diff options
| author | Will Fiveash <will.fiveash@oracle.com> | 2006-10-23 21:36:46 +0000 |
|---|---|---|
| committer | Will Fiveash <will.fiveash@oracle.com> | 2006-10-23 21:36:46 +0000 |
| commit | afe2c2095973be9ae22c12bb5ed79f52effb9df5 (patch) | |
| tree | 0f495c1c4a4b3ebe03b89ccbfc0a96737b74f831 | |
| parent | 5fd3d2b196ce242c4ffff1b6c836aa5a248378d3 (diff) | |
| download | krb5-afe2c2095973be9ae22c12bb5ed79f52effb9df5.tar.gz krb5-afe2c2095973be9ae22c12bb5ed79f52effb9df5.tar.xz krb5-afe2c2095973be9ae22c12bb5ed79f52effb9df5.zip | |
fix krb5_ldap_iterate to handle NULL match_expr and open_db_and_mkey to use KRB5_KDB_SRV_TYPE_ADMIN
When I ran kdb5_util dump I had two initial problems. First, the LDAP
plugin was not finding the bind DN because open_db_and_mkey() was
passing KRB5_KDB_SRV_TYPE_OTHER to krb5_db_open(). When I change this
to KRB5_KDB_SRV_TYPE_ADMIN then the ldap_kadmind_dn parameter is used
from krb5.conf and a valid bind DN is found. Second,
krb5_ldap_iterate() will core dump when it is called withy a NULL
match_expr arg. This is how dump_db calls krb5_db_iterate(). I updated
krb5_ldap_iterate() to use a default_match_expr of "*" if match_expr ==
NULL.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18736 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/kadmin/dbutil/kdb5_util.c | 2 | ||||
| -rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c | 7 |
2 files changed, 8 insertions, 1 deletions
diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c index e60e9929c6..1807d1ad00 100644 --- a/src/kadmin/dbutil/kdb5_util.c +++ b/src/kadmin/dbutil/kdb5_util.c @@ -378,7 +378,7 @@ static int open_db_and_mkey() valid_master_key = 0; if ((retval = krb5_db_open(util_context, db5util_db_args, - KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_OTHER))) { + KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN))) { com_err(progname, retval, "while initializing database"); exit_status++; return(1); diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c index 0cbf8d82fc..3ace96cbad 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c @@ -149,6 +149,7 @@ krb5_ldap_iterate(context, match_expr, func, func_arg) kdb5_dal_handle *dal_handle=NULL; krb5_ldap_context *ldap_context=NULL; krb5_ldap_server_handle *ldap_server_handle=NULL; + char *default_match_expr = "*"; /* Clear the global error string */ krb5_clear_error_message(context); @@ -166,6 +167,12 @@ krb5_ldap_iterate(context, match_expr, func, func_arg) } } + /* + * If no match_expr then iterate through all krb princs like the db2 plugin + */ + if (match_expr == NULL) + match_expr = default_match_expr; + filterlen = strlen(FILTER) + strlen(match_expr) + 2 + 1; /* 2 for closing brackets */ filter = malloc (filterlen); CHECK_NULL(filter); |