diff options
| author | Jan Zeleny <jzeleny@redhat.com> | 2012-06-05 15:07:10 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-08-01 16:19:42 +0200 |
| commit | 07b7b76d7cd494cbd26263503ba2732c21819941 (patch) | |
| tree | 860a74f647b7b1b28fedaf2de808693ae28e8dd4 /src/providers/ldap | |
| parent | f6cd1236c27817b97db002094b76648d92b55f82 (diff) | |
| download | sssd_unused-07b7b76d7cd494cbd26263503ba2732c21819941.tar.gz sssd_unused-07b7b76d7cd494cbd26263503ba2732c21819941.tar.xz sssd_unused-07b7b76d7cd494cbd26263503ba2732c21819941.zip | |
Primary server support: new options in krb5 provider
This patch adds support for new config options krb5_backup_server and
krb5_backup_kpasswd. The description of this option's functionality
is included in man page in one of previous patches.
Diffstat (limited to 'src/providers/ldap')
| -rw-r--r-- | src/providers/ldap/ldap_common.c | 7 | ||||
| -rw-r--r-- | src/providers/ldap/ldap_opts.h | 1 | ||||
| -rw-r--r-- | src/providers/ldap/sdap.h | 1 |
3 files changed, 5 insertions, 4 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 76236743..b9fef086 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -1041,6 +1041,7 @@ int sdap_gssapi_init(TALLOC_CTX *mem_ctx, { int ret; const char *krb5_servers; + const char *krb5_backup_servers; const char *krb5_realm; const char *krb5_opt_realm; struct krb5_service *service = NULL; @@ -1050,9 +1051,7 @@ int sdap_gssapi_init(TALLOC_CTX *mem_ctx, if (tmp_ctx == NULL) return ENOMEM; krb5_servers = dp_opt_get_string(opts, SDAP_KRB5_KDC); - if (krb5_servers == NULL) { - DEBUG(SSSDBG_CONF_SETTINGS, ("Missing krb5_server option, using service discovery!\n")); - } + krb5_backup_servers = dp_opt_get_string(opts, SDAP_KRB5_BACKUP_KDC); krb5_opt_realm = dp_opt_get_string(opts, SDAP_KRB5_REALM); if (krb5_opt_realm == NULL) { @@ -1072,7 +1071,7 @@ int sdap_gssapi_init(TALLOC_CTX *mem_ctx, } ret = krb5_service_init(mem_ctx, bectx, SSS_KRB5KDC_FO_SRV, krb5_servers, - NULL, krb5_realm, &service); + krb5_backup_servers, krb5_realm, &service); if (ret != EOK) { DEBUG(0, ("Failed to init KRB5 failover service!\n")); goto done; diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h index 9be6a0f6..4e876bdc 100644 --- a/src/providers/ldap/ldap_opts.h +++ b/src/providers/ldap/ldap_opts.h @@ -76,6 +76,7 @@ struct dp_option default_basic_opts[] = { { "ldap_krb5_init_creds", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE }, /* use the same parm name as the krb5 module so we set it only once */ { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING }, + { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "krb5_canonicalize", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE }, { "ldap_pwd_policy", DP_OPT_STRING, { "none" }, NULL_STRING }, diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h index 70b4e6ad..01c33e42 100644 --- a/src/providers/ldap/sdap.h +++ b/src/providers/ldap/sdap.h @@ -194,6 +194,7 @@ enum sdap_basic_opt { SDAP_KRB5_KEYTAB, SDAP_KRB5_KINIT, SDAP_KRB5_KDC, + SDAP_KRB5_BACKUP_KDC, SDAP_KRB5_REALM, SDAP_KRB5_CANONICALIZE, SDAP_PWD_POLICY, |