diff options
| author | Sumit Bose <sbose@redhat.com> | 2016-07-18 17:19:36 +0200 |
|---|---|---|
| committer | Lukas Slebodnik <lslebodn@redhat.com> | 2016-07-25 14:14:02 +0200 |
| commit | 5e40ba3168e21dbd5fa1812d6f2fc95f508a9e6e (patch) | |
| tree | 7fceeea45188221ce032f623bb3cd7b1d22018ea /src/util/domain_info_utils.c | |
| parent | 6c82774653f37945bdd0a311eb1ecc289cac683d (diff) | |
| download | sssd-5e40ba3168e21dbd5fa1812d6f2fc95f508a9e6e.tar.gz sssd-5e40ba3168e21dbd5fa1812d6f2fc95f508a9e6e.tar.xz sssd-5e40ba3168e21dbd5fa1812d6f2fc95f508a9e6e.zip | |
IPA: fix [capaths] output
the capaths for a single domain should be collected in a single
sub-section in the MIT Kerberos configuration not spread over multiple
one. See the capaths section of the krb5.conf man page for details.
Resolves:
https://fedorahosted.org/sssd/ticket/3103
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/util/domain_info_utils.c')
| -rw-r--r-- | src/util/domain_info_utils.c | 29 |
1 files changed, 26 insertions, 3 deletions
diff --git a/src/util/domain_info_utils.c b/src/util/domain_info_utils.c index 360f70376..8cdd50d8d 100644 --- a/src/util/domain_info_utils.c +++ b/src/util/domain_info_utils.c @@ -280,6 +280,7 @@ sss_write_domain_mappings(struct sss_domain_info *domain) bool capaths_started = false; char *uc_forest; char *uc_parent; + char *parent_capaths = NULL; if (domain == NULL || domain->name == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "No domain name provided\n"); @@ -399,9 +400,31 @@ sss_write_domain_mappings(struct sss_domain_info *domain) capaths_started = true; } - ret = fprintf(fstream, "%s = {\n %s = %s\n}\n%s = {\n %s = %s\n}\n", - dom->realm, uc_parent, uc_forest, - uc_parent, dom->realm, uc_forest); + ret = fprintf(fstream, "%s = {\n %s = %s\n}\n", + dom->realm, uc_parent, uc_forest); + if (ret < 0) { + DEBUG(SSSDBG_CRIT_FAILURE, "fprintf failed\n"); + goto done; + } + + if (parent_capaths == NULL) { + parent_capaths = talloc_asprintf(tmp_ctx, " %s = %s\n", dom->realm, + uc_forest); + } else { + parent_capaths = talloc_asprintf_append(parent_capaths, + " %s = %s\n", dom->realm, + uc_forest); + } + if (parent_capaths == NULL) { + DEBUG(SSSDBG_OP_FAILURE, + "talloc_asprintf/talloc_asprintf_append failed.\n"); + ret = ENOMEM; + goto done; + } + } + + if (parent_capaths != NULL) { + ret = fprintf(fstream, "%s = {\n%s}\n", uc_parent, parent_capaths); if (ret < 0) { DEBUG(SSSDBG_CRIT_FAILURE, "fprintf failed\n"); goto done; |