Fixes #2203 by reading the server name from /etc/ipa/default.conf if not provided on the command line.
Simo. -- Simo Sorce * Red Hat, Inc * New York
From 8dd8176147c46b2af559c61dec469dfff5b82059 Mon Sep 17 00:00:00 2001 From: Simo Sorce <s...@redhat.com> Date: Mon, 23 Nov 2015 14:50:04 -0500 Subject: [PATCH] Support sourcing the IPA server name from config Use ding-libs to parse /etc/ipa/default.conf to find the IPA server to contact by default. Signed-off-by: Simo Sorce <s...@redhat.com> Ticket: https://fedorahosted.org/freeipa/ticket/2203 --- ipa-client/Makefile.am | 4 ++ ipa-client/configure.ac | 28 ++++++++++++++ ipa-client/ipa-getkeytab.c | 93 +++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 124 insertions(+), 1 deletion(-) diff --git a/ipa-client/Makefile.am b/ipa-client/Makefile.am index 0da351c6a28a4e2a216bec3f85d0500e4aef47ff..6c426779530f216b11dff0764132221ea2793289 100644 --- a/ipa-client/Makefile.am +++ b/ipa-client/Makefile.am @@ -15,6 +15,7 @@ export AM_CFLAGS KRB5_UTIL_DIR=../util KRB5_UTIL_SRCS=$(KRB5_UTIL_DIR)/ipa_krb5.c ASN1_UTIL_DIR=../asn1 +IPA_CONF_FILE=$(sysconfdir)/ipa/default.conf AM_CPPFLAGS = \ -I. \ @@ -27,11 +28,13 @@ AM_CPPFLAGS = \ -DLIBEXECDIR=\""$(libexecdir)"\" \ -DDATADIR=\""$(datadir)"\" \ -DLOCALEDIR=\""$(localedir)"\" \ + -DIPACONFFILE=\""$(IPA_CONF_FILE)"\" \ $(KRB5_CFLAGS) \ $(OPENLDAP_CFLAGS) \ $(SASL_CFLAGS) \ $(POPT_CFLAGS) \ $(WARN_CFLAGS) \ + $(INI_CFLAGS) \ $(NULL) sbin_PROGRAMS = \ @@ -53,6 +56,7 @@ ipa_getkeytab_LDADD = \ $(SASL_LIBS) \ $(POPT_LIBS) \ $(LIBINTL_LIBS) \ + $(INI_LIBS) \ $(NULL) ipa_rmkeytab_SOURCES = \ diff --git a/ipa-client/configure.ac b/ipa-client/configure.ac index 78da8e6e413b8becbd4c75422abffb670050f446..943c3f1b62f6a4947335178e9bcf1d45434a7e90 100644 --- a/ipa-client/configure.ac +++ b/ipa-client/configure.ac @@ -192,6 +192,34 @@ LIBS="$SAVELIBS" AC_SUBST(LIBINTL_LIBS) dnl --------------------------------------------------------------------------- +dnl - Check for libini_config +dnl --------------------------------------------------------------------------- +PKG_CHECK_MODULES([LIBINI_CONFIG], [ini_config >= 1.2.0], [have_libini_config=1], [have_libini_config=]) +if test x$have_libini_config = x; then + AC_MSG_WARN([Could not find LIBINI_CONFIG headers]) +else + INI_CONFIG_CFLAGS="`$PKG_CONFIG --cflags ini_config`" + INI_CONFIG_LIBS="`$PKG_CONFIG --libs ini_config`" + AC_CHECK_LIB(ini_config, ini_config_file_open, [], + [AC_MSG_WARN([ini_config library must support ini_config_file_open])], + [$INI_CONFIG_LIBS]) + AC_CHECK_LIB(ini_config, ini_config_augment, [], + [AC_MSG_WARN([ini_config library must support ini_config_augment])], + [$INI_CONFIG_LIBS]) +fi + +if test x$have_libini_config = x1; then + INI_CFLAGS="$INI_CONFIG_CFLAGS" + INI_LIBS="$INI_CONFIG_LIBS" +else + AC_MSG_ERROR([ini_config development packages not available]) +fi + +AC_SUBST(INI_LIBS) +AC_SUBST(INI_CFLAGS) + + +dnl --------------------------------------------------------------------------- dnl - Set the data install directory since we don't use