diff options
author | Sumit Bose <sbose@redhat.com> | 2010-03-10 17:03:23 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-03-12 09:00:28 -0500 |
commit | 5096bb4c2242b426aa6f5ea2cb82223e0b81a345 (patch) | |
tree | 7db071f1395488b0e419f93c4328330cd9b899fa /src/providers/krb5/krb5_init.c | |
parent | 70a54fe1c527efabf0c3258a2daa669f5e2bb788 (diff) | |
download | sssd-5096bb4c2242b426aa6f5ea2cb82223e0b81a345.tar.gz sssd-5096bb4c2242b426aa6f5ea2cb82223e0b81a345.tar.xz sssd-5096bb4c2242b426aa6f5ea2cb82223e0b81a345.zip |
Add krb5_kpasswd option
Diffstat (limited to 'src/providers/krb5/krb5_init.c')
-rw-r--r-- | src/providers/krb5/krb5_init.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/src/providers/krb5/krb5_init.c b/src/providers/krb5/krb5_init.c index 4d2123815..83129d9c5 100644 --- a/src/providers/krb5/krb5_init.c +++ b/src/providers/krb5/krb5_init.c @@ -52,6 +52,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, unsigned v; FILE *debug_filep; const char *krb5_servers; + const char *krb5_kpasswd_servers; const char *krb5_realm; const char *errstr; int errval; @@ -98,13 +99,27 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, return EINVAL; } - ret = krb5_service_init(ctx, bectx, "KRB5", krb5_servers, krb5_realm, - &ctx->service); + ret = krb5_service_init(ctx, bectx, SSS_KRB5KDC_FO_SRV, krb5_servers, + krb5_realm, &ctx->service); if (ret != EOK) { - DEBUG(0, ("Failed to init IPA failover service!\n")); + DEBUG(0, ("Failed to init KRB5 failover service!\n")); return ret; } + krb5_kpasswd_servers = dp_opt_get_string(ctx->opts, KRB5_KPASSWD); + if (krb5_kpasswd_servers == NULL) { + DEBUG(0, ("Missing krb5_kpasswd option, using KDC!\n")); + ctx->kpasswd_service = NULL; + } else { + ret = krb5_service_init(ctx, bectx, SSS_KRB5KPASSWD_FO_SRV, + krb5_kpasswd_servers, krb5_realm, + &ctx->kpasswd_service); + if (ret != EOK) { + DEBUG(0, ("Failed to init KRB5KPASSWD failover service!\n")); + return ret; + } + } + ret = check_and_export_options(ctx->opts, bectx->domain); if (ret != EOK) { DEBUG(1, ("check_and_export_options failed.\n")); |