diff options
author | Sumit Bose <sbose@redhat.com> | 2010-03-04 12:44:21 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-03-11 09:22:41 -0500 |
commit | 03e7e62d439a2ef21f3c1c074a593a15606a0e1e (patch) | |
tree | 2c2bc856f9d3821c08687368f07866acc077b5e8 | |
parent | 29752834fbf3a19e4e117668abfce4e4c7c48ee4 (diff) | |
download | sssd-03e7e62d439a2ef21f3c1c074a593a15606a0e1e.tar.gz sssd-03e7e62d439a2ef21f3c1c074a593a15606a0e1e.tar.bz2 sssd-03e7e62d439a2ef21f3c1c074a593a15606a0e1e.zip |
Write the IP address of the KDC to the kdcinfo file
-rw-r--r-- | src/krb5_plugin/sssd_krb5_locator_plugin.c | 81 | ||||
-rw-r--r-- | src/providers/ipa/ipa_common.c | 14 | ||||
-rw-r--r-- | src/providers/krb5/krb5_common.c | 26 |
3 files changed, 63 insertions, 58 deletions
diff --git a/src/krb5_plugin/sssd_krb5_locator_plugin.c b/src/krb5_plugin/sssd_krb5_locator_plugin.c index 5e797333..8f32a31b 100644 --- a/src/krb5_plugin/sssd_krb5_locator_plugin.c +++ b/src/krb5_plugin/sssd_krb5_locator_plugin.c @@ -45,7 +45,7 @@ struct sssd_ctx { char *sssd_realm; - struct addrinfo *sssd_kdc_addrinfo; + char *kdc_addr; bool debug; }; @@ -122,14 +122,10 @@ static int get_kdcinfo(const char *realm, struct sssd_ctx *ctx) } PLUGIN_DEBUG(("Found kdcinfo [%s].\n", buf)); - ret = getaddrinfo((char *) buf, "kerberos", NULL, &ctx->sssd_kdc_addrinfo); - if (ret != 0) { - PLUGIN_DEBUG(("getaddrinfo failed [%d][%s].\n", ret, - gai_strerror(ret))); - if (ret == EAI_SYSTEM) { - PLUGIN_DEBUG(("getaddrinfo failed [%d][%s].\n", errno, - strerror(errno))); - } + ctx->kdc_addr = strdup((char *) buf); + if (ctx->kdc_addr == NULL) { + PLUGIN_DEBUG(("strdup failed.\n")); + ret = ENOMEM; goto done; } @@ -140,8 +136,6 @@ static int get_kdcinfo(const char *realm, struct sssd_ctx *ctx) goto done; } - - done: free(kdcinfo_name); return ret; @@ -178,7 +172,7 @@ void sssd_krb5_locator_close(void *private_data) ctx = (struct sssd_ctx *) private_data; PLUGIN_DEBUG(("sssd_krb5_locator_close called\n")); - freeaddrinfo(ctx->sssd_kdc_addrinfo); + free(ctx->kdc_addr); free(ctx->sssd_realm); free(ctx); private_data = NULL; @@ -197,14 +191,15 @@ krb5_error_code sssd_krb5_locator_lookup(void *private_data, int ret; struct addrinfo *ai; struct sssd_ctx *ctx; - char hostip[NI_MAXHOST]; + struct addrinfo ai_hints; + const char *service = NULL; if (private_data == NULL) return KRB5_PLUGIN_NO_HANDLE; ctx = (struct sssd_ctx *) private_data; if (ctx->sssd_realm == NULL || strcmp(ctx->sssd_realm, realm) != 0) { - freeaddrinfo(ctx->sssd_kdc_addrinfo); - ctx->sssd_kdc_addrinfo = NULL; + free(ctx->kdc_addr); + ctx->kdc_addr = NULL; free(ctx->sssd_realm); ctx->sssd_realm = NULL; ret = get_kdcinfo(realm, ctx); @@ -221,10 +216,15 @@ krb5_error_code sssd_krb5_locator_lookup(void *private_data, switch (svc) { case locate_service_kdc: case locate_service_master_kdc: + service = "kerberos"; + break; case locate_service_kadmin: + service = "kerberos-adm"; break; - case locate_service_krb524: case locate_service_kpasswd: + service = "kpasswd"; + break; + case locate_service_krb524: return KRB5_PLUGIN_NO_HANDLE; default: return EINVAL; @@ -250,32 +250,35 @@ krb5_error_code sssd_krb5_locator_lookup(void *private_data, if (strcmp(realm, ctx->sssd_realm) != 0) return KRB5_PLUGIN_NO_HANDLE; - for (ai = ctx->sssd_kdc_addrinfo; ai != NULL; ai = ai->ai_next) { - ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, hostip, NI_MAXHOST, - NULL, 0, NI_NUMERICHOST); - if (ret != 0) { - PLUGIN_DEBUG(("getnameinfo failed [%d][%s].\n", ret, - gai_strerror(ret))); - if (ret == EAI_SYSTEM) { - PLUGIN_DEBUG(("getnameinfo failed [%d][%s].