svn commit: samba r9931 - in branches/SAMBA_4_0/source: heimdal/lib/krb5 kdc

abartlet at samba.org abartlet at samba.org
Thu Sep 1 23:31:52 GMT 2005


Author: abartlet
Date: 2005-09-01 23:31:51 +0000 (Thu, 01 Sep 2005)
New Revision: 9931

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9931

Log:
Make use of new 'norealm' parsing functions rather than strchr(p '@').

Merge these norealm functions from lorikeet-heimdal.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/heimdal/lib/krb5/krb5-protos.h
   branches/SAMBA_4_0/source/heimdal/lib/krb5/principal.c
   branches/SAMBA_4_0/source/kdc/hdb-ldb.c


Changeset:
Modified: branches/SAMBA_4_0/source/heimdal/lib/krb5/krb5-protos.h
===================================================================
--- branches/SAMBA_4_0/source/heimdal/lib/krb5/krb5-protos.h	2005-09-01 23:26:50 UTC (rev 9930)
+++ branches/SAMBA_4_0/source/heimdal/lib/krb5/krb5-protos.h	2005-09-01 23:31:51 UTC (rev 9931)
@@ -2377,6 +2377,12 @@
 	const char */*name*/,
 	krb5_principal */*principal*/);
 
+krb5_error_code KRB5_LIB_FUNCTION
+krb5_parse_name_norealm (
+	krb5_context /*context*/,
+	const char */*name*/,
+	krb5_principal */*principal*/);
+
 const char* KRB5_LIB_FUNCTION
 krb5_passwd_result_to_string (
 	krb5_context /*context*/,
@@ -3430,6 +3436,13 @@
 krb5_error_code KRB5_LIB_FUNCTION
 krb5_xfree (void */*ptr*/);
 
+krb5_error_code
+parse_name (
+	krb5_context /*context*/,
+	const char */*name*/,
+	krb5_boolean /*short_form*/,
+	krb5_principal */*principal*/);
+
 #ifdef __cplusplus
 }
 #endif

Modified: branches/SAMBA_4_0/source/heimdal/lib/krb5/principal.c
===================================================================
--- branches/SAMBA_4_0/source/heimdal/lib/krb5/principal.c	2005-09-01 23:26:50 UTC (rev 9930)
+++ branches/SAMBA_4_0/source/heimdal/lib/krb5/principal.c	2005-09-01 23:31:51 UTC (rev 9931)
@@ -91,10 +91,11 @@
     return princ_ncomp(principal, component);
 }
 
-krb5_error_code KRB5_LIB_FUNCTION
-krb5_parse_name(krb5_context context,
-		const char *name,
-		krb5_principal *principal)
+krb5_error_code 
+parse_name(krb5_context context,
+	   const char *name,
+	   krb5_boolean short_form,
+	   krb5_principal *principal)
 {
     krb5_error_code ret;
     heim_general_string *comp;
@@ -184,19 +185,29 @@
 	}
 	*q++ = c;
     }
-    if(got_realm){
-	realm = malloc(q - start + 1);
-	if (realm == NULL) {
-	    krb5_set_error_string (context, "malloc: out of memory");
-	    ret = ENOMEM;
+    if (got_realm) {
+	if (short_form) {
+	    krb5_set_error_string (context, "realm found in 'short' principal expected to be without one!");
+	    ret = KRB5_PARSE_MALFORMED;
 	    goto exit;
+	} else {
+	    realm = malloc(q - start + 1);
+	    if (realm == NULL) {
+		krb5_set_error_string (context, "malloc: out of memory");
+		ret = ENOMEM;
+		goto exit;
+	    }
+	    memcpy(realm, start, q - start);
+	    realm[q - start] = 0;
 	}
-	memcpy(realm, start, q - start);
-	realm[q - start] = 0;
     }else{
-	ret = krb5_get_default_realm (context, &realm);
-	if (ret)
-	    goto exit;
+	if (short_form) {
+	    ret = krb5_get_default_realm (context, &realm);
+	    if (ret)
+	        goto exit;
+	} else {
+	    realm = NULL;
+	}
 
 	comp[n] = malloc(q - start + 1);
 	if (comp[n] == NULL) {
@@ -229,6 +240,21 @@
     return ret;
 }
 
