All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH]: gssd: Fix preferred_realm option handling
@ 2013-06-20 19:56 Maximilian Wilhelm
  2013-07-01 16:04 ` Steve Dickson
  0 siblings, 1 reply; 7+ messages in thread
From: Maximilian Wilhelm @ 2013-06-20 19:56 UTC (permalink / raw)
  To: steved; +Cc: linux-nfs

[-- Attachment #1: Type: text/plain, Size: 339 bytes --]


Hi,

the gssd currently ignores any preferred realm given via the -R
command line option.

The attached patch fixes that behaviour and makes sure the
preferrred_realm is used first when searching for a valid principal
for mount authentication.

I would be happy if you would apply this. This would close bug #235 in
bugzilla.

Thanks
Max

[-- Attachment #2: gssd_fix_preferred_realm.patch --]
[-- Type: text/x-diff, Size: 1339 bytes --]

commit 36784e52650fb08d9012a243365693f2a0eb1f93
Author: Maximilian Wilhelm <max@rfc2324.org>
Date:   Thu Jun 20 21:30:17 2013 +0200

    Fix handling of preferred realm command line option.

      The current implementation ignores any preferred realm specified on the
      command line. Fix this behaviour and make sure the preferred realm is
      used as first realm when trying to acquire a keytab entry.

    Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
    Signed-off-by: Frederik Moellers <frederik.moellers@upb.de>

diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 6275dd8..d6bf8cc 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -852,11 +852,18 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
 	}
 
 	/*
-	 * Try the "appropriate" realm first, and if nothing found for that
-	 * realm, try the default realm (if it hasn't already been tried).
+	 * Make sure the preferred_realm, which may have been explicitly set
+	 * on the command line, is tried first. If nothing is found go on with
+	 * the host and local default realm (if that hasn't already been tried).
 	 */
 	i = 0;
 	realm = realmnames[i];
+
+	if (strcmp (realm, preferred_realm) != 0) {
+		realm = preferred_realm;
+		i = -1;
+	}
+
 	while (1) {
 		if (realm == NULL) {
 			tried_all = 1;

^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [PATCH]: gssd: Fix preferred_realm option handling
  2013-06-20 19:56 [PATCH]: gssd: Fix preferred_realm option handling Maximilian Wilhelm
@ 2013-07-01 16:04 ` Steve Dickson
  0 siblings, 0 replies; 7+ messages in thread
From: Steve Dickson @ 2013-07-01 16:04 UTC (permalink / raw)
  To: linux-nfs



On 20/06/13 15:56, Maximilian Wilhelm wrote:
> 
> Hi,
> 
> the gssd currently ignores any preferred realm given via the -R
> command line option.
> 
> The attached patch fixes that behaviour and makes sure the
> preferrred_realm is used first when searching for a valid principal
> for mount authentication.
> 
> I would be happy if you would apply this. This would close bug #235 in
> bugzilla.
Committed! 

steved.
> 
> Thanks
> Max
> 

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH]: gssd: Fix preferred_realm option handling
  2013-06-17 17:02   ` Maximilian Wilhelm
  2013-06-18 17:14     ` J. Bruce Fields
@ 2013-06-24 17:00     ` Steve Dickson
  1 sibling, 0 replies; 7+ messages in thread
From: Steve Dickson @ 2013-06-24 17:00 UTC (permalink / raw)
  To: linux-nfs



On 17/06/13 13:02, Maximilian Wilhelm wrote:
> Anno domini 2013 Jim Rees scripsit:
> 
>> Maximilian Wilhelm wrote:
> 
>>   +	 * Make sure the preferred_realm (which may have been explicitly set
>>   +	 * on the command line, is tried first. If nothing is found go on with
>>   +	 * the host and local default realm (if that hasn't already been tried).
> 
>> You're missing a close paren there somewhere.
> 
> Indeed. The first '(' should have been a ','.
> 
> Anyone willing to apply this?
Its on my TODO list... and I'll fix the comment up...

steved.

> 
> Thanks
> Max
> 

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH]: gssd: Fix preferred_realm option handling
  2013-06-17 17:02   ` Maximilian Wilhelm
@ 2013-06-18 17:14     ` J. Bruce Fields
  2013-06-24 17:00     ` Steve Dickson
  1 sibling, 0 replies; 7+ messages in thread
From: J. Bruce Fields @ 2013-06-18 17:14 UTC (permalink / raw)
  To: linux-nfs

On Mon, Jun 17, 2013 at 07:02:47PM +0200, Maximilian Wilhelm wrote:
> Anno domini 2013 Jim Rees scripsit:
> 
> > Maximilian Wilhelm wrote:
> 
> >   +	 * Make sure the preferred_realm (which may have been explicitly set
> >   +	 * on the command line, is tried first. If nothing is found go on with
> >   +	 * the host and local default realm (if that hasn't already been tried).
> 
> > You're missing a close paren there somewhere.
> 
> Indeed. The first '(' should have been a ','.
> 
> Anyone willing to apply this?