\n", errno, - strerror(errno))); - } + memset(&ai_hints, 0, sizeof(struct addrinfo)); + ai_hints.ai_flags = AI_NUMERICHOST; + ai_hints.ai_socktype = socktype; + ret = getaddrinfo(ctx->kdc_addr, service, &ai_hints, &ai); + if (ret != 0) { + PLUGIN_DEBUG(("getaddrinfo failed [%d][%s].\n", ret, + gai_strerror(ret))); + if (ret == EAI_SYSTEM) { + PLUGIN_DEBUG(("getaddrinfo failed [%d][%s].\n", errno, + strerror(errno))); } - PLUGIN_DEBUG(("addr[%s] family[%d] socktype[%d] - ", hostip, - ai->ai_family, ai->ai_socktype)); - - if ((family == AF_UNSPEC || ai->ai_family == family) && - ai->ai_socktype == socktype) { - - ret = cbfunc(cbdata, socktype, ai->ai_addr); - if (ret != 0) { - PLUGIN_DEBUG(("\ncbfunc failed\n")); - } else { - PLUGIN_DEBUG(("used\n")); - } + return EFAULT; + } + + PLUGIN_DEBUG(("addr[%s] family[%d] socktype[%d]\n", ctx->kdc_addr, + ai->ai_family, ai->ai_socktype)); + + if ((family == AF_UNSPEC || ai->ai_family == family) && + ai->ai_socktype == socktype) { + + ret = cbfunc(cbdata, socktype, ai->ai_addr); + if (ret != 0) { + PLUGIN_DEBUG(("cbfunc failed\n")); + return ret; } else { - PLUGIN_DEBUG((" NOT used\n")); + PLUGIN_DEBUG(("[%s] used\n", ctx->kdc_addr)); } + } else { + PLUGIN_DEBUG(("[%s] NOT used\n", ctx->kdc_addr)); } return 0; diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index 92da9d17..a50b63b9 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -24,6 +24,8 @@ #include <netdb.h> #include <ctype.h> +#include <arpa/inet.h> + #include "providers/ipa/ipa_common.h" struct dp_option ipa_basic_opts[] = { @@ -472,9 +474,15 @@ static void ipa_resolve_callback(void *private_data, struct fo_server *server) return; } - address = talloc_asprintf(service, "%s", srvaddr->h_name); - if (!address) { - DEBUG(1, ("Failed to copy address ...\n")); + address = talloc_zero_size(service, 128); + if (address == NULL) { + DEBUG(1, ("talloc_zero failed.\n")); + return; + } + + if (inet_ntop(srvaddr->h_addrtype, srvaddr->h_addr_list[0], + address, 128) == NULL) { + DEBUG(1, ("inet_ntop failed [%d][%s].\n", errno, strerror(errno))); return; } diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c index 7619e6a5..8c1c7fac 100644 --- a/src/providers/krb5/krb5_common.c +++ b/src/providers/krb5/krb5_common.c @@ -25,6 +25,7 @@ #include <sys/stat.h> #include <unistd.h> #include <netdb.h> +#include <arpa/inet.h> #include "providers/dp_backend.h" #include "providers/krb5/krb5_common.h" @@ -47,7 +48,6 @@ errno_t check_and_export_options(struct dp_option *opts, char *value; const char *realm; const char *dummy; - char **list; realm = dp_opt_get_cstring(opts, KRB5_REALM); if (realm == NULL) { @@ -68,18 +68,6 @@ errno_t check_and_export_options(struct dp_option *opts, dummy = dp_opt_get_cstring(opts, KRB5_KDC); if (dummy == NULL) { DEBUG(1, ("No KDC expicitly configured, using defaults")); - } else { - ret = split_on_separator(opts, dummy, ',', true, &list, NULL); - if (ret != EOK) { - DEBUG(1, ("Failed to parse server list!\n")); - return ret; - } - ret = write_kdcinfo_file(realm, list[0]); - if (ret != EOK) { - DEBUG(1, ("write_kdcinfo_file failed, " - "using kerberos defaults from /etc/krb5.conf")); - } - talloc_free(list); } dummy = dp_opt_get_cstring(opts, KRB5_CCNAME_TMPL); @@ -248,9 +236,15 @@ static void krb5_resolve_callback(void *private_data, struct fo_server *server) return; } - address = talloc_asprintf(krb5_service, "%s", srvaddr->h_name); - if (!address) { - DEBUG(1, ("Failed to copy address ...\n")); + address = talloc_zero_size(krb5_service, 128); + if (address == NULL) { + DEBUG(1, ("talloc_zero failed.\n")); + return; + } + + if (inet_ntop(srvaddr->h_addrtype, srvaddr->h_addr_list[0], + address, 128) == NULL) { + DEBUG(1, ("inet_ntop failed [%d][%s].\n", errno, strerror(errno))); return; } |