+krb5_error_code KRB5_LIB_FUNCTION
+krb5_parse_name(krb5_context context,
+		const char *name,
+		krb5_principal *principal)
+{
+    return parse_name(context, name, FALSE, principal);
+}
+
+krb5_error_code KRB5_LIB_FUNCTION
+krb5_parse_name_norealm(krb5_context context,
+			const char *name,
+			krb5_principal *principal)
+{
+    return parse_name(context, name, TRUE, principal);
+}
 static const char quotable_chars[] = " \n\t\b\\/@";
 static const char replace_chars[] = " ntb\\/@";
 
@@ -323,12 +349,17 @@
     int i;
     krb5_error_code ret;
     /* count length */
-    plen = strlen(princ_realm(principal));
-    if(strcspn(princ_realm(principal), quotable_chars) == plen)
-	len += plen;
-    else
-	len += 2*plen;
-    len++;
+    if (!short_flag) {
+	plen = strlen(princ_realm(principal));
+	if(strcspn(princ_realm(principal), quotable_chars) == plen)
+	    len += plen;
+	else
+	    len += 2*plen;
+	len++;
+    } else {
+	len = 0;
+    }
+
     for(i = 0; i < princ_num_comp(principal); i++){
 	plen = strlen(princ_ncomp(principal, i));
 	if(strcspn(princ_ncomp(principal, i), quotable_chars) == plen)

Modified: branches/SAMBA_4_0/source/kdc/hdb-ldb.c
===================================================================
--- branches/SAMBA_4_0/source/kdc/hdb-ldb.c	2005-09-01 23:26:50 UTC (rev 9930)
+++ branches/SAMBA_4_0/source/kdc/hdb-ldb.c	2005-09-01 23:31:51 UTC (rev 9931)
@@ -454,11 +454,11 @@
 	int count;
 	char *filter = NULL;
 	const char * const *princ_attrs = krb5_attrs;
-	char *p;
 
 	char *princ_str;
 	char *princ_str_talloc;
 	char *short_princ;
+	char *short_princ_talloc;
 
 	char *realm_dn_str;
 
@@ -481,20 +481,24 @@
 		return ret;
 	}
 
+	ret = krb5_unparse_name_norealm(context, &princ, &short_princ);
+
+	if (ret != 0) {
+		free(princ_str);
+		krb5_set_error_string(context, "LDB_lookup_principal: could not parse principal");
+		krb5_warnx(context, "LDB_lookup_principal: could not parse principal");
+		return ret;
+	}
+
 	princ_str_talloc = talloc_strdup(mem_ctx, princ_str);
-	short_princ = talloc_strdup(mem_ctx, princ_str);
+	short_princ_talloc = talloc_strdup(mem_ctx, short_princ);
 	free(princ_str);
+	free(short_princ);
 	if (!short_princ || !princ_str_talloc) {
 		krb5_set_error_string(context, "LDB_lookup_principal: talloc_strdup() failed!");
 		return ENOMEM;
 	}
 
-	p = strchr(short_princ, '@');
-	if (p) {
-		p[0] = '\0';
-	}
-
-	
 	switch (ent_type) {
 	case HDB_LDB_ENT_TYPE_KRBTGT:
 		filter = talloc_asprintf(mem_ctx, "(&(objectClass=user)(samAccountName=%s))", 
@@ -502,15 +506,15 @@
 		break;
 	case HDB_LDB_ENT_TYPE_CLIENT:
 		filter = talloc_asprintf(mem_ctx, "(&(objectClass=user)(|(samAccountName=%s)(userPrincipalName=%s)))", 
-					 short_princ, princ_str_talloc);
+					 short_princ_talloc, princ_str_talloc);
 		break;
 	case HDB_LDB_ENT_TYPE_SERVER:
 		filter = talloc_asprintf(mem_ctx, "(&(objectClass=user)(|(samAccountName=%s)(servicePrincipalName=%s)))", 
-					 short_princ, short_princ);
+					 short_princ_talloc, short_princ_talloc);
 		break;
 	case HDB_LDB_ENT_TYPE_ANY:
 		filter = talloc_asprintf(mem_ctx, "(&(objectClass=user)(|(|(samAccountName=%s)(servicePrincipalName=%s))(userPrincipalName=%s)))", 
-					 short_princ, short_princ, princ_str_talloc);
+					 short_princ_talloc, short_princ_talloc, princ_str_talloc);
 		break;
 	}
 



More information about the samba-cvs mailing list