diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2012-11-19 17:34:56 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-11-19 22:19:29 +0100 |
commit | 24c3186d01d8d1c11832baab24ab3f0de121c666 (patch) | |
tree | 7b47e44e39139a3096d23b53931513661e6b370c /src/providers | |
parent | 459f70d567c211f860244f75f2878c3a446c2a38 (diff) | |
download | sssd-24c3186d01d8d1c11832baab24ab3f0de121c666.tar.gz sssd-24c3186d01d8d1c11832baab24ab3f0de121c666.tar.bz2 sssd-24c3186d01d8d1c11832baab24ab3f0de121c666.zip |
LDAP: Make it possible to use full principal in ldap_sasl_authid again
Diffstat (limited to 'src/providers')
-rw-r--r-- | src/providers/ldap/ldap_common.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 516ba179..f8b921ad 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -1009,6 +1009,7 @@ sdap_set_sasl_options(struct sdap_options *id_opts, TALLOC_CTX *tmp_ctx; char *sasl_primary; char *desired_primary; + char *primary_realm; char *sasl_realm; char *desired_realm; bool primary_requested = true; @@ -1024,12 +1025,23 @@ sdap_set_sasl_options(struct sdap_options *id_opts, desired_primary = default_primary; } - desired_realm = dp_opt_get_string(id_opts->basic, SDAP_SASL_REALM); - if (!desired_realm) { - realm_requested = false; - desired_realm = default_realm; + if ((primary_realm = strchr(desired_primary, '@'))) { + *primary_realm = '\0'; + desired_realm = primary_realm+1; + DEBUG(SSSDBG_TRACE_INTERNAL, + ("authid contains realm [%s]\n", desired_realm)); + } else { + desired_realm = dp_opt_get_string(id_opts->basic, SDAP_SASL_REALM); + if (!desired_realm) { + realm_requested = false; + desired_realm = default_realm; + } } + DEBUG(SSSDBG_CONF_SETTINGS, ("Will look for %s@%s in %s\n", + desired_primary, desired_realm, + keytab_path ? keytab_path : "default keytab")); + ret = select_principal_from_keytab(tmp_ctx, desired_primary, desired_realm, keytab_path, |