[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Problems with unified heimdal/samba domain
On Sat, 11 Dec 2004 20:08:38 +0100
Love <lha@stacken.kth.se> wrote:
> I think the code failes to ask for uid attribute and that the reason it
> doesn't fill out the ent->principal.
>
> --- lib/hdb/hdb-ldap.c 11 Dec 2004 18:55:18 -0000 1.40
> +++ lib/hdb/hdb-ldap.c 11 Dec 2004 18:58:06 -0000
> @@ -93,6 +93,7 @@
> "sambaNTPassword",
> "sambaPwdLastSet",
> "sambaPwdMustChange",
> + "uid",
> NULL
> };
>
> I'll try to update to a modern version of openldap and try against that.
>
> Can you please try the patch above ?
The patch above seems to stop the segfault, but it doesn't list all the
princs. However, with the attached patch, it seems to do so. The patch
includes a few initializations of hdb_entry structs, an addition of
sambaSamAccount to the LDAP_firstkey() routine, and a check for a
null pointer in krb5_realm_compare() . Do these additions seem reasonable?
Jim
Only in heimdal-20041209.mod/lib/des: Makefile
diff -cr heimdal-20041209/lib/hdb/hdb-ldap.c heimdal-20041209.mod/lib/hdb/hdb-ldap.c
*** heimdal-20041209/lib/hdb/hdb-ldap.c Sat Dec 11 00:07:36 2004
--- heimdal-20041209.mod/lib/hdb/hdb-ldap.c Sat Dec 11 16:09:31 2004
***************
*** 93,98 ****
--- 93,99 ----
"sambaNTPassword",
"sambaPwdLastSet",
"sambaPwdMustChange",
+ "uid",
NULL
};
***************
*** 912,918 ****
char **values;
int tmp_time;
! memset(ent, 0, sizeof(*ent));
ent->flags = int2HDBFlags(0);
ret = LDAP_get_string_value(db, msg, "krb5PrincipalName", &unparsed_name);
--- 913,919 ----
char **values;
int tmp_time;
! /* memset(ent, 0, sizeof(*ent)); */
ent->flags = int2HDBFlags(0);
ret = LDAP_get_string_value(db, msg, "krb5PrincipalName", &unparsed_name);
***************
*** 1382,1388 ****
return ret;
msgid = ldap_search(HDB2LDAP(db), HDB2BASE(db),
! LDAP_SCOPE_SUBTREE, "(objectclass=krb5Principal)",
krb5kdcentry_attrs, 0);
if (msgid < 0)
return HDB_ERR_NOENTRY;
--- 1383,1390 ----
return ret;
msgid = ldap_search(HDB2LDAP(db), HDB2BASE(db),
! /* LDAP_SCOPE_SUBTREE, "(objectclass=krb5Principal)", */
! LDAP_SCOPE_SUBTREE, "(|(objectClass=krb5Principal)(objectClass=sambaSamAccount))",
krb5kdcentry_attrs, 0);
if (msgid < 0)
return HDB_ERR_NOENTRY;
diff -cr heimdal-20041209/lib/hdb/hdb.c heimdal-20041209.mod/lib/hdb/hdb.c
*** heimdal-20041209/lib/hdb/hdb.c Sat Dec 11 00:07:36 2004
--- heimdal-20041209.mod/lib/hdb/hdb.c Sat Dec 11 10:01:15 2004
***************
*** 153,158 ****
--- 153,160 ----
{
krb5_error_code ret;
hdb_entry entry;
+
+ memset(&entry, 0, sizeof(entry));
ret = db->hdb_firstkey(context, db, flags, &entry);
while(ret == 0){
ret = (*func)(context, db, &entry, data);
diff -cr heimdal-20041209/lib/kadm5/get_s.c heimdal-20041209.mod/lib/kadm5/get_s.c
*** heimdal-20041209/lib/kadm5/get_s.c Sat Dec 11 00:07:36 2004
--- heimdal-20041209.mod/lib/kadm5/get_s.c Sat Dec 11 09:53:48 2004
***************
*** 45,50 ****
--- 45,51 ----
kadm5_ret_t ret;
hdb_entry ent;
+ memset(&ent, 0, sizeof(ent));
ent.principal = princ;
ret = context->db->hdb_open(context->context, context->db, O_RDONLY, 0);
if(ret)
diff -cr heimdal-20041209/lib/krb5/principal.c heimdal-20041209.mod/lib/krb5/principal.c
*** heimdal-20041209/lib/krb5/principal.c Sat Dec 11 00:07:38 2004
--- heimdal-20041209.mod/lib/krb5/principal.c Sat Dec 11 10:06:34 2004
***************
*** 606,611 ****
--- 606,612 ----
krb5_const_principal princ1,
krb5_const_principal princ2)
{
+ if (!princ1 || !princ2) return 0;
return strcmp(princ_realm(princ1), princ_realm(princ2)) == 0;
}