3 files changed, 16 insertions, 8 deletions

diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index 8133431cc..840a09871 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -399,6 +399,18 @@ done:
     return realm;
 }
 
+const char *sdap_gssapi_realm(struct dp_option *opts)
+{
+    const char *realm;
+
+    realm = dp_opt_get_cstring(opts, SDAP_SASL_REALM);
+    if (!realm) {
+        realm = dp_opt_get_cstring(opts, SDAP_KRB5_REALM);
+    }
+
+    return realm;
+}
+
 int sdap_gssapi_init(TALLOC_CTX *mem_ctx,
                      struct dp_option *opts,
                      struct be_ctx *bectx,
@@ -419,7 +431,7 @@ int sdap_gssapi_init(TALLOC_CTX *mem_ctx,
     krb5_servers = dp_opt_get_string(opts, SDAP_KRB5_KDC);
     krb5_backup_servers = dp_opt_get_string(opts, SDAP_KRB5_BACKUP_KDC);
 
-    krb5_opt_realm = dp_opt_get_string(opts, SDAP_KRB5_REALM);
+    krb5_opt_realm = sdap_gssapi_realm(opts);
     if (krb5_opt_realm == NULL) {
         DEBUG(SSSDBG_OP_FAILURE,
               "Missing krb5_realm option, will use libkrb default\n");
diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h
index c142af345..424eacb1d 100644
--- a/src/providers/ldap/ldap_common.h
+++ b/src/providers/ldap/ldap_common.h
@@ -138,6 +138,8 @@ int sdap_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx,
                       const char *urls, const char *backup_urls,
                       struct sdap_service **_service);
 
+const char *sdap_gssapi_realm(struct dp_option *opts);
+
 int sdap_gssapi_init(TALLOC_CTX *mem_ctx,
                      struct dp_option *opts,
                      struct be_ctx *bectx,
diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c
index 431845d3f..34db75a4e 100644
--- a/src/providers/ldap/sdap_async_connection.c
+++ b/src/providers/ldap/sdap_async_connection.c
@@ -1708,12 +1708,6 @@ static void sdap_cli_kinit_step(struct tevent_req *req)
     struct sdap_cli_connect_state *state = tevent_req_data(req,
                                              struct sdap_cli_connect_state);
     struct tevent_req *subreq;
-    const char *realm;
-
-    realm = dp_opt_get_string(state->opts->basic, SDAP_SASL_REALM);
-    if (!realm) {
-        realm = dp_opt_get_string(state->opts->basic, SDAP_KRB5_REALM);
-    }
 
     subreq = sdap_kinit_send(state, state->ev,
                              state->be,
@@ -1725,7 +1719,7 @@ static void sdap_cli_kinit_step(struct tevent_req *req)
                                                    SDAP_KRB5_KEYTAB),
                         dp_opt_get_string(state->opts->basic,
                                                    SDAP_SASL_AUTHID),
-                        realm,
+                        sdap_gssapi_realm(state->opts->basic),
                         dp_opt_get_bool(state->opts->basic,
                                                    SDAP_KRB5_CANONICALIZE),
                         dp_opt_get_int(state->opts->basic,