From patchwork Wed Aug  6 14:59:53 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jurjen Bokma <j.bokma@rug.nl>
X-Patchwork-Id: 4687031
Return-Path: <linux-nfs-owner@kernel.org>
X-Original-To: patchwork-linux-nfs@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.19.201])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id CDE30C0338
	for <patchwork-linux-nfs@patchwork.kernel.org>;
	Wed,  6 Aug 2014 15:13:19 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 39D6F20120
	for <patchwork-linux-nfs@patchwork.kernel.org>;
	Wed,  6 Aug 2014 15:13:19 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id EEE6120114
	for <patchwork-linux-nfs@patchwork.kernel.org>;
	Wed,  6 Aug 2014 15:13:17 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754087AbaHFPNQ (ORCPT
	<rfc822;patchwork-linux-nfs@patchwork.kernel.org>);
	Wed, 6 Aug 2014 11:13:16 -0400
Received: from smtp20.rug.nl ([129.125.60.101]:35907 "EHLO smtp20.rug.nl"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753280AbaHFPNQ (ORCPT <rfc822;linux-nfs@vger.kernel.org>);
	Wed, 6 Aug 2014 11:13:16 -0400
X-Greylist: delayed 797 seconds by postgrey-1.27 at vger.kernel.org;
	Wed, 06 Aug 2014 11:13:15 EDT
Received: from mail-wi0-f174.google.com ([172.23.16.207])
	by smtp20.rug.nl (8.14.7/8.14.7) with ESMTP id s76ExuDY016729
	for <linux-nfs@vger.kernel.org>; Wed, 6 Aug 2014 16:59:56 +0200
Received: by mail-wi0-f174.google.com with SMTP id d1so9134393wiv.1
	for <linux-nfs@vger.kernel.org>; Wed, 06 Aug 2014 07:59:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to
	:subject:content-type;
	bh=DAZfuk+PO3q6SbIVOF4fXq4SodjX5y5MUxzWp4LGSvA=;
	b=KRAQN+hlP2wgxYV/EYSiOLWQdCOsUvOSM5A5PT0T/6JdFcODGAXCkIIa+Ca/n/wpG9
	5xE0ZhCi3acExPhKOc5joWL8CzSlNasxJLcqk3sXdxRDLsSIXdmyOEzTvazYuDGJasuS
	bIl91aY1vSkn1MfY31L5+8xT2fbULzv69durtYib9ufm7QxmtMb4UMC80sAoNdZy3cC4
	ksmnK+wShk82qmieFHSEsUXscr/ACuxCj53EtwH3TPOJdKAcOEYKMsBALP0nBl9YQ/AR
	4p1529YSzFSZ1+IaYSYSeHy2JNeyUFxodZ/xGEN9zBuI5Smsdy/27fix+Z2dtkCYMStg
	CRVQ==
X-Gm-Message-State: 
 ALoCoQnFgXOmcgqkVyBlLyLSBRBeEKP3gNZnsftugLxGQvHjybRFUduVR+UpS1aDZAKi/b/Ne/sl+8K7+WXFIP3SRy/c/pKJDPZn9L8lgXN2Kse8CAekqRKA4TaiaNN0JQ4fwqCtqxRu
X-Received: by 10.180.101.129 with SMTP id fg1mr49983370wib.20.1407337196792;
	Wed, 06 Aug 2014 07:59:56 -0700 (PDT)
X-Received: by 10.180.101.129 with SMTP id fg1mr49983353wib.20.1407337196696;
	Wed, 06 Aug 2014 07:59:56 -0700 (PDT)
Received: from [129.125.249.214] (bwp-249-214.rcuwp.rug.nl.
	[129.125.249.214]) by mx.google.com with ESMTPSA id
	co6sm3033173wjb.31.2014.08.06.07.59.54
	for <linux-nfs@vger.kernel.org>
	(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
	Wed, 06 Aug 2014 07:59:54 -0700 (PDT)
Message-ID: <53E242E9.1050106@rug.nl>
Date: Wed, 06 Aug 2014 16:59:53 +0200
From: Jurjen Bokma <j.bokma@rug.nl>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:24.0) Gecko/20100101 Icedove/24.5.0
MIME-Version: 1.0
To: linux-nfs@vger.kernel.org
Subject: Patch: select non-conventional principal in gssd
X-Virus-Scanned: clamav-milter 0.98.4 at smtp20
X-Virus-Status: Clean
Sender: linux-nfs-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org
X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	RP_MATCHES_RCVD, T_TVD_MIME_EPI,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

HiAll,

I have a patch to utils/gssd/krb5_util.c that enables kerberized NFS
mounts to succeed even if the principal is not <HOSTNAME>$.

It works by reading another principal name from the [appdefaults]
section of krb5.conf:

[appdefaults]
nfs = {
    ad_principal_name = 129.125.39.115$
}

Patch is attached. Would you please incorporate it in the source if you
find it useful?
Sorry if I'm asking in the wrong place.

Best Regards
Jurjen

--- utils/gssd/krb5_util.c.orig	2014-08-06 10:54:18.806414170 +0200
+++ utils/gssd/krb5_util.c	2014-08-06 11:01:21.016320365 +0200
@@ -801,7 +801,8 @@
 	char *k5err = NULL;
 	int tried_all = 0, tried_default = 0;
 	krb5_principal princ;
-
+	const char *notsetstr = "not set";
+	char *adhostoverride;
 
 	/* Get full target hostname */
 	retval = get_full_hostname(tgtname, targethostname,
@@ -818,11 +819,18 @@
 	}
 
 	/* Compute the active directory machine name HOST$ */
-	strcpy(myhostad, myhostname);
-	for (i = 0; myhostad[i] != 0; ++i)
-		myhostad[i] = toupper(myhostad[i]);
-	myhostad[i] = '$';
-	myhostad[i+1] = 0;
+	krb5_appdefault_string(context, "nfs", NULL, "ad_principal_name", notsetstr, &adhostoverride);
+	if (strcmp(adhostoverride, notsetstr) != 0) {
+	        printerr (0, "AD host string overridden with \"%s\" from appdefaults\n", adhostoverride);
+	        /* No overflow: Windows cannot handle strings longer than 19 chars */
+	        strcpy(myhostad, adhostoverride);
+	} else {
+	        strcpy(myhostad, myhostname);
+	        for (i = 0; myhostad[i] != 0; ++i)
+	          myhostad[i] = toupper(myhostad[i]);
+	        myhostad[i] = '$';
+	        myhostad[i+1] = 0;
+	}
 
 	retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname));
 	if (retval)