pkgdatadir dnl --------------------------------------------------------------------------- diff --git a/ipa-client/ipa-getkeytab.c b/ipa-client/ipa-getkeytab.c index 15255d6a33c8c298f138868ac545d4ebea415fe5..9670d980fd1c2f00e28cf177425e9affee8c4097 100644 --- a/ipa-client/ipa-getkeytab.c +++ b/ipa-client/ipa-getkeytab.c @@ -36,6 +36,7 @@ #include <ldap.h> #include <sasl/sasl.h> #include <popt.h> +#include <ini_configobj.h> #include "config.h" @@ -596,6 +597,81 @@ static char *ask_password(krb5_context krbctx) return password; } +struct ipa_config { + const char *server_name; +}; + +static int config_from_file(struct ini_cfgobj *cfgctx) +{ + struct ini_cfgfile *fctx = NULL; + char **errors = NULL; + int ret; + + ret = ini_config_file_open(IPACONFFILE, 0, &fctx); + if (ret) { + fprintf(stderr, _("Failed to open config file %s\n"), IPACONFFILE); + return ret; + } + + ret = ini_config_parse(fctx, + INI_STOP_ON_ANY, + INI_MS_MERGE | INI_MV1S_ALLOW | INI_MV2S_ALLOW, + INI_PARSE_NOWRAP, + cfgctx); + if (ret) { + fprintf(stderr, _("Failed to parse config file %s\n"), IPACONFFILE); + if (ini_config_error_count(cfgctx)) { + ini_config_get_errors(cfgctx, &errors); + if (errors) { + ini_config_print_errors(stderr, errors); + ini_config_free_errors(errors); + } + } + ini_config_file_destroy(fctx); + return ret; + } + + ini_config_file_destroy(fctx); + return 0; +} + +int read_ipa_config(struct ipa_config **ipacfg) +{ + struct ini_cfgobj *cfgctx = NULL; + struct value_obj *obj = NULL; + int ret; + + *ipacfg = calloc(1, sizeof(struct ipa_config)); + if (!*ipacfg) { + return ENOMEM; + } + + ret = ini_config_create(&cfgctx); + if (ret) { + return ENOENT; + } + + ret = config_from_file(cfgctx); + if (ret) { + ini_config_destroy(cfgctx); + return EINVAL; + } + + ret = ini_get_config_valueobj("global", "server", cfgctx, + INI_GET_LAST_VALUE, &obj); + if (ret != 0 || obj == NULL) { + /* if called on an IPA server we need to look for 'host' instead */ + ret = ini_get_config_valueobj("global", "host", cfgctx, + INI_GET_LAST_VALUE, &obj); + } + + if (ret == 0 && obj != NULL) { + (*ipacfg)->server_name = ini_get_string_config_value(obj, &ret); + } + + return 0; +} + int main(int argc, const char *argv[]) { static const char *server = NULL; @@ -688,7 +764,7 @@ int main(int argc, const char *argv[]) exit (0); } - if (ret != -1 || !server || !principal || !keytab || permitted_enctypes) { + if (ret != -1 || !principal || !keytab || permitted_enctypes) { if (!quiet) { poptPrintUsage(pc, stderr, 0); } @@ -703,6 +779,21 @@ int main(int argc, const char *argv[]) exit(10); } + if (!server) { + struct ipa_config *ipacfg = NULL; + + ret = read_ipa_config(&ipacfg); + if (ret == 0) { + server = ipacfg->server_name; + ipacfg->server_name = NULL; + } + free(ipacfg); + if (!server) { + fprintf(stderr, _("Server name not provided and unavailable\n")); + exit(2); + } + } + if (askpass && retrieve) { fprintf(stderr, _("Incompatible options provided (-r and -P)\n")); exit(2); -- 2.5.0
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code