[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Problems with unified heimdal/samba domain

"James F.  Hranicky" <jfh@cise.ufl.edu> writes:

> Note that ent.principal was set to princ earlier, but is now nil, while princ
> is still a valid pointer. I found that in the function LDAP_message2entry which
> is called from context->db->hdb_fetch() above, we see this:
>     static krb5_error_code
>     LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
>                        hdb_entry * ent)
>     {
>         char *unparsed_name = NULL, *dn = NULL, *ntPasswordIN = NULL;
>         char *samba_acct_flags = NULL;
>         int ret;
>         unsigned long tmp;
>         struct berval **keys;
>         char **values;
>         int tmp_time;
> =>      memset(ent, 0, sizeof(*ent));
> Even though ent is passed in as a parameter to be used, it is cleared here.
> If I comment that line out, I get a bus error in another location.

Yes, it should be cleared there, becase the lib needs to return the entry
with the data allocated inside the lib and not the data from the caller.

I think the code failes to ask for uid attribute and that the reason it
doesn't fill out the ent->principal.

--- lib/hdb/hdb-ldap.c	11 Dec 2004 18:55:18 -0000	1.40
+++ lib/hdb/hdb-ldap.c	11 Dec 2004 18:58:06 -0000
@@ -93,6 +93,7 @@
+    "uid",
> I'm willing to keep hacking around, but I'd like to know from folks more 
> familiar with the code if the mods I've made make sense and I'm on the
> right track, or if I'm way off base and doing things incorrectly that
> trigger bugs in little-used paths in the code. Is anyone interested?

I'll try to update to a modern version of openldap and try against that.

Can you please try the patch above ?


PGP signature