svn commit: samba r5758 - in trunk/source/libads: .

jra at samba.org jra at samba.org
Fri Mar 11 20:59:08 GMT 2005


Author: jra
Date: 2005-03-11 20:59:08 +0000 (Fri, 11 Mar 2005)
New Revision: 5758

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=5758

Log:
Patch from Doug VanLeuven <roamdad at sonic.net> to add more case/realm/name
permutations to the kerberos keytab.
Jeremy.

Modified:
   trunk/source/libads/kerberos_keytab.c


Changeset:
Modified: trunk/source/libads/kerberos_keytab.c
===================================================================
--- trunk/source/libads/kerberos_keytab.c	2005-03-11 18:50:09 UTC (rev 5757)
+++ trunk/source/libads/kerberos_keytab.c	2005-03-11 20:59:08 UTC (rev 5758)
@@ -440,11 +440,13 @@
 	krb5_kt_cursor cursor;
 	krb5_keytab_entry kt_entry;
 	krb5_kvno kvno;
-	fstring my_fqdn, my_Fqdn, my_name, my_NAME;
+	fstring my_fqdn, my_Fqdn, my_name, my_NAME, my_host_realm;
 	char *p_fqdn;
 	int i, found = 0;
-	char **oldEntries = NULL, *princ_s[18];;
+	char **oldEntries = NULL, *princ_s[26];
 
+	memset(princ_s, '\0', sizeof(princ_s));
+
 	ret = ads_keytab_add_entry(ads, "host");
 	if (ret) {
 		DEBUG(1,("ads_keytab_create_default: ads_keytab_add_entry failed while adding 'host'.\n"));
@@ -472,6 +474,11 @@
 		fstrcat(my_Fqdn, p_fqdn);
 	}
 
+	fstrcpy(my_host_realm, my_name);
+	fstrcat(my_host_realm, ".");
+	fstrcat(my_host_realm, lp_realm());
+	strlower_m(my_host_realm);
+
 	asprintf(&princ_s[0], "%s$@%s", my_name, lp_realm());
 	asprintf(&princ_s[1], "%s$@%s", my_NAME, lp_realm());
 	asprintf(&princ_s[2], "host/%s@%s", my_name, lp_realm());
@@ -490,7 +497,19 @@
 	asprintf(&princ_s[15], "CIFS/%s@%s", my_NAME, lp_realm());
 	asprintf(&princ_s[16], "CIFS/%s@%s", my_fqdn, lp_realm());
 	asprintf(&princ_s[17], "CIFS/%s@%s", my_Fqdn, lp_realm());
+	asprintf(&princ_s[18], "cifs/%s.%s@%s", my_name, lp_realm(), lp_realm());
+	asprintf(&princ_s[19], "CIFS/%s.%s@%s", my_name, lp_realm(), lp_realm());
+	asprintf(&princ_s[20], "host/%s.%s@%s", my_name, lp_realm(), lp_realm());
+	asprintf(&princ_s[21], "HOST/%s.%s@%s", my_name, lp_realm(), lp_realm());
 
+	/* when dnsdomain == realm, don't add duplicate principal */
+	if (!strequal(my_host_realm, my_fqdn)) {
+		asprintf(&princ_s[22], "cifs/%s@%s", my_host_realm, lp_realm());
+		asprintf(&princ_s[23], "CIFS/%s@%s", my_host_realm, lp_realm());
+		asprintf(&princ_s[24], "host/%s@%s", my_host_realm, lp_realm());
+		asprintf(&princ_s[25], "HOST/%s@%s", my_host_realm, lp_realm());
+	}
+
 	for (i = 0; i < sizeof(princ_s) / sizeof(princ_s[0]); i++) {
 		if (princ_s[i] != NULL) {
 			ret = ads_keytab_add_entry(ads, princ_s[i]);



More information about the samba-cvs mailing list