summaryrefslogtreecommitdiff
path: root/src/providers/ipa/ipa_common.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/providers/ipa/ipa_common.c')
-rw-r--r--src/providers/ipa/ipa_common.c55
1 files changed, 8 insertions, 47 deletions
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c
index db736921..4c68f61d 100644
--- a/src/providers/ipa/ipa_common.c
+++ b/src/providers/ipa/ipa_common.c
@@ -168,14 +168,9 @@ int ipa_get_id_options(struct ipa_options *ipa_opts,
struct sdap_options **_opts)
{
TALLOC_CTX *tmpctx;
- char *primary;
char *basedn;
char *realm;
char *value;
- char *desired_realm;
- char *desired_primary;
- bool primary_requested = true;
- bool realm_requested = true;
int ret;
int i;
@@ -248,51 +243,17 @@ int ipa_get_id_options(struct ipa_options *ipa_opts,
dp_opt_get_string(ipa_opts->id->basic, SDAP_KRB5_REALM)));
}
- /* Configuration of SASL auth ID and realm */
- desired_primary = dp_opt_get_string(ipa_opts->id->basic, SDAP_SASL_AUTHID);
- if (!desired_primary) {
- primary_requested = false;
- desired_primary = dp_opt_get_string(ipa_opts->id->basic, IPA_HOSTNAME);
- }
- desired_realm = dp_opt_get_string(ipa_opts->id->basic, SDAP_SASL_REALM);
- if (!desired_realm) {
- realm_requested = false;
- desired_realm = dp_opt_get_string(ipa_opts->id->basic, SDAP_KRB5_REALM);
- }
-
- ret = select_principal_from_keytab(tmpctx,
- desired_primary, desired_realm,
- dp_opt_get_string(ipa_opts->id->basic,
- SDAP_KRB5_KEYTAB),
- NULL, &primary, &realm);
- if (ret != EOK) {
- goto done;
- }
-
- if ((primary_requested && strcmp(desired_primary, primary) != 0) ||
- (realm_requested && strcmp(desired_realm, realm) != 0)) {
- DEBUG(1, ("Configured SASL auth ID/realm not found in keytab.\n"));
- ret = ENOENT;
- goto done;
- }
-
- ret = dp_opt_set_string(ipa_opts->id->basic,
- SDAP_SASL_AUTHID, primary);
- if (ret != EOK) {
- goto done;
- }
- DEBUG(6, ("Option %s set to %s\n",
- ipa_opts->id->basic[SDAP_SASL_AUTHID].opt_name,
- dp_opt_get_string(ipa_opts->id->basic, SDAP_SASL_AUTHID)));
-
- ret = dp_opt_set_string(ipa_opts->id->basic,
- SDAP_SASL_REALM, realm);
+ ret = sdap_set_sasl_options(ipa_opts->id,
+ dp_opt_get_string(ipa_opts->id->basic,
+ IPA_HOSTNAME),
+ dp_opt_get_string(ipa_opts->id->basic,
+ SDAP_KRB5_REALM),
+ dp_opt_get_string(ipa_opts->id->basic,
+ SDAP_KRB5_KEYTAB));
if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Cannot set the SASL-related options\n"));
goto done;
}
- DEBUG(6, ("Option %s set to %s\n",
- ipa_opts->id->basic[SDAP_SASL_REALM].opt_name,
- dp_opt_get_string(ipa_opts->id->basic, SDAP_SASL_REALM)));
/* fix schema to IPAv1 for now */
ipa_opts->id->schema_type = SDAP_SCHEMA_IPA_V1;
generated by cgit (git 2.34.1) at 2024-11-03 21:04:44 +0000