From 10c50d237d6e3137499fcfaa5a804e6712e002ee Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Wed, 19 Dec 2012 18:37:32 +0100 Subject: krb5 tgt renewal: fix usage of ldb_dn_get_component_val() For some reason I was under the impression that the DN components are counted backwards in libldb. This patch corrects this. --- src/providers/krb5/krb5_renew_tgt.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'src/providers/krb5/krb5_renew_tgt.c') diff --git a/src/providers/krb5/krb5_renew_tgt.c b/src/providers/krb5/krb5_renew_tgt.c index ccb7e6af6..b5eee697f 100644 --- a/src/providers/krb5/krb5_renew_tgt.c +++ b/src/providers/krb5/krb5_renew_tgt.c @@ -423,11 +423,11 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx) continue; } - /* The DNs of users in sysdb ends with ...,cn=domain.name,cn=sysdb, so - * the value of the component before the last (index 1) is the domain - * name. */ + /* The DNs of users in sysdb looks like + * name=username,cn=users,cn=domain.name,cn=sysdb + * the value of the third component (index 2) is the domain name. */ - user_dom_val = ldb_dn_get_component_val(msgs[c]->dn, 1); + user_dom_val = ldb_dn_get_component_val(msgs[c]->dn, 2); if (user_dom_val == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("Invalid user DN [%s].\n", ldb_dn_get_linearized(msgs[c]->dn))); -- cgit