Replace krb5_kdcip by krb5_server in LDAP provider

author: Sumit Bose <sbose@redhat.com> 2010-12-07 13:18:39 +0100
committer: Stephen Gallagher <sgallagh@redhat.com> 2010-12-07 17:23:25 -0500
commit: 8d163c0a088318ed9fc0b22def2649e27992ea53 (patch)
tree: 92c6b438d4473d5cc29522656b1b01f02db0b597 /src/providers/ldap
parent: a3ea95747b33de4b50485fb9b5c4e5c45338b3db (diff)
download: sssd-8d163c0a088318ed9fc0b22def2649e27992ea53.tar.gz
sssd-8d163c0a088318ed9fc0b22def2649e27992ea53.tar.bz2
sssd-8d163c0a088318ed9fc0b22def2649e27992ea53.zip
2 files changed, 12 insertions, 4 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index 4d9fabc4..302cfc6b 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -62,7 +62,7 @@ struct dp_option default_basic_opts[] = {
     { "ldap_krb5_keytab", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "ldap_krb5_init_creds", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
     /* use the same parm name as the krb5 module so we set it only once */
-    { "krb5_kdcip", DP_OPT_STRING, NULL_STRING, NULL_STRING },
+    { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "ldap_pwd_policy", DP_OPT_STRING, { "none" }, NULL_STRING },
     { "ldap_referrals", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
@@ -381,6 +381,14 @@ int ldap_get_options(TALLOC_CTX *memctx,
         goto done;
     }
 
+    /* If there is no KDC, try the deprecated krb5_kdcip option, too */
+    /* FIXME - this can be removed in a future version */
+    ret = krb5_try_kdcip(memctx, cdb, conf_path, opts->basic, SDAP_KRB5_KDC);
+    if (ret != EOK) {
+        DEBUG(1, ("sss_krb5_try_kdcip failed.\n"));
+        goto done;
+    }
+
     ret = EOK;
     *_opts = opts;
 
@@ -601,9 +609,9 @@ int sdap_gssapi_init(TALLOC_CTX *mem_ctx,
     const char *krb5_realm;
     struct krb5_service *service = NULL;
 
-    krb5_servers = dp_opt_get_string(opts, SDAP_KRB5_KDCIP);
+    krb5_servers = dp_opt_get_string(opts, SDAP_KRB5_KDC);
     if (krb5_servers == NULL) {
-        DEBUG(1, ("Missing krb5_kdcip option, using service discovery!\n"));
+        DEBUG(1, ("Missing krb5_server option, using service discovery!\n"));
     }
 
     krb5_realm = dp_opt_get_string(opts, SDAP_KRB5_REALM);
diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
index 83bfd21b..8c629a3b 100644
--- a/src/providers/ldap/sdap.h
+++ b/src/providers/ldap/sdap.h
@@ -176,7 +176,7 @@ enum sdap_basic_opt {
     SDAP_SASL_AUTHID,
     SDAP_KRB5_KEYTAB,
     SDAP_KRB5_KINIT,
-    SDAP_KRB5_KDCIP,
+    SDAP_KRB5_KDC,
     SDAP_KRB5_REALM,
     SDAP_PWD_POLICY,
     SDAP_REFERRALS,
author	Sumit Bose <sbose@redhat.com>	2010-12-07 13:18:39 +0100
committer	Stephen Gallagher <sgallagh@redhat.com>	2010-12-07 17:23:25 -0500
commit	8d163c0a088318ed9fc0b22def2649e27992ea53 (patch)
tree	92c6b438d4473d5cc29522656b1b01f02db0b597 /src/providers/ldap
parent	a3ea95747b33de4b50485fb9b5c4e5c45338b3db (diff)
download	sssd-8d163c0a088318ed9fc0b22def2649e27992ea53.tar.gz sssd-8d163c0a088318ed9fc0b22def2649e27992ea53.tar.bz2 sssd-8d163c0a088318ed9fc0b22def2649e27992ea53.zip