Note nfs-utils patches should go to steved@redhat.com, cc'd to this
list.

But also note this is the week of the Ann Arbor bakeathon so many of us
will be less responsive this week.

--b.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH]: gssd: Fix preferred_realm option handling
  2013-06-11 11:41 ` Jim Rees
@ 2013-06-17 17:02   ` Maximilian Wilhelm
  2013-06-18 17:14     ` J. Bruce Fields
  2013-06-24 17:00     ` Steve Dickson
  0 siblings, 2 replies; 7+ messages in thread
From: Maximilian Wilhelm @ 2013-06-17 17:02 UTC (permalink / raw)
  To: linux-nfs

Anno domini 2013 Jim Rees scripsit:

> Maximilian Wilhelm wrote:

>   +	 * Make sure the preferred_realm (which may have been explicitly set
>   +	 * on the command line, is tried first. If nothing is found go on with
>   +	 * the host and local default realm (if that hasn't already been tried).

> You're missing a close paren there somewhere.

Indeed. The first '(' should have been a ','.

Anyone willing to apply this?

Thanks
Max
-- 
Fortschritt bedeutet, einen Schritt so zu machen,
daß man den nächsten auch noch machen kann.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH]: gssd: Fix preferred_realm option handling
  2013-06-11  9:34 Maximilian Wilhelm
@ 2013-06-11 11:41 ` Jim Rees
  2013-06-17 17:02   ` Maximilian Wilhelm
  0 siblings, 1 reply; 7+ messages in thread
From: Jim Rees @ 2013-06-11 11:41 UTC (permalink / raw)
  To: linux-nfs

Maximilian Wilhelm wrote:

  +	 * Make sure the preferred_realm (which may have been explicitly set
  +	 * on the command line, is tried first. If nothing is found go on with
  +	 * the host and local default realm (if that hasn't already been tried).

You're missing a close paren there somewhere.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [PATCH]: gssd: Fix preferred_realm option handling
@ 2013-06-11  9:34 Maximilian Wilhelm
  2013-06-11 11:41 ` Jim Rees
  0 siblings, 1 reply; 7+ messages in thread
From: Maximilian Wilhelm @ 2013-06-11  9:34 UTC (permalink / raw)
  To: linux-nfs

[-- Attachment #1: Type: text/plain, Size: 338 bytes --]

Hi,

the gssd currently ignores any preferred realm given via the -R
command line option.

The attached patch fixes that behaviour and makes sure the
preferrred_realm is used first when searching for a valid principal
for mount authentication.

I would be happy if you would apply this. This would close bug #235 in
bugzilla.

Thanks
Max

[-- Attachment #2: gssd_fix_preferred_realm.patch --]
[-- Type: text/x-diff, Size: 1347 bytes --]

commit 722bd62d1e6a9d38db57e919d914a371e67d804d
Author: Maximilian Wilhelm <max@rfc2324.org>
Date:   Fri May 24 14:46:41 2013 +0200

    Fix handling of preferred realm command line option.
    
      The current implementation ignores any preferred realm specified on the
      command line. Fix this behaviour and make sure the preferred realm is
      used as first realm when trying to acquire a keytab entry.
    
    Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
    Signed-off-by: Frederik Moellers <frederik.moellers@upb.de>

diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 6275dd8..fb706a8 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -852,11 +852,18 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
 	}
 
 	/*
-	 * Try the "appropriate" realm first, and if nothing found for that
-	 * realm, try the default realm (if it hasn't already been tried).
+	 * Make sure the preferred_realm (which may have been explicitly set
+	 * on the command line, is tried first. If nothing is found go on with
+	 * the host and local default realm (if that hasn't already been tried).
 	 */
 	i = 0;
 	realm = realmnames[i];
+
+	if (strcmp (realm, preferred_realm) != 0) {
+		realm = preferred_realm;
+		i = -1;
+	}
+
 	while (1) {
 		if (realm == NULL) {
 			tried_all = 1;

^ permalink raw reply related	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2013-07-01 16:04 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-06-20 19:56 [PATCH]: gssd: Fix preferred_realm option handling Maximilian Wilhelm
2013-07-01 16:04 ` Steve Dickson
  -- strict thread matches above, loose matches on Subject: below --
2013-06-11  9:34 Maximilian Wilhelm
2013-06-11 11:41 ` Jim Rees
2013-06-17 17:02   ` Maximilian Wilhelm
2013-06-18 17:14     ` J. Bruce Fields
2013-06-24 17:00     ` Steve Dickson

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.