| Message ID | 20130611093403.GB27345@principal.rfc2324.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Maximilian Wilhelm wrote: + * Make sure the preferred_realm (which may have been explicitly set + * on the command line, is tried first. If nothing is found go on with + * the host and local default realm (if that hasn't already been tried). You're missing a close paren there somewhere. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Anno domini 2013 Jim Rees scripsit: > Maximilian Wilhelm wrote: > + * Make sure the preferred_realm (which may have been explicitly set > + * on the command line, is tried first. If nothing is found go on with > + * the host and local default realm (if that hasn't already been tried). > You're missing a close paren there somewhere. Indeed. The first '(' should have been a ','. Anyone willing to apply this? Thanks Max
On Mon, Jun 17, 2013 at 07:02:47PM +0200, Maximilian Wilhelm wrote: > Anno domini 2013 Jim Rees scripsit: > > > Maximilian Wilhelm wrote: > > > + * Make sure the preferred_realm (which may have been explicitly set > > + * on the command line, is tried first. If nothing is found go on with > > + * the host and local default realm (if that hasn't already been tried). > > > You're missing a close paren there somewhere. > > Indeed. The first '(' should have been a ','. > > Anyone willing to apply this? Note nfs-utils patches should go to steved@redhat.com, cc'd to this list. But also note this is the week of the Ann Arbor bakeathon so many of us will be less responsive this week. --b. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 17/06/13 13:02, Maximilian Wilhelm wrote: > Anno domini 2013 Jim Rees scripsit: > >> Maximilian Wilhelm wrote: > >> + * Make sure the preferred_realm (which may have been explicitly set >> + * on the command line, is tried first. If nothing is found go on with >> + * the host and local default realm (if that hasn't already been tried). > >> You're missing a close paren there somewhere. > > Indeed. The first '(' should have been a ','. > > Anyone willing to apply this? Its on my TODO list... and I'll fix the comment up... steved. > > Thanks > Max > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
commit 722bd62d1e6a9d38db57e919d914a371e67d804d
Author: Maximilian Wilhelm <max@rfc2324.org>
Date: Fri May 24 14:46:41 2013 +0200
Fix handling of preferred realm command line option.
The current implementation ignores any preferred realm specified on the
command line. Fix this behaviour and make sure the preferred realm is
used as first realm when trying to acquire a keytab entry.
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
Signed-off-by: Frederik Moellers <frederik.moellers@upb.de>
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 6275dd8..fb706a8 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -852,11 +852,18 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
}
/*
- * Try the "appropriate" realm first, and if nothing found for that
- * realm, try the default realm (if it hasn't already been tried).
+ * Make sure the preferred_realm (which may have been explicitly set
+ * on the command line, is tried first. If nothing is found go on with
+ * the host and local default realm (if that hasn't already been tried).
*/
i = 0;
realm = realmnames[i];
+
+ if (strcmp (realm, preferred_realm) != 0) {
+ realm = preferred_realm;
+ i = -1;
+ }
+
while (1) {
if (realm == NULL) {
tried_all = 1;