diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2016-06-13 12:35:15 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-07-07 10:28:28 +0200 |
| commit | 5a299e7c9f634ae86c9bd7e0a1e681aed79de6b5 (patch) | |
| tree | cd270f5ace23b94baee1cd31b0fb8e5f6209222b | |
| parent | fec23cc7cf28fbdac37e3413c5c9b5115d1e01b6 (diff) | |
| download | sssd-5a299e7c9f634ae86c9bd7e0a1e681aed79de6b5.tar.gz sssd-5a299e7c9f634ae86c9bd7e0a1e681aed79de6b5.tar.xz sssd-5a299e7c9f634ae86c9bd7e0a1e681aed79de6b5.zip | |
KRB5: Rely on sysdb names for the renewal task
The domain name is part of the domain name, so we can parse it from
there instead of relying on DN components.
Reviewed-by: Sumit Bose <sbose@redhat.com>
| -rw-r--r-- | src/providers/krb5/krb5_renew_tgt.c | 24 |
1 files changed, 6 insertions, 18 deletions
diff --git a/src/providers/krb5/krb5_renew_tgt.c b/src/providers/krb5/krb5_renew_tgt.c index 498097792..ea6b39deb 100644 --- a/src/providers/krb5/krb5_renew_tgt.c +++ b/src/providers/krb5/krb5_renew_tgt.c @@ -396,7 +396,6 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx) char *upn; const char *user_name; struct ldb_dn *base_dn; - const struct ldb_val *user_dom_val; char *user_dom; tmp_ctx = talloc_new(NULL); @@ -434,26 +433,15 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx) if (user_name == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "No user name found, this is a severe error, " - "but we ignore it here.\n"); + "but we ignore it here.\n"); continue; } - /* The DNs of users in sysdb looks like - * name=username,cn=users,cn=domain.name,cn=sysdb - * the value of the third component (index 2) is the domain name. */ - - user_dom_val = ldb_dn_get_component_val(msgs[c]->dn, 2); - if (user_dom_val == NULL) { - DEBUG(SSSDBG_OP_FAILURE, "Invalid user DN [%s].\n", - ldb_dn_get_linearized(msgs[c]->dn)); - ret = EINVAL; - goto done; - } - user_dom = talloc_strndup(tmp_ctx, (char *) user_dom_val->data, - user_dom_val->length); - if (user_dom == NULL) { - DEBUG(SSSDBG_OP_FAILURE, "talloc_strndup failed,\n"); - ret = ENOMEM; + ret = sss_parse_internal_fqname(tmp_ctx, user_name, NULL, &user_dom); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "Cannot parse internal fqname [%d]: %s\n", + ret, sss_strerror(ret)); goto done; } |