subject:"\[PATCH\] Joining domains specifying auth realm"

RE: [PATCH] Joining domains specifying auth realm

2003-03-17 Thread Ken Cross

BTW, the patch also includes two more lines of output for "net ads info"
-- the KDC server and server time offset.  I find them useful for
helping to automate the join process.  

Ken


Ken Cross

Network Storage Solutions
Phone 865.675.4070 ext 31
[EMAIL PROTECTED] 

> -Original Message-
> From: 
> [EMAIL PROTECTED]
>  
> [mailto:[EMAIL PROTECTED]
> amba.org] On Behalf Of Ken Cross
> Sent: Monday, March 17, 2003 8:48 AM
> To: 'Andrew Bartlett'
> Cc: 'Multiple recipients of list SAMBA-TECHNICAL'
> Subject: RE: [PATCH] Joining domains specifying auth realm
> 
> 
> Andrew:
> 
> Patch to HEAD below -- sorry, should have realized that.
> 
> The reason I had to change it was that ads_set_machine_password uses
> ads->auth.realm to build the principal name.  Should that be 
> ads->config.realm?
> 
> Ken
> 
> 
> Ken Cross
> 
> Network Storage Solutions
> Phone 865.675.4070 ext 31
> [EMAIL PROTECTED] 
> 
> > -Original Message-
> > From: Andrew Bartlett [mailto:[EMAIL PROTECTED]
> > Sent: Sunday, March 16, 2003 11:24 PM
> > To: Ken Cross
> > Cc: 'Multiple recipients of list SAMBA-TECHNICAL'; 'Andrew Bartlett'
> > Subject: Re: [PATCH] Joining domains specifying auth realm
> > 
> > 
> > On Sat, 2003-03-15 at 03:01, Ken Cross wrote:
> > > Let's try this again.  The previous patch I submitted
> > didn't work in
> > > some configurations.  (ads->auth.realm needs to be
> > preserved over the
> > > ads_connect call.)
> > 
> > If it's not preserved, won't it be free()ed in the process?
> > 
> > And shouldn't change the code that's clobbering it instead?
> > 
> > I applied the previous patch - can you get me the changes
> > against current HEAD?
> > 
> > Andrew Bartlett
> > 
> > -- 
> > Andrew Bartlett [EMAIL PROTECTED]
> > Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
> > Student Network Administrator, Hawker College   [EMAIL PROTECTED]
> > http://samba.org http://build.samba.org http://hawkerc.net
> > 
> 
>

RE: [PATCH] Joining domains specifying auth realm

2003-03-17 Thread Ken Cross

Andrew:

Patch to HEAD below -- sorry, should have realized that.

The reason I had to change it was that ads_set_machine_password uses
ads->auth.realm to build the principal name.  Should that be
ads->config.realm?

Ken


Ken Cross

Network Storage Solutions
Phone 865.675.4070 ext 31
[EMAIL PROTECTED] 

> -Original Message-
> From: Andrew Bartlett [mailto:[EMAIL PROTECTED] 
> Sent: Sunday, March 16, 2003 11:24 PM
> To: Ken Cross
> Cc: 'Multiple recipients of list SAMBA-TECHNICAL'; 'Andrew Bartlett'
> Subject: Re: [PATCH] Joining domains specifying auth realm
> 
> 
> On Sat, 2003-03-15 at 03:01, Ken Cross wrote:
> > Let's try this again.  The previous patch I submitted 
> didn't work in 
> > some configurations.  (ads->auth.realm needs to be 
> preserved over the 
> > ads_connect call.)
> 
> If it's not preserved, won't it be free()ed in the process?
> 
> And shouldn't change the code that's clobbering it instead?
> 
> I applied the previous patch - can you get me the changes 
> against current HEAD?
> 
> Andrew Bartlett
> 
> -- 
> Andrew Bartlett [EMAIL PROTECTED]
> Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
> Student Network Administrator, Hawker College   [EMAIL PROTECTED]
> http://samba.org http://build.samba.org http://hawkerc.net
> 
--- /tmp/samba/source/utils/net_ads.c   Sat Mar 15 21:14:05 2003
+++ utils/net_ads.c Mon Mar 17 08:26:50 2003
@@ -109,6 +107,9 @@ static int net_ads_info(int argc, const 
d_printf("LDAP port: %d\n", ads->ldap_port);
d_printf("Server time: %s\n", http_timestring(ads->config.current_time));
 
