diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2010-10-13 21:40:47 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-10-15 09:03:06 -0400 |
commit | 6a195bd7126020d42f89a6a97c56c15f47debb2e (patch) | |
tree | 6020afbc450729b0e584093ecd682f229449e75a /src/providers/ldap | |
parent | 936647bf729d258db9f381b561c7b18780ff70ab (diff) | |
download | sssd-6a195bd7126020d42f89a6a97c56c15f47debb2e.tar.gz sssd-6a195bd7126020d42f89a6a97c56c15f47debb2e.tar.bz2 sssd-6a195bd7126020d42f89a6a97c56c15f47debb2e.zip |
Check for GSSAPI before attempting to kinit
Diffstat (limited to 'src/providers/ldap')
-rw-r--r-- | src/providers/ldap/ldap_init.c | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c index 86598cac..dcfb5539 100644 --- a/src/providers/ldap/ldap_init.c +++ b/src/providers/ldap/ldap_init.c @@ -60,6 +60,7 @@ int sssm_ldap_id_init(struct be_ctx *bectx, struct sdap_id_ctx *ctx; const char *urls; const char *dns_service_name; + const char *sasl_mech; int ret; /* If we're already set up, just return that */ @@ -98,14 +99,17 @@ int sssm_ldap_id_init(struct be_ctx *bectx, goto done; } - if (dp_opt_get_bool(ctx->opts->basic, SDAP_KRB5_KINIT)) { - ret = sdap_gssapi_init(ctx, ctx->opts->basic, - ctx->be, ctx->service, - &ctx->krb5_service); - if (ret != EOK) { - DEBUG(1, ("sdap_gssapi_init failed [%d][%s].\n", - ret, strerror(ret))); - goto done; + sasl_mech = dp_opt_get_string(ctx->opts->basic, SDAP_SASL_MECH); + if (sasl_mech && strcasecmp(sasl_mech, "GSSAPI") == 0) { + if (dp_opt_get_bool(ctx->opts->basic, SDAP_KRB5_KINIT)) { + ret = sdap_gssapi_init(ctx, ctx->opts->basic, + ctx->be, ctx->service, + &ctx->krb5_service); + if (ret != EOK) { + DEBUG(1, ("sdap_gssapi_init failed [%d][%s].\n", + ret, strerror(ret))); + goto done; + } } } |