diff options
| author | Justin Stephenson <jstephen@redhat.com> | 2016-08-10 11:27:01 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-08-16 20:21:29 +0200 |
| commit | e915f42093add45a11208e871c9abdf7ab2bfbdc (patch) | |
| tree | ba03de1a9c7ad8e283688013db7d02dcdf652621 /src/providers/ipa | |
| parent | 00f3fbb66e882213a78a7ad0a4f9190d0838c830 (diff) | |
| download | sssd-e915f42093add45a11208e871c9abdf7ab2bfbdc.tar.gz sssd-e915f42093add45a11208e871c9abdf7ab2bfbdc.tar.xz sssd-e915f42093add45a11208e871c9abdf7ab2bfbdc.zip | |
Warn if IP address is used as option for ipa_server/ad_server
GSSAPI is dependent on DNS with hostnames and we should warn about this.
Resolves:
https://fedorahosted.org/sssd/ticket/2789
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers/ipa')
| -rw-r--r-- | src/providers/ipa/ipa_common.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index b15ccc6ee..657994508 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -831,6 +831,7 @@ static errno_t _ipa_servers_init(struct be_ctx *ctx, char *ipa_domain; int ret = 0; int i; + int j; tmp_ctx = talloc_new(NULL); if (!tmp_ctx) { @@ -844,6 +845,14 @@ static errno_t _ipa_servers_init(struct be_ctx *ctx, goto done; } + for (j = 0; list[j]; j++) { + if (resolv_is_address(list[j])) { + DEBUG(SSSDBG_IMPORTANT_INFO, + "ipa_server [%s] is detected as IP address, " + "this can cause GSSAPI problems\n", list[j]); + } + } + /* now for each one add a new server to the failover service */ for (i = 0; list[i]; i++) { |