rpms / nfs-utils

Clone
Source Code
GIT

Files

  1.   e19a30e0d8789cf4b27f8c1d92b6619cece0f74d
  2.   SOURCES
  3.   nfs-utils-1.3.0-rpcgssd-maccout-nocase.patch
Blob Blame History Raw 
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 5fde091..990111d 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -801,8 +801,10 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
 	char *default_realm = NULL;
 	char *realm;
 	char *k5err = NULL;
-	int tried_all = 0, tried_default = 0;
+	int tried_all = 0, tried_default = 0, tried_upper = 0;
 	krb5_principal princ;
+	const char *notsetstr = "not set";
+	char *adhostoverride;
 
 
 	/* Get full target hostname */
@@ -820,13 +822,23 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
 	}
 
 	/* Compute the active directory machine name HOST$ */
-	strcpy(myhostad, myhostname);
-	for (i = 0; myhostad[i] != 0; ++i) {
-		if (myhostad[i] == '.') break;
-		myhostad[i] = toupper(myhostad[i]);
+	krb5_appdefault_string(context, "nfs", NULL, "ad_principal_name", 
+		notsetstr, &adhostoverride);
+	if (strcmp(adhostoverride, notsetstr) != 0) {
+	        printerr (1, 
+				"AD host string overridden with \"%s\" from appdefaults\n", 
+				adhostoverride);
+	        /* No overflow: Windows cannot handle strings longer than 19 chars */
+	        strcpy(myhostad, adhostoverride);
+		free(adhostoverride);
+	} else {
+	        strcpy(myhostad, myhostname);
+	        for (i = 0; myhostad[i] != 0; ++i) {
+	          if (myhostad[i] == '.') break;
+	        }
+	        myhostad[i] = '$';
+	        myhostad[i+1] = 0;
 	}
-	myhostad[i] = '$';
-	myhostad[i+1] = 0;
 
 	retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname));
 	if (retval) {
@@ -923,6 +935,19 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
 				k5err = gssd_k5_err_msg(context, code);
 				printerr(3, "%s while getting keytab entry for '%s'\n",
 					 k5err, spn);
+				/*
+				 * We tried the active directory machine account
+				 * with the hostname part as-is and failed...
+				 * convert it to uppercase and try again before
+				 * moving on to the svcname
+				 */
+				if (strcmp(svcnames[j],"$") == 0 && !tried_upper) {
+					for (i = 0; myhostad[i] != '$'; ++i) {
+						myhostad[i] = toupper(myhostad[i]);
+					}
+					j--;
+					tried_upper = 1;
+				}
 			} else {
 				printerr(3, "Success getting keytab entry for '%s'\n",spn);
 				retval = 0;

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation