krb5_db_init being used in do_as_req.c
Anil Belur
abelur at novell.com
Tue Aug 29 07:57:57 EDT 2006
Hello,
We are enabling the LDAP plugin to update the attributes like
krbLastSuccessfulAuth, krbLastFailedAuth and krbLoginFailedCount.
I came across some parts of the code are which are not DAL enabled.
These parts of the code contains reference to krb5_db_init and
krb5_db_set_name API's. (do_as_req.c and loadv4.c)
The problem occurred while doing a configure with --with-kdc-kdb-update
option.
Build details:
gcc -L../lib -Wl,-rpath -Wl,/home/builds/krb5-1.5/bins//lib -g -Wall
-Wmissing-prototypes -Wcast-qual -Wcast-align -Wconversion -Wshadow -o
krb5kdc kdc5_err.o dispatch.o do_as_req.o do_tgs_req.o kdc_util.o
kdc_preauth.o main.o network.o policy.o extern.o replay.o kerberos_v4.o
-lkadm5srv -lkdb5 -lgssrpc -lgssapi_krb5 -lkrb4 -ldes425 -lkrb5
-lk5crypto -lcom_err -lkrb5support -lresolv -ldl -lapputils
do_as_req.o(.text+0xfab): In function `process_as_req':
/home/builds/krb5-1.5/src/kdc/do_as_req.c:481: undefined reference to
`krb5_db_set_name'
do_as_req.o(.text+0xfbe):/home/builds/krb5-1.5/src/kdc/do_as_req.c:483:
undefined reference to `krb5_db_init'
I was considering replacing the existing with the code with the code
below. (in do_as_req.c)
#ifdef KRBCONF_KDC_MODIFIES_KDB
if (update_client) {
krb5_db_put_principal(kdc_context, &client, &c_nprincs);
/*
** ptooey. We want krb5_db_sync() or something like
that.
**/
krb5_db_fini(kdc_context);
if (kdc_active_realm->realm_dbname)
+ if ((errcode =
krb5_set_default_realm(kdc_active_realm->realm_context,
kdc_active_realm->realm_dbname))) {
+ return errcode;
}
+ if((errcode =
krb5_db_open(kdc_active_realm->realm_context, db_args,
+ KRB5_KDB_OPEN_RW |
KRB5_KDB_SRV_TYPE_KDC)))
return errcode;
/* Reset master key */
krb5_db_set_mkey(kdc_context,
&kdc_active_realm->realm_mkey);
}
#endif /* KRBCONF_KDC_MODIFIES_KDB */
Let me know if this is fine.
Thanks,
Anil Belur
More information about the Kerberos
mailing list