esmtp rfc2324.org Mailserver id 1UfrVo-0004RH-Qn; Fri, 24 May 2013 14:54:29 +0200 Received: by principal.rfc2324.org (Postfix, from userid 666) id B79EA8F2CB; Fri, 24 May 2013 14:54:24 +0200 (CEST) Date: Fri, 24 May 2013 14:54:24 +0200 From: Maximilian Wilhelm To: linux-nfs@vger.kernel.org Cc: Frederik Moellers Message-ID: <20130524125424.GQ20475@principal.rfc2324.org> Mail-Followup-To: linux-nfs@vger.kernel.org, Frederik Moellers MIME-Version: 1.0 Content-Disposition: inline X-Operating-System: Linux 2.6.32-5-amd64 on x86_64 X-Warning: This message may contain ironic / sarcastic elements. X-GC-3.12: GCM/CS/IT/MU d+(--) s: a- C++$ UL++++$ P++(+++) L++++ E--- W+ N o+ K- w O? M V? PS+ PE Y+(++) PGP++ t 5+ X- R* !tv b+(++) DI+(++) !D G++ e+++* h>-(---) r++ y? User-Agent: Mutt/1.5.20 (2009-06-14) X-SA-Exim-Connect-IP: 31.172.8.84 X-SA-Exim-Mail-From: max@principal.rfc2324.org X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.rfc2324.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham version=3.3.1 Subject: [PATCH] Fix handling of preferred_realm command line option X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:26:47 +0000) X-SA-Exim-Scanned: Yes (on mail.rfc2324.org) Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org (Please CC me in replies, I'm not on the list.) Hi, we found a problem in the gssd daemon when using the -R opton to specify a different preferred realm than the one used on the system. It seems the preferred_realm variable set in the gssd.c file is not used at all when searching for keytab entries / principal. The simple patch attached fixes this problem. Thanks Max commit aa28b92860357f3d445836205f7851c75566da35 Author: Maximilian Wilhelm Date: Fri May 24 14:46:41 2013 +0200 Fix handling of preferred realm command line option. The current implementation ignores any preferred realm specified on the command line. Fix this behaviour and make sure the preferred realm is used as first realm when trying to acquire a keytab entry. Signed-off-by: Maximilian Wilhelm Signed-off-by: Frederik Moellers diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c index 6275dd8..9f5e634 100644 --- a/utils/gssd/krb5_util.c +++ b/utils/gssd/krb5_util.c @@ -857,6 +857,12 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname, */ i = 0; realm = realmnames[i]; + + if (strcmp (realm, preferred_realm) != 0) { + realm = preferred_realm; + i = -1; + } + while (1) { if (realm == NULL) { tried_all = 1;