diff options
author | Simo Sorce <ssorce@redhat.com> | 2007-12-21 15:18:43 -0500 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2007-12-21 15:18:43 -0500 |
commit | 8de5f477d1846116e6ac660bb1bd558de093a88c (patch) | |
tree | 97e52b28f27f1055db57e9b4e5c3bb1d061ebc7a /ipa-server | |
parent | 19bdd1f166ac6a05aa1ca9611a9b3dbfc5776319 (diff) | |
download | freeipa-8de5f477d1846116e6ac660bb1bd558de093a88c.tar.gz freeipa-8de5f477d1846116e6ac660bb1bd558de093a88c.tar.xz freeipa-8de5f477d1846116e6ac660bb1bd558de093a88c.zip |
Support getting in a principal with out the REALM part
Diffstat (limited to 'ipa-server')
-rw-r--r-- | ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 782eee76f..113f0dd5c 100644 --- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -2072,16 +2072,29 @@ static int ipapwd_setkeytab(Slapi_PBlock *pb) goto free_and_return; } + /* make sure it is a valid name */ krberr = krb5_parse_name(krbctx, serviceName, &krbname); if (krberr) { + slapi_ch_free_string(&serviceName); slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", "krb5_parse_name failed\n"); rc = LDAP_OPERATIONS_ERROR; goto free_and_return; + } else { + /* invert so that we get the canonical form (add REALM if not present for example) */ + char *canonname; + krberr = krb5_unparse_name(krbctx, krbname, &canonname); + if (krberr) { + slapi_ch_free_string(&serviceName); + slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", "krb5_unparse_name failed\n"); + rc = LDAP_OPERATIONS_ERROR; + goto free_and_return; + } + slapi_ch_free_string(&serviceName); + serviceName = canonname; } /* check entry before doing any other decoding */ - /* Find ancestor base DN */ sdn = slapi_sdn_new_dn_byval(ipa_realm_dn); be = slapi_be_select(sdn); @@ -2450,7 +2463,7 @@ static int ipapwd_setkeytab(Slapi_PBlock *pb) /* Free anything that we allocated above */ free_and_return: - slapi_ch_free_string(&serviceName); + if (serviceName) free(serviceName); if (kset) ipapwd_keyset_free(&kset); if (bval) ber_bvfree(bval); |