+   d_printf("KDC server: %s\n", ads->auth.kdc_server );   /* KJC */
+   d_printf("Server time offset: %d\n", ads->auth.time_offset );  /* KJC */
+
return 0;
 }
 
@@ -124,7 +125,7 @@ static ADS_STRUCT *ads_startup(void)
ADS_STATUS status;
BOOL need_password = False;
BOOL second_time = False;
-   char *realm;
+   char *realm, *realm_save = NULL;

ads = ads_init(NULL, NULL, opt_host);
 
@@ -154,14 +156,26 @@ retry:
/*
 * If the username is of the form "[EMAIL PROTECTED]", 
 * extract the realm and convert to upper case.
+* This is only used to establish the connection.
 */
+   realm_save = ads->auth.realm;
if ((realm = strchr(ads->auth.user_name, '@'))) {
*realm++ = '\0';
-   ads->auth.realm = strdup(realm);
+   ads->auth.realm = realm;
strupper(ads->auth.realm);
}
 
status = ads_connect(ads);
+
+   /*
+* Restore the realm name.  If there wasn't one,
+* default to the configuration realm.
+*/
+   if( realm_save == NULL )
+   realm_save = strdup(ads->config.realm);
+
+   ads->auth.realm = realm_save;
+
if (!ADS_ERR_OK(status)) {
if (!need_password && !second_time) {
need_password = True;

Re: [PATCH] Joining domains specifying auth realm

2003-03-16 Thread Andrew Bartlett

On Sat, 2003-03-15 at 03:01, Ken Cross wrote:
> Let's try this again.  The previous patch I submitted didn't work in
> some configurations.  (ads->auth.realm needs to be preserved over the
> ads_connect call.)

If it's not preserved, won't it be free()ed in the process?

And shouldn't change the code that's clobbering it instead?

I applied the previous patch - can you get me the changes against
current HEAD?

Andrew Bartlett

-- 
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
Student Network Administrator, Hawker College   [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net


signature.asc
Description: This is a digitally signed message part

[PATCH] Joining domains specifying auth realm

2003-03-14 Thread Ken Cross

Let's try this again.  The previous patch I submitted didn't work in
some configurations.  (ads->auth.realm needs to be preserved over the
ads_connect call.)

This patch is for SAMBA_3_0.

Ken


Ken Cross

Network Storage Solutions
Phone 865.675.4070 ext 31
[EMAIL PROTECTED] 



RCS file: /cvsroot/samba/source/utils/net_ads.c,v
retrieving revision 1.37.2.12
diff -p -u -r1.37.2.12 net_ads.c
--- utils/net_ads.c 24 Feb 2003 03:06:45 -  1.37.2.12
+++ utils/net_ads.c 14 Mar 2003 15:55:45 -
@@ -122,6 +125,7 @@ static ADS_STRUCT *ads_startup(void)
ADS_STATUS status;
BOOL need_password = False;
BOOL second_time = False;
+   char *cp, *realm_save = NULL;

ads = ads_init(NULL, NULL, opt_host);
 
@@ -147,7 +151,29 @@ retry:
 
ads->auth.user_name = strdup(opt_user_name);
 
+   /*
+* If the username is of the form "[EMAIL PROTECTED]", 
+* extract the realm and convert to upper case.
+* This is only used to establish the connection.
+*/
+   realm_save = ads->auth.realm;
+   if (cp = strchr(ads->auth.user_name, '@')) {
+   *cp++ = '\0';
+   ads->auth.realm = cp;
+   strupper(ads->auth.realm);
+   }
+
status = ads_connect(ads);
+
+   /*
+* Restore the realm name.  If there wasn't one,
+* default to the configuration realm.
+*/
+   if( realm_save == NULL )
+   realm_save = strdup(ads->config.realm);
+
+   ads->auth.realm = realm_save;
+
if (!ADS_ERR_OK(status)) {
if (!need_password && !second_time) {
need_password = True;

RE: [PATCH] Joining domains specifying auth realm

RE: [PATCH] Joining domains specifying auth realm

Re: [PATCH] Joining domains specifying auth realm

[PATCH] Joining domains specifying auth realm

4 matches

Site Navigation

Mail list logo

Footer information