summaryrefslogtreecommitdiffstats
path: root/daemons/ipa-kdb/ipa_kdb_principals.c
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2011-10-10 15:42:11 -0400
committerSimo Sorce <ssorce@redhat.com>2011-11-07 14:25:07 -0500
commit18537d55a7fd21c81af8b56fde69c895b2fa3597 (patch)
treeac460a482411e88b3b534f8869f78aa31a095738 /daemons/ipa-kdb/ipa_kdb_principals.c
parent97018212279be4ff70816194b1e6392b61da36dc (diff)
downloadfreeipa-18537d55a7fd21c81af8b56fde69c895b2fa3597.tar.gz
freeipa-18537d55a7fd21c81af8b56fde69c895b2fa3597.tar.xz
freeipa-18537d55a7fd21c81af8b56fde69c895b2fa3597.zip
Add support for generating PAC for AS requests for user principals
Diffstat (limited to 'daemons/ipa-kdb/ipa_kdb_principals.c')
-rw-r--r--daemons/ipa-kdb/ipa_kdb_principals.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c
index 33ed7b0e1..f5bef8403 100644
--- a/daemons/ipa-kdb/ipa_kdb_principals.c
+++ b/daemons/ipa-kdb/ipa_kdb_principals.c
@@ -556,6 +556,12 @@ static krb5_error_code ipadb_parse_ldap_entry(krb5_context kcontext,
entry->e_data = (krb5_octet *)ied;
+ ied->entry_dn = ldap_get_dn(lcontext, lentry);
+ if (!ied->entry_dn) {
+ kerr = ENOMEM;
+ goto done;
+ }
+
/* mark this as an ipa_user if it has the posixaccount objectclass */
ret = ipadb_ldap_attr_has_value(lcontext, lentry,
"objectClass", "posixAccount");
@@ -919,6 +925,7 @@ void ipadb_free_principal(krb5_context kcontext, krb5_db_entry *entry)
if (entry->e_data) {
ied = (struct ipadb_e_data *)entry->e_data;
if (ied->magic == IPA_E_DATA_MAGIC) {
+ ldap_memfree(ied->entry_dn);
free(ied->passwd);
free(ied->pw_policy_dn);
for (i = 0; ied->pw_history && ied->pw_history[i]; i++) {