summaryrefslogtreecommitdiff
path: root/src/providers/ldap
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2010-10-13 21:40:47 +0200
committerStephen Gallagher <sgallagh@redhat.com>2010-10-15 09:03:06 -0400
commit6a195bd7126020d42f89a6a97c56c15f47debb2e (patch)
tree6020afbc450729b0e584093ecd682f229449e75a /src/providers/ldap
parent936647bf729d258db9f381b561c7b18780ff70ab (diff)
downloadsssd-6a195bd7126020d42f89a6a97c56c15f47debb2e.tar.gz
sssd-6a195bd7126020d42f89a6a97c56c15f47debb2e.tar.bz2
sssd-6a195bd7126020d42f89a6a97c56c15f47debb2e.zip
Check for GSSAPI before attempting to kinit
Diffstat (limited to 'src/providers/ldap')
-rw-r--r--src/providers/ldap/ldap_init.c20
1 files changed, 12 insertions, 8 deletions
diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c
index 86598cac..dcfb5539 100644
--- a/src/providers/ldap/ldap_init.c
+++ b/src/providers/ldap/ldap_init.c
@@ -60,6 +60,7 @@ int sssm_ldap_id_init(struct be_ctx *bectx,
struct sdap_id_ctx *ctx;
const char *urls;
const char *dns_service_name;
+ const char *sasl_mech;
int ret;
/* If we're already set up, just return that */
@@ -98,14 +99,17 @@ int sssm_ldap_id_init(struct be_ctx *bectx,
goto done;
}
- if (dp_opt_get_bool(ctx->opts->basic, SDAP_KRB5_KINIT)) {
- ret = sdap_gssapi_init(ctx, ctx->opts->basic,
- ctx->be, ctx->service,
- &ctx->krb5_service);
- if (ret != EOK) {
- DEBUG(1, ("sdap_gssapi_init failed [%d][%s].\n",
- ret, strerror(ret)));
- goto done;
+ sasl_mech = dp_opt_get_string(ctx->opts->basic, SDAP_SASL_MECH);
+ if (sasl_mech && strcasecmp(sasl_mech, "GSSAPI") == 0) {
+ if (dp_opt_get_bool(ctx->opts->basic, SDAP_KRB5_KINIT)) {
+ ret = sdap_gssapi_init(ctx, ctx->opts->basic,
+ ctx->be, ctx->service,
+ &ctx->krb5_service);
+ if (ret != EOK) {
+ DEBUG(1, ("sdap_gssapi_init failed [%d][%s].\n",
+ ret, strerror(ret)));
+ goto done;
+ }
}
}