rpms / nfs-utils

Clone
Source Code
GIT

Blame SOURCES/nfs-utils-1.3.0-rpcgssd-maccout-nocase.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   e19a30e0d8789cf4b27f8c1d92b6619cece0f74d
  2.   SOURCES
  3.   nfs-utils-1.3.0-rpcgssd-maccout-nocase.patch
Blob History Raw
e19a30 
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
e19a30 
index 5fde091..990111d 100644
e19a30 
--- a/utils/gssd/krb5_util.c
e19a30 
+++ b/utils/gssd/krb5_util.c
e19a30 
@@ -801,8 +801,10 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
e19a30 
 	char *default_realm = NULL;
e19a30 
 	char *realm;
e19a30 
 	char *k5err = NULL;
e19a30 
-	int tried_all = 0, tried_default = 0;
e19a30 
+	int tried_all = 0, tried_default = 0, tried_upper = 0;
e19a30 
 	krb5_principal princ;
e19a30 
+	const char *notsetstr = "not set";
e19a30 
+	char *adhostoverride;
e19a30
e19a30
e19a30 
 	/* Get full target hostname */
e19a30 
@@ -820,13 +822,23 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
e19a30 
 	}
e19a30
e19a30 
 	/* Compute the active directory machine name HOST$ */
e19a30 
-	strcpy(myhostad, myhostname);
e19a30 
-	for (i = 0; myhostad[i] != 0; ++i) {
e19a30 
-		if (myhostad[i] == '.') break;
e19a30 
-		myhostad[i] = toupper(myhostad[i]);
e19a30 
+	krb5_appdefault_string(context, "nfs", NULL, "ad_principal_name",
e19a30 
+		notsetstr, &adhostoverride);
e19a30 
+	if (strcmp(adhostoverride, notsetstr) != 0) {
e19a30 
+	        printerr (1,
e19a30 
+				"AD host string overridden with \"%s\" from appdefaults\n",
e19a30 
+				adhostoverride);
e19a30 
+	        /* No overflow: Windows cannot handle strings longer than 19 chars */
e19a30 
+	        strcpy(myhostad, adhostoverride);
e19a30 
+		free(adhostoverride);
e19a30 
+	} else {
e19a30 
+	        strcpy(myhostad, myhostname);
e19a30 
+	        for (i = 0; myhostad[i] != 0; ++i) {
e19a30 
+	          if (myhostad[i] == '.') break;
e19a30 
+	        }
e19a30 
+	        myhostad[i] = '$';
e19a30 
+	        myhostad[i+1] = 0;
e19a30 
 	}
e19a30 
-	myhostad[i] = '$';
e19a30 
-	myhostad[i+1] = 0;
e19a30
e19a30 
 	retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname));
e19a30 
 	if (retval) {
e19a30 
@@ -923,6 +935,19 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
e19a30 
 				k5err = gssd_k5_err_msg(context, code);
e19a30 
 				printerr(3, "%s while getting keytab entry for '%s'\n",
e19a30 
 					 k5err, spn);
e19a30 
+				/*
e19a30 
+				 * We tried the active directory machine account
e19a30 
+				 * with the hostname part as-is and failed...
e19a30 
+				 * convert it to uppercase and try again before
e19a30 
+				 * moving on to the svcname
e19a30 
+				 */
e19a30 
+				if (strcmp(svcnames[j],"$") == 0 && !tried_upper) {
e19a30 
+					for (i = 0; myhostad[i] != '$'; ++i) {
e19a30 
+						myhostad[i] = toupper(myhostad[i]);
e19a30 
+					}
e19a30 
+					j--;
e19a30 
+					tried_upper = 1;
e19a30 
+				}
e19a30 
 			} else {
e19a30 
 				printerr(3, "Success getting keytab entry for '%s'\n",spn);
e19a30 
 				retval = 0;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation